Hit "Enter" to search or "Esc" to close.

Your privacy is important to us.

This website uses cookies to help deliver its services. By using this website, you agree to the use of cookies as outlined in our Cookie Policy.

  • Home
  • Sectors & Solutions
    • Brexit Legal Support
    • Charities & Social Enterprises
    • Energy & Renewables
    • InterTradeIreland Emergency Business Solutions
    • Manufacturing Law
    • Property Developers & Construction
    • Technology Law
    • The Legal Technology Group
    • eDiscovery
    • CFR HR
    • ESG Hub
  • Expertise
    • Banking & Finance
    • Commercial
    • Commercial Real Estate
    • Construction
    • Corporate & M&A
    • Data Protection
    • Dispute Resolution
    • Employment
    • Planning & Environment
    • Foreign Direct Investment
    • Insolvency & Business Restructuring
    • Intellectual Property & Technology
    • Personal Legal Matters
    • Private Equity & Venture Capital
    • Public Procurement
    • Public & Administrative
    • Tourism & Licensing
  • People
    • People
    • Join Our Team
    • Trainee Programme
  • News & Insights
    • News
    • Legal Insights
    • Social
  • About
    • About Us
    • Clients
    • Corporate Social Responsibility
  • Legal Technology
    • The Legal Technology Group
    • Frequently Asked Questions
    • Insights
    • Electronic Discovery Reference Model
  • ESG Hub
  • Get In Touch
Cleaver Fulton Rankin Solicitors, Belfast Logo
Contact
  • Sectors & Solutions
    • Brexit Legal Support
    • Charities & Social Enterprises
    • eLearning
    • Energy & Renewables
    • InterTradeIreland Emergency Business Solutions
    • Legal Technology
    • Manufacturing Law
    • Property Developers & Construction
    • Technology Law
    • CFR HR
    • ESG Hub
  • Expertise
    • Banking & Finance
    • Business & Private Immigration
    • Commercial
    • Commercial Real Estate
    • Construction
    • Corporate & M&A
    • Data Protection
    • Dispute Resolution
    • eDiscovery
    • Employment
    • Planning & Environment
    • Foreign Direct Investment
    • Insolvency & Business Restructuring
    • Intellectual Property & Technology
    • Personal Legal Matters
    • Private Equity & Venture Capital
    • Public Procurement
    • Public & Administrative
    • Tourism & Licensing
  • People
    • People
    • Join Our Team
    • Trainee Programme
  • News & Insights
    • News
    • Legal Insights
    • Social
  • About
    • About Us
    • Clients
    • Corporate Social Responsibility
  • Legal Technology
    • The Legal Technology Group
    • Frequently Asked Questions
    • Insights
    • Electronic Discovery Reference Model
  • ESG Hub
  • Get In Touch
Contact

Data Protection at the End of the Brexit Transition Period – Is your Business Ready?

< Back to Legal Insights

The General Data Protection Regulation (GDPR) came into force on 25 May 2018. It was brought into UK law by the Data Protection Act 2018. It replaced the Data Protection Act 1998. The new regime imposed additional obligations on data controllers who process personal data and provided enhanced rights to data subjects concerning their personal data.

Personal data is any data that can identify a living individual(“the data subject”)  either from the data itself or by other data held by a controller. Processing covers any use of personal data. A controller is a party that decides how personal data is being processed.

The majority of businesses in Northern Ireland are SMEs. They will be controllers for data protection legislation purposes if they process personal data, i.e., customer contact details, email addresses, etc.

The UK has exited the EU. The transition period ends on 31 December 2020. When the transition period expires, GDPR will be retained in domestic law, but the UK will have the independence to keep this under review. UK GDPR will have an amended version of the Data Protection Act 2018. The Government has already set out its planned amendments.

Post transition key principles concerning data protection as well the rights and obligations will remain. For a business which trades only in Northern Ireland with only local customers and no intention to trade in the EEA, the burden of compliance will be much less. As a minimum, it will need to consider registration with the UK Information Commissioner’s Office is required. It will also have to check that all formal documents are amended to make it that the UK is no longer a member state of the European Union and no longer party to the transitional arrangements. EU GDPR will no longer have a direct effect and will be replaced by UK GDPR. Relevant documents may include data protection policies and procedures, privacy notes, data processing and data sharing agreements. Changes should be in place by 1 January 2021.

The impact on businesses who trade in the EU will be larger. This will apply to any UK controller which has an establishment in the EEA, customers in the EEA or monitor individuals in the EEA. In addition to implementing or amending contractual documents, those businesses will also need to consider:

  • Any transfers of personal data between UK and EEA will be considered a “restricted transfer,” i.e., they are no longer considered a safe transfer and will require a lawful mechanism, i.e., an adequacy decision by the UK/EEA or the adoption of adequate safeguards such as standard contractual clauses. Businesses will need to check their arrangements in relation to transfers within the EEA and may need to amend contractual arrangements.
  • Appointing an EU representative under EU GDPR

Small businesses are already dealing with the consequences of a pandemic. Resources are strained and are being used on priorities. However, regulatory obligations under data protection legislation have not been suspended during COVID 19. Businesses that process personal data must comply. There can be significant penalties for non-compliance, especially when it results in a data breach.

This article has been produced for general information purposes and further advice should be sought from a professional advisor. For advice or information, please contact our Data Protection team at Cleaver Fulton Rankin.


« Previous Article
Next Article »

Author(s)


Person Thumbnail

Michael King

Director

Email Icon    |    view profile

How can we help you?


Call us on the Belfast number below or send us a message and one of our team will be in touch.

028 9024 3141
Send us a Message

How can we help you?


Contact
GDPR Compliance *

Related Areas


  • Data Protection
  • Brexit Advice
Cleaver Fulton Rankin Logo

Belfast Commercial Law Firm:

Cleaver Fulton Rankin,
50 Bedford Street,
Belfast, BT2 7FW

Tel: 028 9024 3141
E: info@cfrlaw.co.uk

Social Media Icon Social Media Icon Social Media Icon Social Media Icon

Privacy Policy
Cookie Policy
Disclaimer

© 2022 Cleaver Fulton Rankin - Solicitors, Belfast
Created by WebsiteNI

Current Awards

Award
Award
Award
Award
Award
Award
Award
Award
Award

Social Media Icon Social Media Icon Social Media Icon Social Media Icon

Privacy Policy    |    Cookie Policy    |    Disclaimer

© 2022 Cleaver Fulton Rankin - Solicitors, Belfast    |    Created by WebsiteNI

© 2022 Cleaver Fulton Rankin - Solicitors, Belfast    |    Responsible Business    |    Privacy Policy    |    Cookie Policy    |    Disclaimer    |    Created by WebsiteNI

Social Media Icon Social Media Icon Social Media Icon Social Media Icon