Statement on data protection and Brexit implementation – what you need to do

Statement from the Information Commissioner’s Office (ICO) 29th January 2020:

“The UK left the European Union on 31 January and entered a Brexit transition period. During this period, which runs until the end of December 2020, it will be business as usual for data protection. The GDPR will continue to apply and organisations should continue to follow our existing guidance for advice on their data protection obligations.

During the transition period, companies and organisations that offer goods or services to people in the EU do not need to appoint a European representative.

We have updated our Brexit FAQs to reflect this advice. The ICO will continue to act as the lead supervisory authority for businesses and organisations operating in the UK.

It is not yet known what the data protection landscape will look like at the end of the transition period and we recognise that businesses and organisations will have concerns about the flow of personal data in future.

We will continue to monitor the situation and update our external guidance accordingly. Our full suite of Brexit guidance and materials, to enable you to prepare for all scenarios, is available here.”