The ICO has issued new steerage setting out key concerns when reviewing privateness notices on the finish of the Brexit transition interval.
The steerage units out practical modifications to be made akin to amending references to ‘Union Regulation’ to mirror the proper terminology below new UK knowledge safety laws. Nevertheless, put up transition interval, companies and organisations that beforehand loved problem free private knowledge transfers from the EU to the UK will now want to make sure that a GDPR accredited mechanism is used and this mechanism will even must be mirrored of their privateness notices.
Moreover, these UK primarily based companies and organisations who want to proceed with knowledge transfers within the EU however wouldn’t have an institution in any Member State, shall be required to nominate an EU consultant, particulars of which will even must be set out of their privateness notices.
While the substantive info in present privateness notices is prone to keep the identical, companies will must be pro-active in guaranteeing that their notices are compliant with each the GDPR and UK knowledge safety laws on the finish of the transition interval.
Info required in your privateness discover is unlikely to vary. Chances are you’ll have to:
(a) overview your privateness discover to mirror modifications to worldwide transfers,
(b) overview references to your lawful bases or circumstances for processing if any check with ‘Union regulation’ or different terminology modified within the UK GDPR, and
(c) establish your EU consultant (in case you are required to have one)