The UK left the EU on 31 January 2020. The transition period lasts until 31 December 2020. During the transition period the GDPR still applies as if we were still in the EU.

At the end of the transition period the Government intends to bring GDPR into UK law which will then sit alongside the Data Protection Act 2018. If no deal incorporating data protection is agreed then the UK will become a third country. Read on to find out what you must be doing now to prepare for this possibility.

Will I need a representative in the EEA.

At the end of the transition period you will need a representative in the EEA if you are offering goods or services to, or monitoring the behaviour of, any individual within the EEA.

Can I send or receive personal data from the EEA?

The Government has announced it will not restrict personal data transfers from the UK to the EEA. Transfers from the EEA to the UK will be governed by the transfer rules. Unless and until the UK obtain adequacy status, which can take some time, an adequate safeguard must be in place. The most common of these is a specifically worded contract.

What you need to do to prepare

You must fully understand and map personal data flows between your organisations and any organisation or individual within the EEA.

Contact us for further information as we have a sister company that can act as your representative in the EEA and prepare any necessary contracts for you. Contact us now for a no obligation quote.

5 thoughts on “Personal data post Brexit: What you must be doing to prepare for a no deal Brexit

Comments are closed.