Brexit No-Deal what does that mean for UK organisations?

Handling personal data is an issue all organisations face with Brexit closely approaching the concerns of the business community increase, of a no-deal Brexit was to take place. However, in the event of a no-deal Brexit, there would be no immediate change in the Uk's own data protection standards.

The Data Protection Act 2018 would still remain intact and the EU Withdrawal Act would incorporate the GDPR inline with the UK law.

However, the legal framework governing the transfer of personal data from EU to the UK would change on exit. All transfers of personal data from the EU to the UK will need to have lawful transfer mechanisms in place, in order to be permissible under the EU law.

Organisations would still be able to continue to send personal data from the UK to the EU. As the UK at the point of exit; continue to allow the free flow of personal data from the UK to the EU. With the UK keeping this under review.

What you would need to do

The European Commission has not yet indicated a timetable for this and has stated that the decision on adequacy cannot be taken until we are a third party country.

If there is no adequate decision regarding the UK at the point of exit and you to receive personal data from organisations established in the EU (including data centres) then you should consider assisting your EU partners in identifying a legal basis for those transfers.

To continue trading with as little or no disruptions organisations need to show that they have sufficient measures in place for their customers' data. As Brexit doesn't give organisations any exit clause, especially those ones who will continue to hold the personal data of EU citizens going forward.

Attached Media

About ConsentEye

Paul Tarantino founded ConsentEye in 2017 after seeing many Enterprise businesses spending double digit millions of pounds building their own consent management/realtime decision engines to manage customer preferences in line with new Data Privacy Regulations. There was nothing available off-the-shelf at that time so with a career working at the cutting edge of IT helping global CXO's fix business issues with technology he decided to build a world class consent lifecycle management system for organisations that needed a solution fast, for an affordable price to comply with the GDPR. It is was the first GDPR compliant Consent Lifecycle Management Cloud Platform. ConsentEye enables organisations to comply with the GDPR, enables their customers to withdraw consent and increase efficiencies by centralising all consent captured across multiple systems and applications.