After this transition period, if no agreement, agreement or trade agreement is reached between the UK and the EU, the UK will leave the country in a non-agreement scenario and become a `third country`. As the CSO has already pointed out, UK organisations and organisations that carry out UK activities that receive personal data from the EU must, in such a scenario, ensure that they have additional legal controls, such as standard contractual clauses or binding business rules, to ensure compliance with the RGPD. The RGPD and EU fines continue to be imposed on third countries when dealing with personal data of EU citizens. New withdrawal agreement and political statement on: www.gov.uk/government/publications/new-withdrawal-agreement-and-political-declaration point 1: RGPD standards are maintained. If Parliament finally approves the new withdrawal agreement and the legislation associated with it, there will be no substantial change in the UK data protection regime (with the exception of some transfers to Gibraltar) by the end of the new withdrawal agreement (December 2020 at the latest). treatment is subject to the requirements of the RGPD as long as the agreement is in force.