EN

      Home > Newsroom > Gdpr And Brexit

      What to consider when it comes to a “hard Brexit”

      Image 9 1200x627

      What you need to consider in your GDPR compliance program when it comes to a “hard Brexit”

      With the official referendum on June 23rd, 2016, resulting in an overall vote of 51.9% for the United Kingdom to leave the EU, it is expected to become a reality this year on March 29th by the British Government based on Article 50 Paragraph 1 of the General Treaty.

       

      Many debates discuss whether a “hard Brexit”, meaning the rejection of close alignment including single market and customs union with the EU, would be the only possibility for the UK’s exit. However, in terms of GDPR the exit may trigger other factors.

      Regardless of the cogitation whether a “hard Brexit” could be avoided through new negotiations, the parties must prepare for the coming scenario; a “hard Brexit” has conceivably broad data protection implications on dataflows, processes, and documentation.

      Companies inside the EU that continue to operate in the UK as joint-ventures, or that have parts of their supply chain or IT-supported processes there (e.g., data centers, branches) or that must in any way continue to exchange data with the UK would be among the most affected.

      Even if the solution is another negotiated exit, it would still have broad implications, as it is still not clear to what extent the UK would continue to comply with the guidelines of the EU General Data Protection Regulation (GDPR) or if an adequacy decision between the EU data privacy legislation and a new law for the UK would unfold.

      As the 29thof March 2019 quickly approaches, so does the possibility of the UK becoming a “Third Country” after leaving the EU in matters concerning the GDPR.

      Consequently, we can assume that entities in the EU transferring data into the UK will have to follow new rules on data privacy and will have to adapt the necessary documents.

       

      • The GDPR information sheet on data processing and privacy policy of a website according to Article 13 Paragraph 1 Section f. or Article 14 Paragraph 1 Section f. determines that a Third Country should be informed about data transfer
      • If an affected person exercises his or her right of access to information, the affected person shall be entitled to obtain information also from Third Countries (according to Article 15 Paragraph 1 Section C Paragraph 2)
      • In the directory of processing activities, data transfers in Third Countries should be specifically defined as such and further information on this topic should be also indicated (Article 30 Paragraph 1 Section e and Article 30 Paragraph 2 Section c)
      • If necessary, Data Privacy Impact Assessments (DPIAs) should be carried out or reviewed also in the United Kingdom given its status as a Third Country (Article 35)

       

      With a team comprised by experienced data security experts and certified data security auditors, Natuvion can help you with the analysis of data flows with the UK and the adaptation of the data transfer directory and processing activities. We also answer legal questions regarding data transfers in doubtful third countries with the support of our partner, the legal office SKW Schwarz Munich.

      Related News

      Your Project setup for success: where to begin?

      Sep 13, 2023

      Your Project setup for...

      There is a transformation project waiting for you in the...

      Read More
      Natuvion takes over the business operations of Slovakian LL Consulting

      Sep 1, 2023

      Natuvion takes over the...

      Natuvion Slovakia took over the business operations of SAP...

      Read More

      Jul 18, 2023

      "Natuvion DCS is a man-day...

      Natuvion is a great company for partners, says Ben McGrail....

      Read More
      Quo vadis SAP Business ByDesign? Meet the alternatives!

      Jun 26, 2023

      Quo vadis SAP Business...

      When SAP decided to transition its solution portfolio to...

      Read More
      Cutover: How to reach the migration pinnacle!

      Jun 6, 2023

      Cutover: How to reach the...

      The Cutover is the pinnacle of any migration or...

      Read More
      EN_Downloads_SuccessStory_LichtBlick

      May 12, 2023

      Bye Oracle, hi powercloud

      LichtBlick successfully migrates over one million customer...

      Read More
      EN_Downloads_SuccessStory_SENEC

      May 9, 2023

      Successful data migration...

      SENEC trusts Natuvion to migrate its subledger accounting...

      Read More
      DE_Downloads_SuccessStory_schweizstrom-IDS

      Apr 21, 2023

      GDPR-compliant data...

      schweizstrom uses Natuvion Intelligent Data Store to...

      Read More

      Never miss information again. Subscribe to our newsletter!