Language Switcher

    Data Identification & Clustering

    Migration

    Transformation

    Quality & Integrity

    Platform Integration

    Data Privacy & Security

    Simulation & Automation

    Retention & Retirement

    Governance & Support

    Process Excellence

      Home > Newsroom > Gdpr And Brexit

      What to consider when it comes to a “hard Brexit”

      Image 9 1200x627

      What you need to consider in your GDPR compliance program when it comes to a “hard Brexit”

      With the official referendum on June 23rd, 2016, resulting in an overall vote of 51.9% for the United Kingdom to leave the EU, it is expected to become a reality this year on March 29th by the British Government based on Article 50 Paragraph 1 of the General Treaty.

       

      Many debates discuss whether a “hard Brexit”, meaning the rejection of close alignment including single market and customs union with the EU, would be the only possibility for the UK’s exit. However, in terms of GDPR the exit may trigger other factors.

      Regardless of the cogitation whether a “hard Brexit” could be avoided through new negotiations, the parties must prepare for the coming scenario; a “hard Brexit” has conceivably broad data protection implications on dataflows, processes, and documentation.

      Companies inside the EU that continue to operate in the UK as joint-ventures, or that have parts of their supply chain or IT-supported processes there (e.g., data centers, branches) or that must in any way continue to exchange data with the UK would be among the most affected.

      Even if the solution is another negotiated exit, it would still have broad implications, as it is still not clear to what extent the UK would continue to comply with the guidelines of the EU General Data Protection Regulation (GDPR) or if an adequacy decision between the EU data privacy legislation and a new law for the UK would unfold.

      As the 29thof March 2019 quickly approaches, so does the possibility of the UK becoming a “Third Country” after leaving the EU in matters concerning the GDPR.

      Consequently, we can assume that entities in the EU transferring data into the UK will have to follow new rules on data privacy and will have to adapt the necessary documents.

       

      • The GDPR information sheet on data processing and privacy policy of a website according to Article 13 Paragraph 1 Section f. or Article 14 Paragraph 1 Section f. determines that a Third Country should be informed about data transfer
      • If an affected person exercises his or her right of access to information, the affected person shall be entitled to obtain information also from Third Countries (according to Article 15 Paragraph 1 Section C Paragraph 2)
      • In the directory of processing activities, data transfers in Third Countries should be specifically defined as such and further information on this topic should be also indicated (Article 30 Paragraph 1 Section e and Article 30 Paragraph 2 Section c)
      • If necessary, Data Privacy Impact Assessments (DPIAs) should be carried out or reviewed also in the United Kingdom given its status as a Third Country (Article 35)

       

      With a team comprised by experienced data security experts and certified data security auditors, Natuvion can help you with the analysis of data flows with the UK and the adaptation of the data transfer directory and processing activities. We also answer legal questions regarding data transfers in doubtful third countries with the support of our partner, the legal office SKW Schwarz Munich.

      Related News

      5 reasons to implement SAP MDG during your SAP S/4HANA transformation

      Jun 9, 2022

      5 reasons to implement SAP...

      With SAP Master Data Governance (MDG), SAP offers a...

      Read More
      SuccessStory_Your Path to GDPR System Compliance!

      Jun 7, 2022

      Your Path to GDPR System...

      Vattenfall partners with Natuvion for its SAP...

      Read More
      SuccessStory_Key to Success: Project Management at its Best

      May 18, 2022

      Key to Success: Project...

      EnBW ODR relies on Natuvion when managing its SAP S/4HANA...

      Read More
      Where to put old data? Legally compliant system decommissioning!

      May 11, 2022

      Where to put old data?...

      Since it became possible to manage business data digitally,...

      Read More
      Energy Turnaround in the Digital Era with SAP Utilities Core

      Apr 22, 2022

      Energy Turnaround in the...

      With the utilities industry actively pursuing plans for the...

      Read More
      Immediate Impact for Increased Security

      Feb 7, 2022

      Immediate Impact for...

      Detailed security analysis of the new ProCom Cloud service...

      Read More
      Destination Cloud

      Jan 25, 2022

      Destination Cloud

      E.ON Energie Deutschland successfully migrates data from...

      Read More
      Short & Sweet: SAP System Carve-Out

      Dec 21, 2021

      Short & Sweet: Smarter SAP...

      Successful demerger: Learn more about the carve-out success...

      Read More

      Never miss information again. Subscribe to our newsletter!