As the United Kingdom enters the final transition period for Brexit, we are now on the countdown for the impending changes which kick in from 1st January 2021. Over the coming weeks, we’ll highlight the key areas you need to be aware of when using Dynamics 365 Business Central.
Using Business Central after the United Kingdom has left the EU
The departure of the United Kingdom (UK) from the European Union (EU), will impact many businesses. If your business operates inside and across UK borders then you should expect to make configuration changes within Business Central to reflect the new legislation.
In this post, we will focus on how Business Central post-Brexit will help you stay on top of the required rules in relation to the GDPR.
The GDPR – where is your Business Central data stored?
The data for UK customers of Business Central online is stored in data centres in the United Kingdom.
This will not change after the United Kingdom has left the EU. If you create another Business Central environment in the same tenant, and choose another country for this environment, the data will be stored in data centres that serve that specific country.
Will the GDPR still apply when we leave the EU?
According to the ICO:
The GDPR is an EU Regulation and, in principle, it will no longer apply to the UK from the end of the transition period. However, if you operate inside the UK, you will need to comply with UK data protection law. The government has said that it intends to incorporate the GDPR into UK data protection law from the end of the transition period
The EU version of the GDPR may also still apply directly to you if you operate in Europe, offer goods or services to individuals in Europe, or monitor the behaviour of individuals in Europe.
The GDPR will still apply to any organisations in Europe who send you data, so you may need to help them decide how to transfer personal data to the UK in line with the GDPR.
How does this affect Business Central?
The key thing to consider is to identify whether you are a data processor or controller. We’ve already identified where your Business Central data is stored so you can then update your company GDPR/Privacy policies to reflect this.
Business Central contains the functionality and is built on a platform that makes it easy for customers to comply with compliance and regulatory legislation such as the General Data Protection Regulation (GDPR).
During the transition, the provisions of the GDPR will be incorporated directly into UK law from the end of the transition period, to sit alongside The Data Protection Act 2018 (DPA 2018), then the built-in Business Central functionality will still support this legislation.
Can we still transfer data to and from Europe if we leave without a deal?
The government has said that transfers of data from the UK to the European Economic Area (EEA) will not be restricted. However, from the end of the transition period, unless the EU Commission makes an adequacy decision, the GDPR transfer rules will apply to any data coming from the EEA into the UK.
You need to consider what GDPR safeguards you can put in place to ensure that data can continue to flow into the UK. Learn more about Brexit and Data privacy from the ICO (Information Commissioner’s Office).