Legal Advice on International Data Protection

Companies and groups operating Internationally must comply with the different data protection laws of the European Union and in every country. This is a legal, organizational and a technical challenge. We will be pleased to help you to meet it!

Data protection services

European data protection officer

European data protection officer

Free downloads for data protection

Whitepaper about data processing on behalf

Whitepaper: Data processing according to GDPR

Our free whitepaper enables both, controllers and processors, for a compliant outsourcing of data processing.

International comparison of data protection laws

International comparison of data protection laws

Compare the GDPR and data protection rules in Europe relevant to your company in just a few clicks.

Let our lawyers advise you on data protection so that you can do your business in every country in Europe!

International Data transfer & data protection

International Data Protection is always applicable once data leaves national borders for storage or processing. For a number of digitised and outsourced processes (think of cloud computing or Software-as-a-Service) this is happening faster than expected. In case of an International data transfer, companies based in the EU must always note the level of data protection in the recipient country. In other words: Is the data to be protected equally safe there as it is over here?

Non-EU companies wishing to be active within the EU or targeting EU citizens, this in turn means that the storage and processing of the data collected in the EU represents an international data transfer. Thus, data protection regulations like the EU General Data Protection Regulation (GDPR) may apply.

Moreover, issues regarding international data protection law may also become relevant if employees of a company, a partner company or a subsidiary abroad have access to the data stored in the EU. Even though a direct transfer with other countries may not take place, the foreign location is subject to laws which are not considered adequate under EU standards.  A particularly challenging example is the U.S. Freedom Act (previously: U.S. Patriot Act), through which U.S. companies can be forced to comprehensively share data with U.S. authorities.