Skip to main content

Is your business baffled by Brexit? This is what's happening with data protection

With our exit from the EU ‘officially’ coming at the end of 2020, many businesses have been left wondering what exactly they should be doing about data protection, and how important it is that your organisation meets GDPR guidelines. Don’t worry if your business is feeling baffled - here are the key facts you need to be aware of if your business stores personal data outside the UK. 

What is GDPR?

GDPR stands for the General Data Protection Regulation, and it's a privacy ruling from the EU. It concerns the privacy and protection of all personally identifiable information, and it came into force on 25th May 2018.

Under GDPR, your business is required to protect the personal data of both customers and employees. It applies to Business-to-Consumer (B2C) and Business-to-Business (B2B) organisations - in fact any organisation which stores or processes data of EU citizens. Your business does not need to be based in the EU for these regulations to apply.

Wait, haven’t we left the EU yet?

The UK is now in a transitional period until the end of 2020 in order to develop a new trade agreement with the EU. This means that no changes need to be made in the way that you process and store data until the end of 2020; you just need to continue to meet the EU's GDPR guidelines.

What should businesses do after 2021?

It’s difficult to know for certain, as we’re not sure how the negotiations with the EU will progress. According to the ICO, ‘The Data Protection Act 2018 (DPA 2018), which currently supplements and tailors GDPR within the UK, will continue to apply. The provisions of GDPR will be incorporated directly into UK law from the end of the transition period, to sit alongside the DPA 2018.’ 

If this takes place at the end of the transition period, and the provisions of GDPR are incorporated directly into UK law, then businesses won’t need to make any changes to how they process and store data - they just need to continue to meet the Data Protection Act’s guidelines, and follow updates and guidance from the Information Commissioner's Office (ICO)

The EU and adequacy agreements 

Countries that are not part of the European Union use adequacy agreements as a way of protecting personal data. This agreement states that the EU is satisfied that the non-EU country meets their standards of data protection, and as such agrees that data can flow between the non-EU country and EU countries. As such, this could be beneficial to the UK. The assessment for an adequacy agreement began on 1st February 2020.

However, the EU might not accept our data protection guidelines unless there’s a stipulation that we update our Data Protection Act in alignment with GDPR - in order to preserve the privacy of EU citizens as technology progresses. If the UK diverges from this alignment, that may cause problems in data transfers between the EU and UK, and we may fail to meet the EU's standards.

In this instance, assuming no adequacy agreement is reached, the UK would become what is known as a 'third country'. A third country is a country which the EU deems offers insufficient data protection for EU citizens, and would mean that data transfer between the UK and the EU would be illegal. This would have huge ramifications for businesses in the UK, who may have to change where they store their data.

So what should businesses do?

It's important to keep checking the ICO website and following their advice and guidance in regard to Brexit. The ICO doesn't expect their guidance or advice to change between now and the end of 2020, but keeping an eye on Brexit and the implications it has for data protection is necessary if you store personal data outside of the UK.

If you do feel that you need further advice on GDPR, consider getting in touch with CyberShelter. They offer GDPR compliance advice, and can help you stay abreast of data protection news and updates.

Tweet us @TranscenditUK


The Transcendit Way

Transcendit understand that when you choose to work with us, whether we're taking care of your IT, app or web development, you're trusting us with part of your business. So whether we're looking after your computers, phone systems or servers we always do things 'the Transcendit way'.

The whole of our team adhere to the same values, beliefs and policies - the principles that were written when Transcendit first formed in 2000. Whether you come to us for cloud services or recovery backup you can be confident that you'll always receive the same excellent service.

The Transcendit way outlines how we do business; following the same straightforward principles with every client and customer, regardless of how big or small they may be.

That means we get to know you and your business. We offer you a friendly, professional and efficient service, and we'll always be honest with you.
We understand that not everybody speaks fluent IT, so we try to explain things in a way that is simple and clear. We always spend as much time as is necessary explaining things to you.
If you need to talk to us about something, no matter how insignificant, we are only ever a phone call away – and we’re never too busy to make you a cup of tea and have a sit down with you in person.
We understand how frustrating it can be when things are late. When we schedule an appointment with you, we are there when you’re expecting us. If something prevents us from getting there, we always call you in advance to let you know.
Sometimes things can go wrong, but we never lie to you or try to cover something up. If things go askew we tell you what’s happened and how we plan to prevent it affecting your business.
We want you to continuously benefit from working with us. We regularly discuss your business and make suggestions for improving systems and processes wherever we can – but we never try to push you into a purchase.
When we quote a fixed price, that's always the amount we charge – you won’t find any nasty surprises on a bill from us. If you are paying by time and materials, we inform you if our approximations could change.
We understand the importance of privacy for your business and your customers. We respect the confidentiality of your data, and we will never pass on your information to third parties.
We appreciate it when you take the time to give us feedback. A system called CustomerSure records our client's responses, so you can trust that our reviews are from real people.
Find out what they're saying here.
Paul is always more than helpful...we'd be lost without him! Angela Fenwick, Streetwise

Based on 12075 reviews our customers rate us 9.8/10. Reviews and ratings by Customersure. 09-October-2024

Transcendit are proud sponsors of CHUF, the Children's Heart Unit Fund.

Transcendit is a Living Wage employer
Transcendit is a Microsoft Gold certified partner
VMWARE partner
Vipre partner
IPCortex partner
WithSecure partner
DELL partner
Barracuda partner
Veeam partner
N-Able partner