Created: Oct 11, 2019 Last commented: Oct 14, 2019

Standard Contractual Clauses

Hi. There are currently two Standard Contractual Clauses - 'Controller to Controller' and 'Controller to Processor'. They are both built for the Controller to be the exporter of the data. We are an EU based company who will be receiving data from a Non EU based company. The Non EU based company is the controller of the data and we are the processor. My understanding is that the Controller sending the data does not need to take action when sending us the data as their government deems the EU laws 'adequate'. However, we carry out work on the data and then need to return the data file to the Controller (outside the EU). What actions does there need to be in place for this, if any? I do not see a Standard Contractual Clause that would cover this currently i.e a Processor exporting data back to a Non EU Controller. Your advice would be appreciated Kevin

0 1

Assign topic to the user

Select user

Expert

Andrei Hanganu Oct 14, 2019

In the situation described you would need to have in place Controller to Processor Standard Contractual Clauses. The non-EU Controller sending and receiving the data from you should see to that regardless if the exchange of data goes both ways.

If you want to find out more cross border data transfers check out this free webinar How to make personal data transfers to other countries compliant (https://advisera.com/webinars/how-to-make-personal-data-transfers-compliant-with-gdpr-free-webinar-on-demand/).

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Oct 11, 2019

Oct 14, 2019

Expert Advice Community