Data protection guidance for business through Brexit

Coming to central London on March 6th, Brexit Briefing will give business owners, IT professionals and data experts an opportunity to understand all potential data protection scenarios as the UK prepares to formally withdraw from the EU.

Further guidance on adhering to data law standards through Brexit was recently released by the European Data Protection Board (EDPB), to help companies remain compliant should Theresa May fail to secure a deal in Brussels between now and March 29th.

Beyond mitigating regulator action, it is imperative that organisations know how to move if they are to retain a competitive edge in these rapidly shifting political and legal landscapes.

The situation is even more pressing for companies that rely on cross-border data transfers. An information note published by the EDPD recently, said:

“When transferring data to the UK, you should: identify what processing activities will imply a personal data transfer to the UK; determine the appropriate data transfer instrument for your situation.

“Implement the chosen data transfer instrument to be ready for 30 March 2019; indicate in your internal documentation that transfers will be made to the UK; update your privacy notice accordingly to inform individuals.”

Compliant data transfer guidance

The EDPB also highlighted standard contract clauses (SCCs) endorsed by the European Commission, a “ready-to-use instrument” for companies seeking to implement data transfers.

SCCs were described as “likely to be relevant to most Irish businesses that transfer personal data to the UK” in a no-deal Brexit scenario.

Also known as ‘model clauses’, SCCs were developed by the European Commission to facilitate cross-border contracts, helping to create a contractual framework for how personal data must be handled when transferred outside of the EU to a ‘third country’ – which Britain will become in the event of a no-deal.

Brexit Briefing by Data Protection World Forum

Attendees can learn more about compliant cross-border contracts at Brexit Briefing, coming to 1 America Square, 17 Crosswall, London on Wednesday 6th March.

Featuring an in-depth agenda on all key compliancy issues, Brexit Briefing brings together experts, official figures and leading commentators in data protection, to bring clarity on data protection through the Brexit lens.

Speakers include:

  • Ivana Bartoletti, Head of Privacy and Data Protection at Gemserv
  • Eleonar Duhs, Director at Fieldfisher, privacy and information law specialist
  • Hellen Beverage, Privacy Lead at Data Oversight
  • Ian West, Executive VP and COO at GDPR Associates

Eleonor Duhs, Director of Technology, Outsourcing and Privacy at Fieldfisher, says:

“The UK’s withdrawal from the European Union will mark the start of what looks to be a protracted period of uncertainty. This session will consider where we are now, the likely pressure points in future negotiations and the possible shape of the UK’s relationship with the European Union in the years to come.”

Register today

Brexit Briefing by Data Protection World Forum takes place in less than two weeks’ time, with the UK’s planned withdrawal from the EU due to take place on March 29th.

Click here to register your place.


PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.

For more information on upcoming events, visit the website.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.