Data transfer
Almost every company has to transfer personal data to the EU or restricted countries. We explain how to maintain UK GDPR compliance for these data transfers.
The European AI Act for UK Businesses
The AI Act affects certain UK businesses by imposing compliance obligations for the EU market. We provide a brief overview.
UK and German data protection authorities share investigation data
The ICO and its German counterpart plan to share more information about cross-border investigations concerning the data protection legislation. This may have a direct impact on companies on both sides of the English Channel.
The Data Protection and Digital Information Bill
The most important proposals to change the current UK data protection regime and what the proposed changes could mean for the adequacy decision of the European Commission.
The UK-US data bridge
The UK-US Data Bridge is intended to make the transfer of personal data to the U.S. easier again. We explain how UK companies can use the new agreement!
How to assess restrictions of data subject rights in third countries
When it comes to comparing the data protection level in a third country in which you want to transfer personal data, Art. 23 UK GDPR is the key to assess the restriction of data subject rights. We explain how UK businesses should proceed.
Transfer Risk Assessment (TRA)
What UK companies should consider when transferring data to restricted countries. The ultimate guide to Transfer Risk Assessments and the TRA tool of the ICO.
The International Data Transfer Agreement (IDTA) and the Addendum
On 21 March 2024 the use of the International Data Transfer Agreement and the Addendum become mandatory for restricted country transfers. Companies should start the transition process as soon as possible.
Cross-border data transfers and appropriate safeguards
What do you need to be aware of when transferring personal data to other countries – especially the EU or the US?
When do the GDPR provisions apply to UK businesses?
A clarification of several key issues helps companies in the United Kingdom answer the difficult question of whether they have to comply with European data protection laws.
Meaning of the EU Commission’s adequacy decision for UK-based companies
What do companies in the UK have to consider under the EU Commission’s adequacy decision when transferring data from the EU? What other data protection requirements apply to cooperation with companies in the EU?
