The General Data Protection Regulation (GDPR) is an EU-wide standard for protecting people’s data. It sets out the high standards of data protection and obligations that all businesses must meet when processing personal data.
We are working with our EU partners to ensure sufficient protection is in place for data being transferred after the transition.
If your business involves the transfer of personal data to or from the UK, you should ensure that sufficient protections are in place so that you can continue to transfer personal data after the transition period.
This includes transfers such as mailing lists if you have UK based clients, or employee data if you use a UK-based payroll firm etc. It also includes data storage and website hosting where this involves personal data.
Data protection and commercial transfers of personal data are regulated at the EU level and there is a range of measures that enable such transfers to and from third countries.
All companies are advised to review their existing processes and contracts to assess whether they involve data transfers to the UK and to ensure compliance with data protection regulations. See the Data Protection Commission’s Guidance note for information here