The European Union has adopted on Friday 4th of June two new standard contractual clauses on agreements between controllers and processors and on transferences of personal data to third countries.
New contractual clauses on personal data transferences to third countries are replacing the existent standard contractual clauses on transference of data. Standard contractual clauses are completely new.
The Standard Contractual Clauses of the Commission (SCC) are one of the transference instruments defined into the chapter V of the GDPR. They define the obligations of the exporter and importer of data in order to protect personal data. New Standard Contractual Clauses are aimed to increase the legal predictability for European companies and to promote the free circulation of data among fronters. In particular, they will help SMEs to respect requirements for the safe personal data processing.
Standard Contractual Clauses to third countries were updated in order to comply to the General Data Protection Regulation and the so called Schrems II Judgment of the European Court of Justice. The usage of these Standard Contractual Clauses asks an assessment case by case and if the personal data transference guarantees a protection level equal to the European requirements and an assessment of the need of additional guarantees. A transitional period of 18 months has been planned for the introduction of the updated new Standard Contractual Clauses for third countries transferences.
1_en_act_part1_v5 (2) 1_en_annexe_acte_autonome_cp_part1_v5_0SOURCE: AUTORITA’ PER LA PROTEZIONE DEI DATI DELLA FINLANDIA