Language Switcher

    Data Identification & Clustering

    Migration

    Transformation

    Quality & Integrity

    Platform Integration

    Data Privacy & Security

    Simulation & Automation

    Retention & Retirement

    Governance & Support

    Process Excellence

      Home > Newsroom > Gdpr And Brexit

      What to consider when it comes to a “hard Brexit”

      Image 9 1200x627

      What you need to consider in your GDPR compliance program when it comes to a “hard Brexit”

      With the official referendum on June 23rd, 2016, resulting in an overall vote of 51.9% for the United Kingdom to leave the EU, it is expected to become a reality this year on March 29th by the British Government based on Article 50 Paragraph 1 of the General Treaty.

       

      Many debates discuss whether a “hard Brexit”, meaning the rejection of close alignment including single market and customs union with the EU, would be the only possibility for the UK’s exit. However, in terms of GDPR the exit may trigger other factors.

      Regardless of the cogitation whether a “hard Brexit” could be avoided through new negotiations, the parties must prepare for the coming scenario; a “hard Brexit” has conceivably broad data protection implications on dataflows, processes, and documentation.

      Companies inside the EU that continue to operate in the UK as joint-ventures, or that have parts of their supply chain or IT-supported processes there (e.g., data centers, branches) or that must in any way continue to exchange data with the UK would be among the most affected.

      Even if the solution is another negotiated exit, it would still have broad implications, as it is still not clear to what extent the UK would continue to comply with the guidelines of the EU General Data Protection Regulation (GDPR) or if an adequacy decision between the EU data privacy legislation and a new law for the UK would unfold.

      As the 29thof March 2019 quickly approaches, so does the possibility of the UK becoming a “Third Country” after leaving the EU in matters concerning the GDPR.

      Consequently, we can assume that entities in the EU transferring data into the UK will have to follow new rules on data privacy and will have to adapt the necessary documents.

       

      • The GDPR information sheet on data processing and privacy policy of a website according to Article 13 Paragraph 1 Section f. or Article 14 Paragraph 1 Section f. determines that a Third Country should be informed about data transfer
      • If an affected person exercises his or her right of access to information, the affected person shall be entitled to obtain information also from Third Countries (according to Article 15 Paragraph 1 Section C Paragraph 2)
      • In the directory of processing activities, data transfers in Third Countries should be specifically defined as such and further information on this topic should be also indicated (Article 30 Paragraph 1 Section e and Article 30 Paragraph 2 Section c)
      • If necessary, Data Privacy Impact Assessments (DPIAs) should be carried out or reviewed also in the United Kingdom given its status as a Third Country (Article 35)

       

      With a team comprised by experienced data security experts and certified data security auditors, Natuvion can help you with the analysis of data flows with the UK and the adaptation of the data transfer directory and processing activities. We also answer legal questions regarding data transfers in doubtful third countries with the support of our partner, the legal office SKW Schwarz Munich.

      Related News

      49 percent of companies fall short of transformation goals

      Nov 15, 2022

      Study: 49 percent of...

      A study conducted by Natuvion documents that almost half of...

      Read More
      Lack of in-house expertise is a major challenge when planning a transformation project

      Nov 9, 2022

      Study: Lack of in-house...

      Natuvion has identified show stoppers of digital...

      Read More
      Study: 60 % of Digitalization Projects are Initiated by Management

      Nov 4, 2022

      Study: 60 % of...

      With its latest study, Natuvion documents top executives’...

      Read More
      EN_Downloads_SuccessStory_BMW

      Oct 25, 2022

      Pedal to the Metal:...

      With a size of more than 30 TB, the BMW Group’s SAP ECC...

      Read More
      NTT DATA acquires stake in the Natuvion Group and expands its SAP S/4HANA transformation expertise

      Aug 31, 2022

      NTT DATA acquires a stake...

      NTT DATA Business Solutions AG, the globally leading SAP...

      Read More
      EN_SuccessStory_schweizstrom_powercloud-Migration

      Aug 26, 2022

      In-Cloud Data Migration...

      schweizstrom successfully migrates its data to powercloud...

      Read More
      Near Zero Downtime: Migrations without time pressure

      Aug 23, 2022

      Near Zero Downtime:...

      Time-consuming, complex, and extensive - transformation...

      Read More
      Test systems compliant with data protection: Here's how!

      Aug 22, 2022

      Test systems data...

      Since the introduction of the GDPR, companies are required...

      Read More

      Never miss information again. Subscribe to our newsletter!