Several administrations released information on the consequences of a no-deal Brexit. So did the National Data Protection Commission in Luxembourg (CNPD) in a "Brexit" report published on their website. EU businesses subject to the GDPR should review their personal data flows and, if appropriate, review their situation to ensure that personal data transferred to the UK will still be made in compliance with EU legislation in the event of a no-deal Brexit. In most cases, the soundest alternative would generally be for EU-based data exporters to enter into Standard Data Protection Clauses (also known as EU Model Clauses) with the relevant UK data importers. Please read our analysis here.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.