J. Vaculíková | 8.11.2024
Supreme Court proposed to the Constitutional Court to repeal part of the Labour CodeTaxes, accounting, law and more. All the key news for your business.
Martina Šumavská | September 14, 2021
On 28 June 2021, the European Commission adopted two decisions – one as part of the General Data Protection Regulation (GDPR) and the second one as part of the so-called criminal-law directive – based on which personal data may continue to be freely transferred from the European Union to the United Kingdom, where in principle an equal level of personal data protection is ensured as in the European Union.
The United Kingdom withdrew from the European Union as of 31 December 2020. Within the agreement on future relations between the European Union and the United Kingdom from the end of the year 2020, a transitional regime was negotiated for passing on data to the United Kingdom – i.e. in the period from 1 January 2021 to 30 June 2021 at the latest, free transfer of personal data from the European Union to the United Kingdom continued to be enabled, under the existing legal regulations of the European Union.
The European Union reached decisions in June, which follow up on the above-mentioned transitory regime and enable a continuation of free transfer of personal data from the European Union to the United Kingdom, after a careful assessment of all rules and protective measures applicable in the United Kingdom in the field of personal data protection, including the rules for access to personal data by public authorities. The European Union has agreed on the conclusion that the system of personal data protection in the United Kingdom continues to be based on the same rules as at the time of the membership of the United Kingdom in the European Union, where the United Kingdom has fully incorporated the principles, rights and obligations under the GDPR and the criminal-law directive into its post-Brexit legal system.
The decision of the European Union has (for the very first time) been issued with a limited period of validity, for four years. If, after this period has expired, the United Kingdom continues to provide an adequate level of personal data protection, new decisions may be issued. During the above-mentioned four-year period, the European Commission will monitor the development of the legal situation in the United Kingdom and will be prepared to intervene at any time in case the United Kingdom deviates from the current level of personal data protection.