THE PRIVACYPERFECT BLOG

EDPB Recommendations explained to ensure compliance after Schrems II

Nov 20, 2020 9:22:39 AM / by PrivacyPerfect posted in International Data Transfer, SchremsII

16 July 2020, the Court of Justice of the European Union invalidated the EU-US Privacy Shield in the Schrems II case, making most EU-US data transfers illegal overnight. The Court has also provided clarification on some extensive hurdles for using its most obvious alternative, Standard Contractual Clauses (SCC). Organizations have to:

Read More

What the outcome of the upcoming ruling in Facebook Ireland vs Schrems can mean for your organisation and how to prepare for the 16th of July

Jul 8, 2020 8:30:00 AM / by PrivacyPerfect posted in Privacy Shield, International Data Transfer, Standard Contractual Clauses

In exactly one week, on the 16th of July, one of the most anticipated cases in data protection, case C-311/18 — Facebook Ireland versus Schrems — will be delivered by the EU Court of Justice (ECJ). What’s at stake is if international flows of personal data to and from the EEA can continue as is now, or if major changes will be required. The verdict in the groundbreaking "Schrems 2.0" case will dictate whether the widely used Standard Contractual Clauses (SCCs) and the EU/USA Privacy Shield will remain a valid means of transferring personal data to countries outside the EEA under the EU’s GDPR. As these mechanisms are used for a large majority of international data transfers, this may in turn have a large impact on organisations around the globe. In preparation for the case, we analyse the road so far, and what the possible outcomes could mean for your organisation in regard to data privacy.

Read More

Brexit Postponed, Not Cancelled - How to Keep Sharing Data After Brexit?

Nov 15, 2019 10:07:16 AM / by Timelex posted in International Data Transfer, Brexit, Brexit and data protection

The EU agreed to further postpone Brexit until 31 January 2020, the so-called “withdrawal date”. Before such date there will be parliamentary elections in the UK on 12 December 2019.

In terms of data protection, the UK will eventually become a third country in case of a Brexit, meaning that an organisation established in the EEA should implement an adequate data transfer mechanism to share personal data with other organisations in the UK, such as other group offices or service providers. The new postponement gives companies some extra time to look at the possible data transfer mechanisms for implementation after the withdrawal date. Even in case of yet another postponement thereof, sooner or later the UK will become a third country.

In this blog, Timelex will explain the data transfer possibilities in more detail.

Read More

Data Transfers: In & Out of the EU

Nov 1, 2019 10:22:06 AM / by PrivacyPerfect posted in EU, GDPR Compliance, Data Privacy, DPO, Data Protection Officer, Data Transfer, International Data Transfer, Reputation under GDPR, GDPR For Tech Companies, GDPR for Marketers, GDPR Summary, gdpr 2019

International data transfers play a vital role for data driven businesses and organisations. As processes have become but a few clicks away and the digital world continues advancing, organisations must take the appropriate measures to ensure protection over their data and the data subjects. The EU’s GDPR aims to protect personal data, and provides strict obligations and standards that every organisation should take when dealing with international data transfers. Below are key points for organisations to consider upon doing international data transfers from and to the EU.

Read More

How can I transfer personal data across EEA borders under the GDPR?

Oct 8, 2018 10:00:00 AM / by PrivacyPerfect posted in Data Protection, Data Transfer, International Data Transfer, International GDPR, EEA

Before conducting an international data transfer, organisations need to check the GDPR very carefully. International data transfers should not only be compliant with Chapter 5 but also with all other requirements of the GDPR (following from Article 44 GDPR). Also, in order to transfer personal data outside the EU, organisations need to follow the layered approach of the European Data Protection Board.

Read More

Extending the GDPR across the borders of the EU: data protection in the EEA

Sep 26, 2018 10:00:00 AM / by PrivacyPerfect posted in Data Transfer, International Data Transfer, EEA

The European Economic Area (EEA) is the combination of European Union (EU) and European Free Trade Association (EFTA) states, except for Switzerland. The EEA has now incorporated the GDPR into the EEA agreement. This was done by an EEA Joint Committee Decision dated 6th July 2018, which came into force on 20th July, 2018. 

Read More

International data transfers in a nutshell

Aug 23, 2018 10:00:00 AM / by PrivacyPerfect posted in EU, GDPR Explained, Data Processing, Data Transfer, International Data Transfer, International GDPR, EEA

International data transfers are unavoidable for most of the businesses and organisations in today’s digital world. The GDPR takes a balanced approach between the necessity of cross-border data flows for the purposes of international trade and the level of protection provided to natural persons. Although the Regulation allows the free flow of personal data between Member States, it restricts data transfers to countries

Read More

    Lists by Topic

    see all
    harmas_Rajztábla 1-1
    Keep informed!
    Sign up to the Weekly GDPR Digest now.