On November 1, the divorce between the United Kingdom and Europe should be officially pronounced.
They are many legal implications, at several points. As a result, European regulations, including the GDPR, will no longer apply to the UK. Nevertheless, the UK supervisory authority encourages UK companies to continue to comply with the GDPR. The Data Protection Act 2018 will take over the principles, rights and obligations enshrined in the European regulation.
But from the point of view of a European company making data transfers to the UK, what will be the impact of Brexit? Article 45 of the GDPR provides that data transfers to third countries may take place when the Commission finds, by decision, that the third country offers an adequate level of protection. However, at present, the Commission has not yet taken any adequacy decision regarding the United Kingdom.
The “no deal” Brexit seems to assert itself. So how should European companies prepare? The European Data Protection Board (EDPB) provides further explanations in an information note of 12 February 2019.