Data transfer
Almost every company has to transfer personal data to the EU or restricted countries. We explain how to maintain UK GDPR compliance for these data transfers.
How to assess restrictions of data subject rights in third countries
When it comes to comparing the data protection level in a third country in which you want to transfer personal data, Art. 23 UK GDPR is the key to assess the restriction of data subject rights. We explain how UK businesses should proceed.
Transfer Risk Assessment (TRA)
What UK companies should consider when transferring data to restricted countries. The ultimate guide to Transfer Risk Assessments and the TRA tool of the ICO.
The International Data Transfer Agreement (IDTA) and the Addendum
On 21 March 2024 the use of the International Data Transfer Agreement and the Addendum become mandatory for restricted country transfers. Companies should start the transition process as soon as possible.
Cross-border data transfers and appropriate safeguards
What do you need to be aware of when transferring personal data to other countries – especially the EU or the US?
When do the GDPR provisions apply to UK businesses?
A clarification of several key issues helps companies in the United Kingdom answer the difficult question of whether they have to comply with European data protection laws.
Meaning of the EU Commission’s adequacy decision for UK-based companies
What do companies in the UK have to consider under the EU Commission’s adequacy decision when transferring data from the EU? What other data protection requirements apply to cooperation with companies in the EU?
