Hi. I am brand new to a DPO role. How would it work if we hold data for customers outside of the UK, do we need to follow any GDPR guidelines for their country or as long as we have details in our Privacy this covers us?
UK is no longer part of the EU so it has the Data Protection Act 2018 and the UK GDPR which is almost identical to the EU GDPR. I suggest you follow the ICO guidelines, which is the UK Data Protection Authority for transfers of data because many steps to implement will depend on the country where data are stored or processed. You will need to apply UK GDPR to data processing worldwide.
If you need to know more about how to transfer data in third countries under the EU GPDR here you can find more information: