Take the ISO 27001 course exam and get the EU GDPR course exam for free
LIMITED-TIME OFFER – VALID UNTIL SEPTEMBER 30, 2021

Expert Advice Community

Guest

EU GDPR interpretation and transferring data

  Quote
Guest
Guest user Created:   Feb 24, 2021 Last commented:   Feb 25, 2021

EU GDPR interpretation and transferring data

1. Binding Corporate rules - are these the only way to transfer data from inside the EU to outside the EU (to UK and EU)

2. Which EU region has the toughest interpretation of GDPR?

0 0

Assign topic to the user

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Alessandra Nisticò Feb 25, 2021

1. Binding Corporate rules - are these the only way to transfer data from inside the EU to outside the EU (to UK and EU)

No, you can transfer data based on an adequacy decision under Article 45 GDPR. This applies when the transfer is towards one country that the EU Commission considers providing an adequate level of security for the freedom and rights of individuals.

The European Commission has so far recognized Andorra, Argentina, Canada (commercial organizations), Faroe Islands, Guernsey, Israel, Isle of Man, Japan, Jersey, New Zealand, Switzerland, and Uruguay as providing adequate protection.

Here you can monitor countries if new countries enter. There are ongoing talks with South Korea and the procedure for the adequacy decision of the UK has been launched on February 19th: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en

In case of an adequacy decision, you can transfer data (being compliant with all other GDPR requirements).

In case the adequacy decision is missing you can either apply appropriate safeguards under article 46 GDPR adopting:

  • Standard contractual clauses approved by the EU Commission
  • Agreements approved by Surveillance Authorities
  • And (of course) Binding Corporate Rules.

2.Which EU region has the toughest interpretation of GDPR?

It is hard to say because the EU Surveillance Authorities of the 27 Member State meet in the European Data Protection Board (EDPB) where they adopt Guidelines to harmonize interpretation among EU countries and avoid different levels of interpretation.

Here you can find more information on data transfer under GDPR:

You can also consider enrolling in this free online training EU GDPR Foundations Course: https://training.advisera.com/se/eu-gdpr-foundations-course//

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Feb 24, 2021

Feb 25, 2021

Suggested Topics

Guest user Created:   Sep 24, 2021 EU GDPR
Replies: 0
0 0

Conversion to UK version of GDPR

Guest user Created:   Sep 21, 2021 EU GDPR
Replies: 2
0 0

Application of GDPR to emailed CVs