Success Portal

GDPR & Brexit Preparations

Adam
  • Updated
Follow

The Information Commissioner’s Office are expecting organisations to “prepare for all scenarios”, including planning for the United Kingdom leaving the European Union with no deal. We have been closely following these developments and have planned accordingly.

These plans are administrative and will not impact our operations, service delivery, or safe-keeping of data in any material way. We expect regulators to act proportionately whatever the outcome.

We will provide further guidance here as the situation becomes clearer.

On Exit Day

The EU General Data Protection Regulations (GDPR) have already been enacted in UK law under the Data Protection Act 2018.

On exit, the Withdrawal Regulations will become law, and change the EU GDPR to the UK GDPR in this Act.

The EU GDPR will still exist and the UK will immediately be considered a third country, and will not be formally recognised as having an ‘adequate’ data protection environment.

If there is “no deal”

Under a “no deal” scenario, there are some changes to data transfers that we will make:

  • Where we handle personal data of EU citizens
    We will be ensuring suitable protections are in place. This will include establishing Standard Contractual Clauses with entities transferring data to us, and providing a dedicated representative inside the EU.

  • Where we transfer UK or EU personal data to non-EU countries
    We are reviewing and ensuring all transfers we make to non-EU countries will still be in compliance. This will affect some of the contracts we have in place under US Privacy Shield terms.

  • Where we transfer UK personal data to EU countries
    The UK Government has said it will not impose any restrictions on these transfers. Our transfers of data in to the EU from the UK will remain unaffected.

If there is a deal

The earlier Withdrawal Agreement contained a transition period until at least December 2020.

If this Withdrawal Agreement (or a variation of it) is implemented, we believe that this would provide sufficient time for an adequacy decision to be reached. 

Did this article help you?

0 out of 0 found this helpful

Questions you may have

Still haven't found what you are looking for?

Product development updates
Learn now
Can't find what you are looking for?
Get in touch

Related articles

Comments

0 comments

Article is closed for comments.

top Back to top