Kürzlich haben wir die Kriterien für das Kapitel 6 – Datenschutzmanagement – des DSGVO – information privacy standard erklärt. Nun folgt Kapitel 7 dieser Blogreihe: Datenverarbeitung außerhalb der EU (P.7.1) und Vertreter innerhalb der EU (P.7.2). Datenverarbeitung außerhalb der EU Zunächst einmal bescheinigt ein Zertifikat nach dem DSGVO – information privacy standard NICHT die Rechtmäßigkeit […]
standard contractual clauses

„Old“ Standard Contractual Clauses to be Invalid as of the End of December (27.12.2022)
The European Commission decided on new Standard Contractual Clauses (SCCs) in June 2021. After 27 December 2022, only these „new“ SCCs may be used without exception. What does that mean for companies and organizations? If personal data is transferred to processors (or their sub-processors) or to controllers in a country outside the EU or the […]

The CJEU rules in favour of Schrems and invalidates Privacy Shield Decision
In a landmark ruling (‘Data Protection Commissioner v Facebook Ireland and Maximilian Schrems’)[1], the CJEU invalidated the Privacy Shield Decision[2], whereby the Commission had determined that the United States ensured an adequate level of protection for personal data transferred from the Union to organisations in the US. Many organisations involved in transborder data transactions will […]

Deal or No Deal, Brexit is Coming
Whether or not the United Kingdom (UK) and the European Union (EU) can agree on an exit deal, the UK will be leaving the EU come March 30, 2019. Although the UK plans to incorporate the General Data Protection Regulation (GDPR) into national law there will still be some data privacy issues that arise as […]