{"id":16080,"date":"2021-11-04T13:47:31","date_gmt":"2021-11-04T13:47:31","guid":{"rendered":"https:\/\/crigroup.com\/?p=16080"},"modified":"2024-01-22T15:35:26","modified_gmt":"2024-01-22T15:35:26","slug":"gdpr-vs-uk-gdpr-the-laws-post-brexit","status":"publish","type":"post","link":"https:\/\/crigroup.com\/ar\/gdpr-vs-uk-gdpr-the-laws-post-brexit\/","title":{"rendered":"GDPR vs. UK-GDPR; the Laws Post Brexit"},"content":{"rendered":"

The General Data Protection Regulation (GDPR) is a regulation in EU law that was implemented on the 25th of<\/sup> May 2018 and concentrates on data protection and confidentiality in the European Union and the European Economic Area; alongside this, the GDPR is also used to address the transmission of personal data outside the EU and EEA areas. The EU Commission announced on 28 June 2021 that adequacy judgments for the UK have been passed, so what does that mean for the GDPR rules?<\/p>\r\n

The Brexit transition phase concluded on the 31st of<\/sup> December 2020 and as a component of the new trade agreement, the EU has come to an agreement to postpone the transmission limitations for at least four months, which can then be stretched out to six months (recognised as the bridge). The\u00a0European Commission published its draft decisions<\/a>\u00a0on the 19th<\/sup> of February 2021 \u00a0regarding the UK\u2019s adequacy under the EU\u2019s\u00a0General Data Protection Regulation<\/a>\u00a0(EU GDPR) and\u00a0Law Enforcement Directive<\/a>\u00a0(LED). In both cases, the European Commission has found the UK to be adequate which implies that much of the data can resume the stream from the EU and the EEA devoid of the need for supplementary precautions. Nevertheless, it is vital to take note of the fundamental reality that the adequacy decisions do not<\/em><\/strong> cover data conveyed to the UK for the principles of immigration control, or where the UK immigration immunity is appropriate. For this nature of data, distinct regulations are employed, and the EEA dispatcher wants to set other transfer safeguards in place. September 2021 saw WhatsApp being handed the second highest fine under EU GDPR (General Data Protection Regulation) rules and the biggest fine ever from the Irish Data Protection Commission due to their lack of understanding towards the new GDPR laws – had they done their due diligence, they may have been able to avert such a hefty fine. Our Due diligence 360\u00b0<\/a>\u00a0services provide the specialised intelligence needed by global financial institutions and multinational corporations to guarantee complete compliance with anti-money laundering (AML) regulations and legislations.<\/p>\r\n

Find out more about compliance below or download our free<\/strong><\/em> brochure.<\/strong><\/p>\r\n

FIND OUT OUR SOLUTIONS<\/a>\u00a0or DOWNLOAD THE BROCHURE<\/a><\/p>\r\n

The draft decisions will at this point be deemed by the\u00a0European Data Protection Board<\/a>\u00a0(EDPB) and a committee of the 27 EU Member Governments.\u00a0 If the committee accepts the draft decisions, then the European Commission can formally adopt them as legal adequacy decisions. \u00a0If adequacy decisions are not implemented at the end of the bridge and allocations from the European Economic Area (EEA) to the UK will require compliance with EU GDPR transfer constraints.<\/p>\r\n

What is the UK-GDPR?<\/strong><\/h3>\r\n

The United Kingdom General Data Protection Regulation (UK-GDPR) is the UK\u2019s national data privacy law that is the proxy for the EU\u2019s GDPR after Brexit; it is fundamentally the equivalent to the EU\u2019s GDPR but altered to accommodate national regions of regulation. The UK-GDPR will regulate personal data and demand the same legal grounds for managing personal data.<\/p>\r\n

The GDPR is indeed still retained in domestic law as the UK GDPR, although the UK has the freedom to maintain the framework under evaluation. The \u2018UK GDPR\u2019 as it\u2019s known as, rests adjacent to a revised edition of the DPA 2018.\u00a0It is also essential to note that the fundamental ethics, constitutional rights, and responsibilities remain as they were but that there are<\/em><\/strong> connotations for the regulations on transmissions of individual data between the UK and the EEA.<\/p>\r\n

The UK GDPR also pertains to regulators and processors established out of the UK if their managing pursuits correlate to:<\/p>\r\n