Question? Call Us +44 330 122 8239

The missing GDPR/BREXIT piece?

No, this is not another one of those articles about whether GDPR matters because of BREXIT. I think most sane people agree the point is moot and DPA (2017) – or whatever it will be called – will at least mirror the requirements of GDPR.

This post/question isn’t even about being GDPR ready and how I can help your firm/project meet the May deadline (shameless plug out of the way for those of you who may want to engage me).

Those of you who have sat in on a meeting/call I’m involved in will be all too aware that I am rarely unsure of my own opinion. Those of you who know me well will know that this is normally because I have done my research first.

Discussions around servers hosted in the UK, EU or US, storage timelines, deletion capability, transfer across jurisdictions, portability of data etc, DPIA, LIA, Process Data Inventory and Data Mapping etc have all featured prominently in every GDPR related article on LinkedIn etc for some time now.

Information and opinion about all of these are freely available and very interesting on an intellectual level – at least to me.

I am not ashamed to admit to having read all 88 pages of

REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)

and to have a copy which is covered in highlighter and notes (some illegible, scribbled out or completely meaningless to me days after having written them).

I have the Data Protection page on the EC’s website bookmarked (will definitely be keeping an eye on EU US Privacy Shield).

EU-US Privacy Shield

However, amongst all the noise about GDPR, there is one topic I have very rarely seen being discussed; even on LinkedIn where everyone seems (or claims) to be some kind of expert.

It’s a topic which has bothered me since I first read about it and had hoped to see more about.

Article 27 Representatives of controllers or processors not established in the Union

Maybe BREXIT is a long way away. Maybe the experts think we can only focus on one thing at a time, but why is this not all over the place?

If, post BREXIT, my e-business sells to EU nationals will I need to appoint an EU Representative?

The UK will be outside the EU. There is no UK EC Privacy Shield Working Group I know of.

Will business end up with further layers in a EU-UK Privacy Shield type scenario?

What about a UK-US Privacy Shield workload?

Clearly, DPA (2017) should/could take care of all of the last two but what do I do about Article 27 and when do I do it?

The large multinationals will be okay. What about my friend who sells loads of eLiquid online to Irish customers? Who is talking to him about the potential impacts and why GDPR does matter even despite BREXIT?

Again, those of you who know me will understand that I often know (or think I know) the answer before I ask a question like this.

As always, I have my opinions. As always, I am willing to be proven wrong.

Is there anyone out there who can assure me this is at least being discussed. The world is changing. eCommerce and the Cloud can make every business multinational and multi-jusridictional.

Personal Data is Gold. Protection of it is very important. Is enough being done to let small businesses know about the impacts – potential and real – that GDPR, DPA (2017), EU US Privacy Shield and their ilk will have on them?
Share on facebook
Share on twitter
Share on linkedin
Share on print
Share on email

Be in the know

You'll be the first to know about new events, information governance trends and tips to enhance the value of your data when you sign up for Fidabona emails.

Upcoming Events

2022 January

Week 5

Mon 27
Tue 28
Wed 29
Thu 30
Fri 31
Sat 1
Sun 2
Mon 3
Tue 4
Wed 5
Thu 6
Fri 7
Sat 8
Sun 9
Mon 10
Tue 11
Wed 12
Thu 13
Fri 14
Sat 15
Sun 16
Mon 17
Tue 18
Wed 19
Thu 20
Fri 21
Sat 22
Sun 23
Mon 24
Tue 25
Wed 26
Thu 27
Fri 28
Sat 29
Sun 30
Mon 31
Tue 1
Wed 2
Thu 3
Fri 4
Sat 5
Sun 6
  • No Events

  • No Events

  • No Events

  • No Events

  • No Events

  • No Events

Social media
jQuery(function($){ $(document).on('click','.elementor-location-popup a', function(event){ elementorProFrontend.modules.popup.closePopup( {}, event); }); });
@font-face { font-display: block; font-family: Roboto; src: url( format("woff2"), url( format("woff") } @font-face { font-display: fallback; font-family: Roboto; font-weight: 600; src: url( format("woff2"), url( format("woff") } @font-face { font-display: fallback; font-family: Roboto; font-weight: 700; src: url( format("woff2"), url( format("woff") } #sib-container input:-ms-input-placeholder { text-align: left; font-family: "Helvetica", sans-serif; color: #c0ccda; } #sib-container input::placeholder { text-align: left; font-family: "Helvetica", sans-serif; color: #c0ccda; } #sib-container textarea::placeholder { text-align: left; font-family: "Helvetica", sans-serif; color: #c0ccda; }
Your subscription could not be saved. Please try again.
Your subscription has been successful.


Subscribe to our newsletter and stay updated.

window.REQUIRED_CODE_ERROR_MESSAGE = 'Please choose a country code'; window.EMAIL_INVALID_MESSAGE = window.SMS_INVALID_MESSAGE = "The information provided is invalid. Please review the field format and try again."; window.REQUIRED_ERROR_MESSAGE = "This field cannot be left blank. "; window.GENERIC_INVALID_MESSAGE = "The information provided is invalid. Please review the field format and try again."; window.REQUIRED_MULTISELECT_MESSAGE = 'Please select at least 1 option'; window.translation = { common: { selectedList: '{quantity} list selected', selectedLists: '{quantity} lists selected' } }; var AUTOHIDE = Boolean(0);

We use Sendinblue as our marketing platform. By Clicking above to submit this form, you acknowledge that the information you provided will be transferred to Sendinblue for processing in accordance with their terms of use

jQuery(function($){ $(document).on('click','.elementor-location-popup a', function(event){ elementorProFrontend.modules.popup.closePopup( {}, event); }); });


We're excited you'd like to come along!

However, we need to tell you something important before you do:

How we use the personal data you provide when booking to attend an event.

In short, we ask for your name, email, the organisation you represent and phone number. For paid events we also collect billing information to process your order. We use this information to manage the event and your attendance by sending you email and SMS (if you provide a mobile number) confirmations and reminders about the event and any replays which are available. For some events we may invite you to complete optional surveys to either help us tailor the event beforehand or get feedback from you after the event is over.

The information you provide will be transferred to our Webinar platform provider where we use analytics to help measure the effectiveness of our webinars e.g. record whether you attend the event and how long you attended for. We also store your information in our CRM where it may be combined with publicly available information about you or the organisation you represent (such as that from LinkedIn or Companies House) and your communications with us. This combined picture will be used to help identify which of our services may be of interest to the organisation you represent; so, yes, we may market to you but only in your professional capacity and only in a targeted way once we know more about how our services may be of benefit to the organisation you represent. Above all, we promise to stop when you tell us to.

Please see our Website Privacy Notice for more information.

fidabona celebrates
Subscribe to get 15% discount