Changes to consider in regulating data transfer between EU and US

The Schrems II decision revoked the adequacy decision that the EU Commission made over Privacy Shield. Before this decision data transfer between the EU and the US was allowed, because Privacy Shield was considered to provide an adequate safeguard for data and rights of EU individuals. Now the US is not considered to provide adequate safe space for privacy and rights of individuals, so the GDPR requires that controller and processor adopt Standard Contractual Clauses (SCC) in order to implement rights and safeguards on behalf of data subjects.

You need to consider that your US recipient of data transfer can offer you a standard of data protection which is compliant with GDPR and use in your legal undertaking the Standard Contractual Clauses.

Here you can find our free template with Standard Contractual clauses: https://info.advisera.com/eugdpracademy/free-download/standard-contractual-clauses-annexes

You can find some information about data transfer under GDPR here:

• 3 steps for data transfers according to GDPR: https://advisera.com/articles/3-steps-for-data-transfers-according-to-gdpr/

You can also consider enrolling in this free online training EU GDPR Foundations Course: https://advisera.com/training/eu-gdpr-foundations-course//