.png?width=500&name=logo_transparent%20(4).png "logo_transparent (4)"){kind=logo}
Gegevens delen buiten de EU is sinds de gerechtelijke Schrems-II uitspraak een grotere uitdaging geworden. Organisaties zijn verplicht om Transfer Impact Assessments (TIA’s) uit te voeren om mogelijke risico’s van data-overdracht uit de EU naar andere landen te beoordelen. Dit was tot voor kort arbeidsintensief en foutgevoelig, maar dankzij onze samenwerking met het internationale advocatenkantoor DLA Piper kan het nu veel efficiënter en op gestandaardiseerde manier. De TIA-tool van DLA Piper, Transfer, is geïntegreerd in de PrivacyPerfect privacy-compliance SaaS-omgeving, en onderdeel van de assessment-module.
Betrouwbare en eenvoudige privacy-naleving met geautomatiseerde transfer impact assessments
Jul 15, 2022 3:43:49 PM / by PrivacyPerfect posted in USA, GDPR Guideline, Data Transfer, International Data Transfer, EEA, DPIA, Data Processing Agreements, Data Protection Impact Assessments, SchremsII, TIA
EDPB Recommendations explained to ensure compliance after Schrems II
Nov 20, 2020 9:22:39 AM / by PrivacyPerfect posted in International Data Transfer, SchremsII
16 July 2020, the Court of Justice of the European Union invalidated the EU-US Privacy Shield in the Schrems II case, making most EU-US data transfers illegal overnight. The Court has also provided clarification on some extensive hurdles for using its most obvious alternative, Standard Contractual Clauses (SCC). Organizations have to:
First code of conduct approved by Dutch DPA: What is it, and why is it important?
Sep 17, 2020 4:21:48 PM / by PrivacyPerfect posted in SchremsII, CodeOfConduct
The Dutch Data Protection Authority (AP) has recently approved the “Data Pro Code”, the first code of conduct approved by the Dutch DPA under the GDPR. The code was drafted by industry trade association of the Dutch digital sector, NLdigital, composed of 600 members, including SMEs and tech giants, and is intended to help companies in the ICT sector to comply with the obligations laid down in the EU privacy regulation.
A month and a half after the Schrems II ruling
Sep 3, 2020 11:55:26 AM / by PrivacyPerfect posted in SchremsII
In the ground-breaking judgement of DPC v Facebook Ireland & Schrems, also known as Schrems 2.0, the Court of Justice of the EU declared the European Commission's EU-US Privacy Shield Decision invalid, making the majority of EU-US data transfers in violation of EU Privacy law. The reason? US mass surveillance making the level of protection of personal data to the US not “adequate” to that in the EU. While the CJEU upheld the use of Standard Contractual Clauses ('SCCs'), Privacy Shields most obvious alternative, it clarified some extensive considerations that organisations and authorities should assess when they use these model clauses.
...And now
Since then, a lot has happened, but uncertainty remains. Now that the dust has settled somewhat, this blog post aims to clear up some of the uncertainties through an overview of relevant events.
