GDPR, General data protection regulation compliance logo. Server room background.

Data protection post-Brexit: Information from the ICO

On the 31st January 2020 the UK left the European Union and enters the Brexit transition period.

During this transition period, which runs until the end of December 2020, it will be business as usual for data protection and compliance according to the ICO.

The ICO has confirmed that the GDPR will continue to apply. Businesses and organisations that process personal data should continue to follow the ICO’s existing guidance for advice on their data protection obligations.

In an update to previous guidance the ICO has indicated that, during the transition period, companies and organisations that offer goods or services to people in the EU do not need to appoint a European representative. The ICO has updated its Brexit FAQs to reflect this new advice. The ICO will continue to act as the lead supervisory authority for businesses and organisations operating in the UK.

While it’s not yet known what the data protection landscape will look like at the end of the transition period the ICO  has shown it recognises that businesses and organisations will have concerns about the flow of personal data in the future and will continue to provide guidance during the transition period.

We will continue to monitor the situation and provide links to ICO guidance where we think it will be beneficial to our clients.

The ICO’s full suite of Brexit guidance and materials, to enable you to prepare for all scenarios,can be accessed here.