As of 01 January 2021, the way the EU treats data transfer to and from the UK is likely to change.
If the EU does not make an adequacy decision on the UK during the transition period, GDPR transfer rules will apply to any data coming from the European Economic Area (EEA) into the UK.
To comply with these rules, businesses may have to take steps to put GDPR safeguards in place to ensure data can continue to flow in from the EEA.
Action to take
- Check the UK Information Commissioner’s Office (ICO) website for any changes to UK data protection law after 31 December 2020.
- Review where your data is stored, even if you don’t transfer data to and from the EU. You may find that, for example, your cloud computing supplier hosts your data in the EEA. If this is the case, transfer your data to the UK before 01 January 2021 to prevent any issues resulting from a no deal Brexit.
- Speak to your relevant industry body to find out which regulation changes could impact your business.
- Check to see if your privacy rules, terms and conditions, contracts, and other documentation needs amending as a result of any new incoming data protection laws and other regulations.
Find more helpful information, guides and resources to help your business prepare for the UK’s transition on 01 January 2021 by visiting the North East Growth Hub’s UK Transition Toolkit.