DPA in EU

Answer: This depends if you are acting as a controller or a processor because under certain circumstances you may need to appoint a representative in the EU that would be facing the Data Protection Authorities.

So in order to provide a more accurate answer more details are required.

To learn more about the EU GDPR check out our “EU GDPR Foundations Course” (https://advisera.com/training/eu-gdpr-foundations-course//)

Thank you for the above information, Our company is based in Japan as a controller, we would like to partner with an EU based company also as a controller, for this situation, what are the necessities for us to do to be able to exchange PD with the EU based company,

I have two examples; first; get PD of an employee from the EU counterpart, and 2nd be able to use our online platform that processes and perform data analysis with AI, which also produces meta data of analyzed data, that is to be used and licensed to the EU based company.

Are there any procedures to be done for us to be able to do the above?
Do we have to contact Japan's Data authority first and inform them of the planed activity? or we only need to get a consent from the EU company counterpart for us to perform business?

1. In order to exchange personal data between a EU based company and a Japanese one acting as a separate controller you need to comply with the requirements for cross border data transfer. Most used of such safeguards is the use of Controller to Controller Standard Contractual Clauses.
To learn more about cross border data transfers check out our webinar “How to make personal data transfers to other countries compliant with GDPR” (https://advisera.com/webinars/how-to-make-personal-data-transfers-compliant-with-gdpr-free-webinar-on-demand/).

2. Notifying the Japanese Supervisory authority is subject to Japan`s local legal requirements in terms of data protection. The relation between you and the other controller needs to be established in the contract that you have with the European entity.