Personal data sharing between controllers
Personal data sharing between controllers

The following Information Law guidance note provides comprehensive and up to date legal information covering:

  • Personal data sharing between controllers
  • Key guidance
  • What is personal data sharing?
  • The GDPR and arrangements between controllers—whether independent or joint
  • General obligations on controllers under the GDPR
  • Steps controllers should take to comply with the GDPR when sharing or receiving personal data
  • Data sharing agreements
  • In-life checks
  • Record keeping
  • Liabilities
  • more

Brexit: On 31 January 2020, the UK ceased to be an EU Member State and entered an implementation period, during which it continues to be subject to EU law. During this period, the GDPR applies in the UK and the UK generally continues to be treated as an EU (and EEA) state for EEA and UK data protection law purposes. Any references to EEA or EU states in this Practice Note should therefore be read to also include the UK until the end of the implementation period. For further guidance on that period, its duration and the data protection laws that are anticipated to apply after the end of it, see Practice Note: Brexit—implications for data protection.

This Practice Note explores issues and best practice relating to the