The EU Commission announced on 28 June 2021 that adequacy decisions for the UK have been approved. We are in the process of updating our guidance to reflect this decision.
This checklist is for UK sole traders and other small business owners. Use this checklist to understand whether the end of the transition period affects you, and find out what you need to do.
The checklist is not suitable for larger businesses, particularly if you have an office, branch or other established presence in the EEA (the EU plus Iceland, Liechtenstein and Norway). Larger businesses should read our detailed guidance.
When the transition period ended on 31 December 2020, most of the UK data protection rules affecting small businesses stayed the same. But if you have contacts or customers in the EEA, EU rules may apply. You might need to take a couple of extra steps to make sure you can still get the data you need and comply with EU law. Once you complete the checklist, you receive a short report showing any risk areas and suggested practical actions to take. It also links to additional guidance you can read to improve your data protection knowledge and compliance.
If you're unsure if data protection law applies to your business, take this short quiz first.