In terms of your GDPR compliance requirements, not much should change. You would still require a DPO under the GDPR (rather than an Article 27 EU Representative), which could be based in the UK or any of the member states. In this case, however, companies may wish to appoint multiple DPOs (one in the UK and one in an EU member state) to protect themselves from future regulatory divergence and uncertainty.
In this case, the free flow of data between the UK and the EU would be able to continue, though the compliance obligations would likely change from that of an EU-based DPO under Articles 37-39 to an EU Representative under Article 27.
While we would consider this the least likely scenario, we would envision two different ways
that this could unfold:
The best way to be prepared and to further mitigate your compliance risk is to plan ahead for the different possible scenarios while the situation continues to unfold. In this, Adaptant can provide you with support for a hassle-free (as far as the GDPR is concerned) transition and minimal disruption to your customers. It’s as easy as 1, 2, 3!
In contrast to our competitors, our service pricing is flexible and based on a retainer rather than a recurring subscription model – we don’t believe in charging our clients for work not performed. This means, if no work is carried out on your behalf, you don’t pay*. However, when you need us, we will be right there for you. Peace of mind doesn’t have to come at a premium, nor should compliance be out of financial reach – especially for small companies and start-ups facing these challenges for the first time.
In addition to our GDPR service offerings, we can help you develop an operational scenario checklist and planning guide to assist in splitting your operations between the UK and mainland Europe.
For a full listing of our GDPR services click here .