Save 20% on accredited EU GDPR course exams.
Limited-time offer – ends July 18, 2024
Use promo code:
EXAM20

Expert Advice Community

Guest

Are entities in certain countries still required to form binding corporate rules?

  Quote
Guest
Guest user Created:   Jun 01, 2020 Last commented:   Jun 01, 2020

Are entities in certain countries still required to form binding corporate rules?

It's regarding Module 8: Data transfers and managing third parties in the DPO course
The lecturer explains that there are certain countries that need binding corporate rules between companies transferring to each other who are operating under the same parent company. He explains that there are countries identified as having an adequate level of data protection (i.e the EU member states) and then explains that certain countries were not yet recognized have adequate protection such as the United States was not recognized as having an adequate level of data protection. Is this list of countries still up to date? Are entities in these countries still required to form binding corporate rules?

0 0

Assign topic to the user

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Alessandra Nisticò Jun 01, 2020

it's regarding Module 8: Data transfers and managing third parties in the DPO courseThe lecturer explains that there are certain countries that need binding corporate rules between companies transferring to each other who are operating under the same parent company. He explains that there are countries identified as having an adequate level of data protection (i.e the EU member states), and then explains that certain countries were not yet recognized have adequate protection such as the United States was not recognized as having the adequate level of data protection. Is this list of countries still up to date?

You can find the current list on the website of the European Commission here: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_enJapan and the United States (limited to the Privacy Shield framework) were added.

 

Are entities in these countries still required to form binding corporate rules?

The course explained that binding corporate rules are suitable for large-size companies belonging to the same group, while other companies better use data transfer agreements.

However, entities located in the United States can now transfer data based on an adequacy decision instead of Binding corporate rules. In fact, Article 46 GDPR states that transfer on the basis of binding corporate rules happens in the absence of a decision under Article 45 GDPR.

You can find more information here:

You may also consider enrolling in this online EU GDPR Foundations Course: EU GDPR Foundations Course

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jun 01, 2020

Jun 01, 2020

Suggested Topics

Guest user Created:   Oct 19, 2022 EU GDPR
Replies: 1
0 0

Required documents

Guest user Created:   Mar 14, 2022 EU GDPR
Replies: 1
0 0

Data transfers to 3rd countries