International data transfer
The General Data Protection Regulation (GDPR) provides special rules for the transfer of personal data to countries outside the EU or the EEA (so-called third countries). Our lawyers explain how data controllers can transfer data in compliance with the law.
Everything EU companies need to know about the EU-U.S. Data Privacy Framework – explained simply by lawyers.
The new EDPB Guidelines clarify the applicability of the provisions of the GDPR on third country transfers – particularly relevant for non-EU companies bound by the GDPR.
Will the transfer of personal data to the U.S. soon be possible again without further data protection guarantees?
The U.S. government and EU Commission announce a new version of the transatlantic data protection agreement. Is legal certainty finally coming, or just a new court case?
What do data controllers have to consider if they currently want to export personal data to Russia or have it processed there? The EDPB gives specific recommendations.
Standard Contractual Clauses will be a tool for the lawful transfer of personal data outside of China. We explain the proposed SCCs and the meaning for (data-driven) businesses.
Approved certification mechanisms can be a tool for transferring personal data to third countries in the absence of an adequacy decision. The EDPB has now published draft guidelines on this.
Connecticut introduces new privacy law: An act concerning personal data privacy and online monitoring. Which companies are affected and what obligations arise from the new law?
A clarification of several key issues helps companies outside the EU answer the difficult question of whether they have to comply with European data protection laws.
The opinion of the European Data Protection Board on the adequacy decision of the EU Commission and possible impacts on data transfers in the United Kingdom.