LIVE VIRTUAL TRAININGS
Learn in small groups from top experts and real-life examples

Expert Advice Community

Guest

GDRP - Transfer to the US

  Quote
Guest
Guest user Created:   May 17, 2018 Last commented:   May 17, 2018

GDRP - Transfer to the US

My company is based in the US but has several affiliates / subsidiaries in the EU.
0 0

Assign topic to the user

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Andrei Hanganu May 17, 2018
1. If an EU affiliate brings in a new hire and takes down their personal data, and it gets stored on my company’s global HR platform or on hard drives or serves in the US, is that a cross border transfer?
2. Does the fact that it is a US company holding the data make a difference? In other words, has the Commission decided that the US ensures an adequate level of protection?
3. And most importantly, what agreements or series of agreements should I have in place for a US company with EU affiliates?

Answers:

1. Yes it does, the fact that the HR platform is hosted in the US is consistent with a cross border transfer of personal data.
2. The EU Commissions has not issued a adequacy decision for the US. So, the answer would be no. However there is Privacy Shield which was developed by the EU and US provide companies on both sides of the Atlantic with a mechanism to comply with data protection requirements when transferring personal data from the European Union and Switzerland to the United States in support of transatlantic commerce. So if the US subsidiary is certified according to Privacy Shield the transfer is permitted.
3. You can chose to rely on Privacy Shield as a safeguard for the transfer or you can have a Intragroup Data Transfer Agreement based on Standard Contractual Clauses between the EU to and US entity.

To find out more about cross border data transfers check out our webinar “ How to make personal data transfers to other countries compliant with GDPR” https://advisera.com/eugdpracademy/webinar/how-to-make-personal-data-transfers-compliant-with-gdpr-free-webinar-on-demand/
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

May 17, 2018

May 17, 2018

Suggested Topics

Guest user Created:   Dec 02, 2021 EU GDPR
Replies: 1
0 0

Transfer impact assessment

Guest user Created:   Jul 08, 2021 EU GDPR
Replies: 1
0 0

Transfer of pesonal data under GDPR

Guest user Created:   Jul 07, 2021 EU GDPR
Replies: 1
0 0

Transfer mechanisms