The UK has left the EU and the transition period will end on 31 December 2020. If you are a UK business or organisation that receives personal data from the EU or EEA, you may need to take extra steps to ensure that the data can continue to flow legally as we transition to our new relationship with the EU in January 2021.
Visit gov.uk (https://www.gov.uk/guidance/using-personal-data-after-brexit) to check how you can legally continue to receive personal data such as names, addresses or payroll details from organisations in the EU or EEA from January 2021. This site has links to a range of other sources of relevant information, including those of the Information Commissioner’s Office (ICO) which is the lead department of government on this topic. You may need to update your contracts or take other steps.
What is personal data? Personal data is any information that can be used to identify a living person. This type of information is regularly used in the daily running of businesses and organisations - for example, in relation to human resources, sales, purchasing or marketing.
What is an example of personal data transfer from an EU/EEA partner?
- A UK company that receives customer information from an EU/EEA company (see which countries this applies to), such as names and addresses of customers, suppliers or partners to provide goods or services.
- It could also be internet protocol (IP) addresses or human resources data, such as staff working hours and payroll details.
Businesses or organisations that receive this kind of information from an EU/EEA company to provide goods or services should check how they can legally keep receiving the data from January 2021.
There may be additional steps you need to take to help your business or organisation prepare for January 2021. To understand the comprehensive changes for your business, use the simple tool on www.gov.uk/transition to get a personalised summary of the actions you need to take.