How to create safe passwords
November 6, 2020
Can I forget about GDPR after Brexit?
We look at whether GDPR still applies to UK businesses now the UK has left the EU.
One of the changes we’ll feel in 2021 is that many EU regulations will no longer directly apply in the UK. Does that mean we can forget about GDPR? Before you break out the champagne…read on.
EU GDPR requirements were actually copied into law under the UK Data Protection Act 2018. In reality, UK businesses were always really complying with UK DPA 2018 but everyone was calling them GDPR. There are some minor differences, but the UK regulations are almost identical to GDPR so businesses in the UK will still have the same legal obligations. The regulator for UK data protection law (the ICO) will still work as normal and it has already committed to upholding the high standards of the EU’s GDPR.
The good news is that businesses operating solely within the UK (which is many of us!) won’t really see a major difference. Compliance and enforcement will continue, and the ICO will continue to pursue those who don’t comply with DPA 2018.
These clauses provide protection under GDPR for the EU citizens whose data you’re processing.
Depending on the nature of your business with EU citizens, you may also need to register with a representative in the EU to act as your point of contact for EU citizens. This representative will also manage your relationship with EU data protection authorities (every EU country has their own version of the UK’s ICO)
If you’re unsure about what your small business must do to remain compliant with UK data protection regulations (or even whether GDPR still applies to you!) then drop us a line at hello@weareastrid.co.uk
One of the changes we’ll feel in 2021 is that many EU regulations will no longer directly apply in the UK. Does that mean we can forget about GDPR? Before you break out the champagne…read on.
UK-focused businesses
It’s true that UK businesses that only operate in the UK will no longer need to comply directly with GDPR – because those are European regulations for members of the European Union…but there’s a catch!EU GDPR requirements were actually copied into law under the UK Data Protection Act 2018. In reality, UK businesses were always really complying with UK DPA 2018 but everyone was calling them GDPR. There are some minor differences, but the UK regulations are almost identical to GDPR so businesses in the UK will still have the same legal obligations. The regulator for UK data protection law (the ICO) will still work as normal and it has already committed to upholding the high standards of the EU’s GDPR.
The good news is that businesses operating solely within the UK (which is many of us!) won’t really see a major difference. Compliance and enforcement will continue, and the ICO will continue to pursue those who don’t comply with DPA 2018.
UK businesses with clients in the EU
The picture is a bit more complicated for UK businesses that have clients in the EU. From 1 January 2021 any data you receive from EU countries will be an “export” that must be protected under GDPR. This means you will have to put special contractual arrangements in place to manage those transfers.These clauses provide protection under GDPR for the EU citizens whose data you’re processing.
Depending on the nature of your business with EU citizens, you may also need to register with a representative in the EU to act as your point of contact for EU citizens. This representative will also manage your relationship with EU data protection authorities (every EU country has their own version of the UK’s ICO)
If you’re unsure about what your small business must do to remain compliant with UK data protection regulations (or even whether GDPR still applies to you!) then drop us a line at hello@weareastrid.co.uk
