"Take action now to continue receiving data legally from the EU."
This is the message to businesses in a full-page government ad in the Financial Times and elsewhere.
He then warns that after October 31 "you may need to update your contracts."
But how concerned should large and small companies be about data handling in the event of a Brexit without agreement?
The announcement instructs readers to follow the step by step guide at gov.uk/brexit.
But once you get there, it's not easy to find your way to data advice.
I found that I had to pretend to be a business and answer a series of questions before presented with the information.
So here is the main question. At this time, data can flow freely across the EU as long as companies comply with its new and strict General Data Protection Regulation (RGPD).
And, as RGPD is being incorporated wholesale into UK law, there should be no real change after Brexit – as long as we close a deal.
But if there is no agreement, we will be treated as an external country, requiring what is called the adequacy decision, showing that our data protection standards are correct – and the European Commission has indicated that this would not happen in a hurry.
So what do companies need to do? Well, sending data to the EU apparently won't be a problem, because the UK government has decided it is satisfied with European standards.
But if you receive data – perhaps a list of customer names and addresses – from a company in the EU or in a wider European economic space, action will need to be taken.
The advice is that you should "revise your contracts and, where absent, include standard contractual clauses (SCC) or other alternative transfer mechanisms (ATM) to ensure that you can continue to legally receive EU / EEA personal data."
Err – right. I can hear dozens of small business owners swallowing it.
But gov.uk sends them to the Information Commissioner's Office to find a handy interactive tool which will allow them to figure out how to create one of these smart contracts.
Don't worry, says the government website, "for most organizations, especially SMEs, taking the necessary action is not very costly and does not always require expert advice."
But don't think you can just ignore the problem: "If you don't act, your organization could lose access to the personal data it needs to operate."
Large companies have probably addressed this problem. One payment company told me that it had opened an office in Ireland and was preparing to inform EU customers that their business would be handled from there.
& # 39; Insurmountable Bureaucracy & # 39;
But how prepared are small businesses?
Ben Thompson, co-owner of a bike shop in Fort William, Scotland, visited gov.uk/brexit.
When he completed the questionnaire, he found that he faced 21 Brexit-related issues, including data transfers.
"We organize bike rides and, for example, we can get customer data from a German travel agency," he explains.
He is now concerned about the possibility of closing new contracts with all his European customers. "My heart sank when I saw that – it's an insurmountable pile of paperwork for a small business."
It's all a good deal for lawyers. But Alex Brown, chief technology officer at Simmons and Simmons, recommends caution about the seriousness of the data transfer problem: "If I were an exporting company, that would be on my list to fix – but it wouldn't be close to the problem." top."
He doubts that data regulators are rushing to punish small businesses that can't get the right contracts right away.
But it's just another concern for companies dealing with Brexit uncertainty.
Make UK, the manufacturer's organization, says the whole area is confusing for thousands of its members negotiating with the EU and is asking the government to give clear guidance.
A DCMS spokesman said it was in everyone's interest for the exchange of personal data between EU member states and the UK to continue, and the government established ways in which companies could comply with EU data protection laws. .