PROSPER MAGAZINE: DIGITAL EDITION
LEAVING EUROPE AND DATA PROTECTION
Don't get caught out by the new year data protection changes says Solicitor David Campbell from DPA/OK.
A local Solicitor is warning businesses not to overlook the issue of data protection after the end of the transition period- 31st December this year.
David Campbell a specialist data protection Solicitor at DPA/OK warns that whilst the European General Data Protection Regulation [‘GDPR’] still applies in the UK meaning businesses in Europe [the European Economic Area] can freely send personal data to the UK significant changes will come in to effect on the 1st January 2021.
From that date the European GDPR will cease to apply in the UK [there will be a similar ‘UK’ GDPR] with the UK becoming what is known as a ‘third country’.
However, European businesses will need to comply with their version of the GDPR when it comes to sending personal data ‘out’ of Europe to the UK.
The UK government is trying to secure a finding from the EU that the UK’s data protection regime is ‘adequate’ which would allow personal data to flow freely as it does now. However, time is running out and such a finding is not guaranteed.
David advises businesses who rely upon personal data flows from Europe to put in place measures to ensure these can still lawfully take place. For instance, they can look to enter into a contractual agreement with those organisations they do business with.
As well as the issue of data flows any UK business who offer goods/ services to European citizens or monitors them (and who do not have a physical presence in Europe) must still comply with the European GDPR. They will usually need to appoint a ‘EU representative’ to act as their agent for data protection matters in Europe.
This representative will be a point of contact for data protection regulator(s) in Europe and for individuals whose personal data is processed by the UK business.
For further information contact DPA/OK on 01902 229817 or 07397 943394