Home Resources Recent developments

Data transfers after Brexit

How will you ensure your data keeps flowing after Brexit?

If, as looks increasingly likely, the European Commission does not give the UK an Adequacy decision before Brexit, organisations that want to transfer data from the EEA to the UK will need to update their contracts and processes.

There are three key changes to consider. You may need to appoint an EU or UK Representative, you may need to identify a new lawful basis for your international transfers, and you may need to identify a new EU Lead Supervisory Authority.

However, those three key changes generate around 150 smaller follow-on actions. How will you make sure you don’t miss anything in your preparations?

Data transfers after Brexit

Our support for Brexit readiness

Expand each section to learn more.

Brexit Readiness Assessment

Brexit Readiness Assessment

After Brexit, things are likely to change. Do you have everything in place to keep your data flowing after Brexit?

Our Brexit readiness assessment covers the three key actions, and around 150 supporting smaller tasks, required to keep your data flowing after Brexit.

Learn more

Brexit and Schrems II webinar

Free Brexit webinar

The Schrems II ruling and Brexit mean that UK organisations are required to reconsider the legal basis for the transfer of personal data to and from Europe.

Join our experts on this webinar to learn about the practical implications for UK–EU data transfers in the light of Schrems II and Brexit that your organisation must consider.

Watch now

Reporting Data Broking to the ICO

ICO report into data broking

Does the way you buy or sell data need to be updated?

The ICO’s long-awaited report into the data broking industry found issues with transparency and process limitation, and has prompted data buyers to strengthen their due diligence requirements.

Data brokers perform a vital service in matching businesses with prospective purchasers, but individuals who are uncomfortable with how their data is used make complaints, not purchases. Data protection regulations challenge data brokers and marketers to work together in a much more strategic way. The goal is, very clearly, to reduce the complaints and increase the purchases.

DQM GRC was originally founded to support data brokers and data owners, we audit around 80% of the UK market and many of our consultants are specialists in both privacy and marketing.

Our support for data brokers and buyers

Expand each section to learn more.

Privacy Essentials for Marketers

Privacy Essentials for Marketers

This one day course, offered through our sister company IT Governance, is designed to give marketers and privacy professionals an understanding of how to incorporate privacy requirements into specific types of marketing activities.

Participants will learn how to create and execute compliant and effective digital marketing campaigns and will receive an IBITGQ-accredited certificate on successfully passing the exam.

Visit IT Governance

Data Licence Audit

Data Licence Audit

DQM GRC is long established as the leading provider of data licence assurance services to the UK’s commercial data owners.

Our specialist second party auditors will work with you to create a bespoke audit plan to meet your needs and requirements.

Learn more

Privacy Shield invalidated

Do you need to review the way you transfer data to the US?

The European Court of Justice recently invalidated the Privacy Shield framework as a mechanism for transferring data between the EU and the US, in the ‘Schrems II’ decision.

The Swiss-US Privacy Shield was invalidated shortly afterwards.

While Privacy Shield remains a useful way of demonstrating that many data protection requirements will be met by the US data recipient, organisations that previously relied on it will now need to find a new basis for transferring data and implement the requirements associated with it.

Data Transfers to the US

Our support for EU-US data transfers

Expand each section to learn more.

EU-US Data Transfers Assessment and Action Plan

EU-US Data Transfers

Do you have everything in place to keep data flowing after the fall of Privacy Shield?

Our consultants will assess your progress against the six steps set out by the European Data Protection Board, plus an assessment of your readiness to cope if your controls fail, and provide you with an action plan to help you comply.

Learn more

EU-US Data Transfers webinar

Free EU-US Transfers Webinar

The Schrems II ruling and Brexit mean that UK organisations are required to reconsider the legal basis for the transfer of personal data to and from Europe.

Join our experts on this webinar to learn about the practical implications for UK–EU data transfers in the light of Schrems II and Brexit that your organisation must consider.

Watch now