Hedge Alert - Brexit and Data Protection

January 16, 2019

Whilst data protection is probably the last thing on your mind on the way to work this morning, Parliament’s rejection of the withdrawal agreement last night will have extensive ramifications for businesses across the globe.

As it stands, the UK will leave the European Union on the 29th of March 2019 without a withdrawal agreement. The UK will incorporate the EU’s general data protection legislation directly into domestic law on that date, meaning that the UK and the EU may have separate data protection regimes.

The EU has already signalled that it will not immediately consider the UK to be an equivalent regime for data protection purposes, and the process for doing so is likely to be long-winded. The UK, however, has signalled that it will treat EEA member states as having an equivalent data protection regime immediately after the 29th of March. The result: businesses in the UK will be able to transfer personal data to the EU just as they could before Brexit, but EU businesses will need to ensure that additional and stringent safeguards are in place before they can transfer data to the UK.

Appropriate safeguards should be considered urgently for EU/UK data transfer arrangements in order to avoid any potential fines and civil action. EU businesses may rightfully refuse to transfer data to the UK if such arrangements are not in place, which may cause considerable disruption to businesses.

If you would like further advice, or need to review existing or proposed arrangements, please contact your usual MJ Hudson contact or Sean Scott at sean.scott@mjhudson.com.

Author:

Sean Scott

Hedge Alert - How is your GDPR timetable looking?

May 22, 2018

If you are currently commuting your way across London and the South East of England, timetables may be at the forefront of your mind. However, rail timetables are not the only things changing! The General Data Protection Regulation (GDPR) comes into force this Friday 25 May 2018 bringing with it some important changes. If you are involved in the storage, collection or any other processing of personal data as part of your interactions with investors, potential investors and/or service providers, then GDPR will probably apply to you in some shape or form.

Depending on how you are affected by the GDPR, you may need to appoint a European Authorised Representative (if you are a Fund domiciled outside the EU but deemed to be acting as a data controller or data processor with respect to EU investors/potential investors) and/or a Data Protection Officer (DPO) (if your core activities require large scale, regular and systematic monitoring of individuals or large scale processing of special categories of data).

If you are unsure about whether or how GDPR may affect your fund or would like advice on implementing GDPR, please get in contact with our funds team at MJ Hudson.

If you would like further advice, or need to review existing or proposed arrangements, please contact your usual MJ Hudson contact or sean.scott@mjhudson.com

Author:

Sean Scott

Hedge Alert - Impending GDPR

May 15, 2018

Welcome to the first edition of MJ Hudson’s Hedge Alert: the latest industry developments and regulatory news straight into your inbox.

The General Data Protection Regulation (EU 2016/679) (the “GDPR”) will enter into force across Europe on 25 May 2018.

Fund managers and service providers should note that the GDPR will regulate the collection, storage and other processing of personal data across the EU, including the transfer of data outside of the EU

Funds and their service providers should take the opportunity to review their data management procedures and practices to ensure they are in compliance with their GDPR obligations and to avoid the potential for data breaches and increased penalties.

If you would like further advice, or need to review existing or proposed arrangements, please contact your usual MJ Hudson contact or sean.scott@mjhudson.com

Author:

Sean Scott