International data transfer
The General Data Protection Regulation (GDPR) provides special rules for the transfer of personal data to countries outside the EU or the EEA (so-called third countries). Our lawyers explain how data controllers can transfer data in compliance with the law.
EU-U.S. Data Privacy Framework
Everything EU companies need to know about the EU-U.S. Data Privacy Framework – explained simply by lawyers.
EDPB defines third country transfers
The new EDPB Guidelines clarify the applicability of the provisions of the GDPR on third country transfers – particularly relevant for non-EU companies bound by the GDPR.
Draft adequacy decision on the EU-U.S. Data Privacy Framework
Will the transfer of personal data to the U.S. soon be possible again without further data protection guarantees?
EU-U.S. Data Privacy Framework: Privacy Shield 2.0 or Schrems III?
The U.S. government and EU Commission announce a new version of the transatlantic data protection agreement. Is legal certainty finally coming, or just a new court case?
Data transfers to Russia
What do data controllers have to consider if they currently want to export personal data to Russia or have it processed there? The EDPB gives specific recommendations.
China releases draft SCCs for international data transfers
Standard Contractual Clauses will be a tool for the lawful transfer of personal data outside of China. We explain the proposed SCCs and the meaning for (data-driven) businesses.
EDPB published draft guidelines on certification as a data transfer tool
Approved certification mechanisms can be a tool for transferring personal data to third countries in the absence of an adequacy decision. The EDPB has now published draft guidelines on this.
The new Connecticut Data Protection Act (CTDPA)
Connecticut introduces new privacy law: An act concerning personal data privacy and online monitoring. Which companies are affected and what obligations arise from the new law?
When do the GDPR provisions apply to non-EU businesses?
A clarification of several key issues helps companies outside the EU answer the difficult question of whether they have to comply with European data protection laws.
EDPB requires improvements to adequacy decision for the United Kingdom
The opinion of the European Data Protection Board on the adequacy decision of the EU Commission and possible impacts on data transfers in the United Kingdom.
