SPRING DISCOUNT
Get 30% off on toolkits, course exams, and books.
Limited-time offer – ends May 26, 2022
Use promo code:
SPRING30

Expert Advice Community

Guest

Data transfers to 3rd countries

  Quote
Guest
Guest user Created:   Mar 14, 2022 Last commented:   Mar 16, 2022

Data transfers to 3rd countries

Hi! I would like to acquire an advice on how to approach data security obligations within an internationally based organisation which is headquartered in the UK. The company would be collecting data from a 3rd country and part of that data would be stored and processed in Serbia (by the company officers, within the organisations' premises, not 3rd parties). Would the organisation in this case be transferring personal data outside EEA? Storing and transferring would be done by the drop box cloud services. Thank you!
0 0

Assign topic to the user

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Tudor Galos Mar 16, 2022

If the headquarter of the organization is in the United Kingdom, then UK GDPR would apply mainly. According to article 3 – Territorial scope – from EU GDPR, the Regulation would apply only if the company would offer goods or services to people in EEA, or if it monitors the behavior of people in EEA. If the data is stored in Serbia, then a transfer takes place from the UK to Serbia. According to UK GDPR, which is almost the same as EU GDPR (with EU references removed), a suitable transfer mechanism should be used for compliant personal data transfer. In this case, the best transfer mechanism would be UK Standard Contractual Clauses. ICO, UK’s Data Protection Authority issued some new SCCs, called IDTAs (International Data Transfer Agreement) that can be used starting March 21, 2022.

You could explore developing Binding Corporate Rules (BCRs) for intra-group personal data international transfers, but they need to be approved by the supervisory authority (ICO in this case).

Please consult these links to find more details:

Tudor Galos
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Mar 14, 2022

Mar 16, 2022

Suggested Topics

Guest user Created:   May 18, 2022 EU GDPR
Replies: 1
0 0

Data Subject Access Request

Guest user Created:   Apr 04, 2022 EU GDPR
Replies: 1
0 0

Data controllers