ARTICLE
28 March 2019

Urgent Message: Privacy Shield Notices Need Updating Before No-Deal Brexit Withdrawal Date

WB
Womble Bond Dickinson

Contributor

Womble Bond Dickinson logo

Being different is our normal way of working. It's not just what we do, it's how we do it.

You'll benefit from more than just the skills and know-how you'd expect from a pioneering law firm; our technology specialists, process and project management leaders, accountants and tax advisers work alongside lawyers with specialist sector expertise – from business to government.

Working side by side, we'll find clever solutions to your age-old problems.

With 1,300 professionals across 39 offices in the US and UK, we're equipped to tackle mission-critical challenges, wherever you do business.

Want the proof? It's in our track record. With our straight-talking, entrepreneurial approach, we’ve set new industry precedents, achieved market firsts and delivered trailblazing work for our clients.

So, whatever your future holds, we're here for you with A Point of View Like No Other.

Explore Firm Details
Privacy Shield participants must update their privacy notices by March 29, 2019 (if the UK crashes out of the EU then with no deal) to continue to rely on the Privacy Shield for UK to US transfers
Worldwide Privacy
Theodore F. Claypoole and Taylor Ey
Your Author LinkedIn Connections
Womble Bond Dickinson are most popular:
  • within Law Department Performance, Family and Matrimonial and Real Estate and Construction topic(s)
  • with Senior Company Executives, HR and Finance and Tax Executives
  • with readers working within the Property industries

Privacy Shield participants must update their privacy notices by March 29, 2019 (if the UK crashes out of the EU then with no deal) to continue to rely on the Privacy Shield for UK to US transfers post-Brexit. Privacy Shield certification is available to US companies as a lawful mechanism to transfer personal data from the EU (and soon to be the EU and the UK) to the US as well as from Switzerland to the US (if companies register with both Privacy Shield Frameworks).

There is urgency to this task. With about ten days to go, affected US companies should to include required language in their privacy policies to beat the deadline. Companies relying on the Privacy Shield for non-human resources (HR) data only need to update their online privacy policies. Companies that also rely on Privacy Shield for HR data must also update those employee notices (if customer and employee notices are separate).

The US Department of Commerce provided model language to be added to applicable privacy notices on the Privacy Shield website available on its FAQ page: https://www.privacyshield.gov/article?id=Privacy-Shield-and-the-UK-FAQs .

After the Brexit date, companies that selected the EU Data Protection Authority as the independent recourse mechanism will be understood to have committed to cooperate and comply with UK's Information Commissioner's Office with regard to personal data received from the UK in reliance on Privacy Shield.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

[View Source]
Authors
Photo of Theodore F. Claypoole
Theodore F. Claypoole
Photo of Taylor Ey
Taylor Ey
Your Author LinkedIn Connections
See More Popular Content From

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More