On July 24, 2020, the European Data Protection Board (the “EDPB”) published Frequently Asked Questions (the “FAQs”) on the judgment of the Court of Justice of the European Union (the “CJEU”) in the Schrems II decision (case C-311/18). In its judgment, handed down on July 16, 2020 (ACS Blog Summary) the CJEU upheld the validity of the Standard Contractual Clauses (the “SCCs”) the European Commission issued to support the lawful transfer of personal data to data processors outside of the EU. At the same time, it struck down the EU-U.S. Privacy Shield framework.
The Schrems II ruling changes the regulatory climate, heightens scrutiny, and alters how you comply with GDPR when making data transfers. To assist you in sorting through the implications of the Schrems II ruling for your company’s data transfer practices, click below for the EDPB FAQs, and our webinar on the Schrems II ruling.
Download the EDPB FAQs by clicking here.
View the Schrems II ruling by clicking here
We invite you to a 30-minute consultancy to discuss your specific challenges in complying with GDPR post the Schrems II ruling. Furthermore, we can support you in assessing how to mitigate the compliance risk of your existing data transfers strategically, legally, operationally with emphasis on practical solutions.
Here at Achieved Compliance, we make GDPR compliance easy and straightforward. Contact us today.
The European Commission’s announced in December that it has begun its process to adopt an adequacy decision for the EU-U.S. Data Privacy Framework (the Framework). Companies seeking to transfer data from countries in the European Union to the United States will need to take steps to be in alignment with this new change.