While it is increasingly unlikely that the UK will leave the EU without a data protection agreement, we have provided this statement to confirm the arrangements we have in place now for safeguarding data and our intentions in the event of a no-deal Brexit.
Currently we share data across all our branch offices and we envisage this will continue post-Brexit. We have branches in the UK, the EU, the Americas and Asia. We have a suite of data sharing agreements between all our branches which governs the transfer of data overseas and an information handling policy to which all our staff and contractors must adhere.
In the event of a no-deal Brexit, we will ensure that these data sharing agreements are updated in a way which supports the continued transfer of data and adhere to the high standards of data protection required by the legislation relevant to all countries in which we have a branch. We will also make contact with existing/potential EU-based clients as necessary and invite them to enter into a data sharing agreement with us post-Brexit so that they are transferring data to us legitimately in a situation where the UK would be classed as a ‘third country’ for data protection purposes.
In the event of a Brexit based on a withdrawal agreement, EU data protection legislation will continue to apply to the UK throughout the transition period. This means there will not be any restrictions on the transfer of personal data from the EEA to the UK, or vice versa. We will however ensure our internal data sharing agreements, external data sharing agreements and peripheral policies and procedures adhere to the specific standards and requirements of the final agreement.
In the meantime, if you have any queries or concerns regarding the measures we have in place, please contact firstname.lastname@example.org.
This statement was last updated on 24 October 2019.