As indicated in the official announcement, from 1 January 2021. The free flow of data between the European Economic Area (27 member states of the European Union plus Iceland, Liechtenstein and Norway) and the United Kingdom will be maintained Until July 1, 2021. This is provided by the so-called passage clause in final provisions Trade and cooperation agreements between the European Union and the European Atomic Energy Community on the one hand and the United Kingdom of Great Britain and Northern Ireland on the other hand, which will govern the future relationship between the European Union and the United Kingdom.

Personal data protection office explains that according to art. FINPROV 10A of the Agreement, which sets out the transitional provisions for the transfer of personal data to the UK, These transfers will not be considered temporarily as data transfers to a third country. Thus, entrepreneurs or public entities will not be required to fulfill the additional requirements stipulated in Chapter V of the GDPR. ( European Union) 2016/680 in the Polish legal system.

The transition period – how long is it?

The transitional period will end on July 1, 2021 at the latest, that is, six months after January 1, 2021. The agreement provides for a period of four months, but it will be automatically extended for another two months, unless one of the parties objects to it. The transition period may also end earlier, When the European Commission Under art. 36 seconds. 3 of Directive (European Union) 2016/680 and pursuant to art. 45 seconds. 3 General Data Protection Regulation It will issue executive decisions regarding an appropriate level of data protection Regarding the United Kingdom, the press release states.

See also  Youngest professional soccer player in US history to move to Europe

Submit data after the transition period ends

The Office of Personal Data Protection, the European Commission, also confirmed the announcement Related to the adoption of the UK adequacy resolution It announced its willingness to quickly initiate official action in this regard. Before issuing such decisions will be required Evaluate the UK Personal Data Protection Act and its practice in light of the jurisprudence of the European Union Court of Justice. The transfer of data on the basis of a decision of the European Commission will be possible without additional conditions being met. However, if the European Commission does not make an adequate decision during that period, the transfer of data to the UK after the end of the transition period will require first and foremost the application of the safeguards set forth in Art. 46 General Data Protection Act (eg standard contractual clauses or binding company rules).

Free flow of data – conditions

According to the content of the communication, the free flow of data during the transition period will be conditional on the UK remaining in effect on December 31, 2020. Provisions on personal data protection based on European Union law, i.e. GDPR and Directive (EU) 2016/680. The UK will not be able to exercise its jurisdiction over international data transfers during the transition period.

The role of the information commissioner

What UODO cares about is the fact that as of January 1, 2021. The OSS will not apply to the UK for processing cross-border data and therefore the ICO will not be involved in it.

See also  United States of America. Biden announces the punishment of those responsible for the kidnapping of Protasevic

Agreement – implementation process

Negotiations for the agreement ended on December 24, just before the end of the current transition period. On December 29, the Council of the European Union decided to sign the agreement and implement it provisionally. The agreement was officially signed by both parties on December 30. Its entry into force will depend on the fulfillment of further procedural requirements, including approval by the European Parliament, which may be granted in early 2021. Therefore, it is planned. Provisional implementation of the agreement as of January 1, 2021, which may not last longer than February 28, 2021. – Explains UODO.

As stated in the announcement, the Personal Data Protection Office will monitor the ongoing work and update the information provided, if necessary.

Current information is published by the European Commission on the website: https://ec.europa.eu/info/european-union-and-united-kingdom-forging-new-partnership/future-partnership/draft-eu-uk-trade-and-cooperation-agreement_en

Information on the decision taken by the Council of the European Union:

https://www.consilium.europa.eu/en/press/press-releases/2020/12/29/eu-uk-trade-and-cooperation-agreement-council-adopts-decision-on-the-signing/

Statement by the European Data Protection Council, published prior to the conclusion of the negotiations: https://uodo.gov.pl/pl/138/1793

Entrepreneur status

From January 1, 2021. The General Data Protection Regulation (GDPR) will apply directly to these entrepreneurs – referring to the Bureau of Personal Data Protection. The GDPR also applies to the processing of data relating to persons residing in the European Union by a controller or processor who does not have regulatory units in the European Union, if these activities are related to:

  • To provide goods or services to these persons in the European Union, whether they are required to pay or not; or
  • Monitor their behavior insofar as this behavior occurs in the European Union.
See also  Deputy Head of State for Foreign Affairs: The situation of Polish drivers in England improving hour by hour - Wiadomości

These entrepreneurs must designate their representative in writing in the European Union in the member state where their personal data is processed in connection with the offer of goods or services or whose behavior is being monitored – indicated in the contact.

Entrepreneurs do not have to appoint a representative if their processing is incidental, and does not include – broadly – the processing of special categories of personal data, or the processing of personal data related to criminal convictions and prohibited acts, and this is unlikely due to their nature, context, and scope Its objectives carry the risk of violating the rights or freedoms of natural persons.

Press release from the Personal Data Protection Office

From the View of the Defense24 Store – Hello!