International data transfer
The General Data Protection Regulation (GDPR) provides special rules for the transfer of personal data to countries outside the EU or the EEA (so-called third countries). Our lawyers explain how data controllers can transfer data in compliance with the law.
Draft adequacy decision on the EU-U.S. Data Privacy Framework
Will the transfer of personal data to the U.S. soon be possible again without further data protection guarantees?
EU-U.S. Data Privacy Framework: Privacy Shield 2.0 or Schrems III?
The U.S. government and EU Commission announce a new version of the transatlantic data protection agreement. Is legal certainty finally coming, or just a new court case?
Data transfers to Russia
What do data controllers have to consider if they currently want to export personal data to Russia or have it processed there? The EDPB gives specific recommendations.
China releases draft SCCs for international data transfers
Standard Contractual Clauses will be a tool for the lawful transfer of personal data outside of China. We explain the proposed SCCs and the meaning for (data-driven) businesses.
EDPB published draft guidelines on certification as a data transfer tool
Approved certification mechanisms can be a tool for transferring personal data to third countries in the absence of an adequacy decision. The EDPB has now published draft guidelines on this.
The new Connecticut Data Protection Act (CTDPA)
Connecticut introduces new privacy law: An act concerning personal data privacy and online monitoring. Which companies are affected and what obligations arise from the new law?
When do the GDPR provisions apply to non-EU businesses?
A clarification of several key issues helps companies outside the EU answer the difficult question of whether they have to comply with European data protection laws.
EDPB issues guidance on the notion of third country transfers
The new EDPB Guidelines clarify the applicability of the provisions of the GDPR on third country transfers – particularly relevant for non-EU companies bound by the GDPR.
EDPB requires improvements to adequacy decision for the United Kingdom
The opinion of the European Data Protection Board on the adequacy decision of the EU Commission and possible impacts on data transfers in the United Kingdom.
Standard Contractual Clauses for third country transfers (new version of 2021)
The newly published standard contractual clauses provide more legal certainty and flexibility – but also come with more workload for businesses. Here is what to expect.
