The Brexit transition period ended on 31 December 2020, and all UK organisations need to review their documentation and procedures to ensure they remain complaint.
Does the data protection law after 31 December 2020 apply in the UK after Brexit?
The answer is that EU GDPR does not apply in the UK after the end of the Brexit transition period of 31 December 2020. However, the UK’s Data Protection Act 2018 has already enacted the previous requirements to form a new, UK specific data protection regime. This new regime is known as the UK GDPR and applies from 1 January 2021 to all organisations that process personal data.
All UK organisations therefore need to ensure that they are now compliant with the new UK GDPR, and need to amend their GDPR documentation to align it with the requirements of the UK GDPR. In particular, firms should review and update their privacy notice, which may be readily available on their website, together with other relevant documentation.
For example, a change may be needed in relation to the transferring of personal data - in the past this may have covered transferring data outside the EU whereas now it will be restricted to transferring data outside the United Kingdom.
If you have any questions about the above, or would like more information specific to your circumstances, please enter your email address below and we will get in touch: