07778 407676 / 07796 854103 info@baxinteraction.co.uk

Data Protection and Privacy Support

Background  At 11pm UK time on the 31st December 2020 the transition period for the UK leaving the EU ended. The ‘Brexit Deal’ was struck and detailed in the ‘UK/EU trade cooperation agreement’.

There is a new data protection regime that we need to follow. The GDPR is retained in domestic law now the transition period has ended, but the UK has the independence to keep the framework under review. The ‘UK GDPR’ sits alongside an amended version of the DPA 2018. (Source: Information Commissioner’s Office – ico) This means that we need to comply with the following:

  • DPA (Data Protection Act) 2018 – amended version
  • EUGDPR – if marketing to data subjects in the EU
  • PECR – The Privacy and Electronic Communications (EC Directive) Regulations 2003

On 19 February 2021, the European Commission launched the process towards the adoption of adequacy decisions for transfers of personal data to the United Kingdom. This involves obtaining an opinion from the European Data Protection Board (EDPB) and the green light from a committee composed of representatives of the EU Member States. Once this procedure will have been completed, the Commission could proceed to adopt the two adequacy decisions.
Until then data flows between the European Economic Area and the UK continue and remain safe thanks to a conditional interim regime that was agreed in the EU-UK Trade and Cooperation Agreement. This interim period expires on 30 June 2021.

What are the benefits?

  • The reassurance that you are compliant with the regulations
  • Avoiding the risk of a sizeable fine
  • Keeping yourself and employees up to date
  • Saving your organisation from having to draft UKGDPR and EUGDPR compliant documentation
  • Advice based upon over 17 years in depth experience of data protection and privacy laws

How can I find out more? For more information on how we can help you to comply with data protection and privacy requirements contact us now

How can we help?

  1. Data protection

We can continue to offer data protection support:

  • Bespoke training for new starters and updates for existing employees
  • Advice on any concerns over the meaning and implications for your organisation of compliance with the UKGDPR,  EUGDPR, the Data Protection Act (2018) and the PECR
  • Drafting or reviewing your privacy policies, data processing and sharing agreements, Standard Contractual Clauses and terms and conditions
  • Auditing your current status to ensure that you are compliant:
    – Identifying any areas for improvement
    – Advising on how to address any gaps

2. Stand up for data protection workshops

We are providing ‘Stand up for data protection’ workshops in conjunction with Cambridge Marketing College. These workshops will be directly tailored to your needs. The sessions will be customised to deliver against your specific requirements. We will do this by consideration of the following:

  • your organisation
  • your product or service
  • your market(s) – including B2B, B2C and charities
  • your customers’ or clients’ needs and expectations
  • your employees’ needs and expectations
  • how you use personal data for marketing purposes
  • where your organisation operates
  • where your data is held
  • whether your organisation processes personal data as a “data controller” or “data processor” or both
  • your existing knowledge
  • your current state of compliance
  • your specific concerns