Personal Data Transfer

UK and International Transfers of Personal Data

In the course of the day to day running of any business or non-profit organisation, it is all too easy to overlook the legal duties which apply to you as a data controller. 

An area which will be relevant to many organisations is transfer of personal data held by that organisation (the data controller) to another organisation (the data processor) in the UK or outside the UK. By way of example, a data controller might need to send to a data processor (or give access to it) to files containing data about the data controller’s customers, clients, suppliers, staff, volunteers so that the data processor can process it for the data controller.

Such transfers are tightly regulated by the law. The legal requirements applicable to such transfers have become progressively stricter, and the penalties imposed for non-compliance have become greater.

This page outlines how a business or non-profit organisation, as a data controller, can comply with the data protection laws which apply to their transfer of personal data of any type.