The Rubik's Cube of protecting Data, also known as GDPR - What will happen at the end of the transition period??
What does the acronym GDPR stand for?
General Data Protection Regulations
The purpose of these regulations are to impose obligations onto organisations and companies if they target or collect data relating to people in the EU.
Personal data means any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Natural persons are living humans as opposed to legal entities.
Personal data can include factual information, such as a name, address or date of birth, or can be an opinion, such as how a manager thinks an employee has performed in his/her performance review.
UK has now left the EU, but until the 31st December 2020 the UK is in a transition period, the current regulations will continue to apply until the end 2020.
After the transition period GDPR will be brought into UK law as the ‘UK GDPR’. However subject to negations during the transition period the UK will no doubt have to make some amendments the regulations to ensure it integrates with other amendments proposed to domestic laws.
The UK already has its own law in relation to Data Protection,the Data Protection Act 2018 (DPA 2018), which currently supplements and adapts the GDPR within the UK, this will also continue to apply.
Although GDPR is an EU Regulation and, in principle, it will no longer apply to the UK from the end of 2020.
If you or your company operate inside the UK, the EU version of GDPR may also still apply if you operate in Europe, offer goods or services to individuals in Europe, or monitor the behaviour of individuals in Europe.
GDPR will still apply to any organisations in Europe who send you data.
The government has said that it intends to incorporate the GDPR into UK data protection law from the end of the transition period – so in practice there will be little change to the core data protection principles, rights and obligations found in the GDPR.