Transferring data between two databases in two different companies.
Assign topic to the user
You should first assess if the Canadian company applies GDPR to its data processing (i.e. the company processes data of EU individuals). In this case, no further measure shall be taken because GDPR allows the transfer of data inside the GDPR space.If the company does not apply GDPR, then it is required a written data transfer agreement between the two companies.
The data transfer agreement should reflect the standard contractual clauses as adopted by the EU Commission. These clauses are required to transfer data outside the EU providing sufficient safeguards but adopting it to import data from the Canadian company can help the Scottish company to demonstrate its accountability to GDPR principles.
GDPR is technology-neutral, so you can select the safest way to transfer those data among the two companies. You can find more information about data transfer here:3 steps for data transfer according to GDPR: https://advisera.com/articles/3-steps-for-data-transfers-according-to-gdpr/
Comment as guest or Sign in
Feb 25, 2020