As well as providing for free trade in goods the EU-UK Brexit deal approved on 30 December brought some welcome clarity to the treatment of personal data now that UK GDPR is a wholly separate legal regime from EU GDPR.
In this session we will explore the practical implications of:
- The "grace period" of up to six months allowing transfers of personal data from the EU/EEA to UK
- EU approval of new Standard Contract Clauses and the need for "additional measures" following the Schrems II ruling
- Overseas' organisations' need for separate Article 27 representatives for EU/EEA and UK
- Data subject rights and breach response under UK GDPR and GDPR. Is there a risk of double enforcement?