Home

Some companies that have chosen us

Privacy Officer and Privacy Consultant
CDP Scheme according to ISO/IEC 17024:2012
European Privacy Auditor
ISDP©10003 Certification Scheme according to ISO/IEC 17065:2012
Auditor
According to standard UNI 11697:2017
Lead Auditor ISO/IEC 27001:2022
According to standard ISO/IEC 17024:2012
Data Protection Officer
According to standard ISO/IEC 17024:2012
Anti-Bribery Lead Auditor Expert
According to standard ISO/IEC 17024:2012
ICT Security Manager
According to standard UNI 11506:2017
IT Service Management (ITSM)
According to the ITIL Foundation
Ethical Hacker (CEH)
According to the EC-Council
Network Defender (CND)
According to the EC-Council
Computer Hacking Forensics Investigator (CHFI)
According to the EC-Council
Penetration Testing Professional (CPENT)
According to the EC-Council

Professional qualifications

Stay up-to-date with world news!

Select your topics of interest:

News

Home / News
/
POLISH SUPERVISORY AUTHORITY: data transference to third countries in compliance with the GDPR

POLISH SUPERVISORY AUTHORITY: data transference to third countries in compliance with the GDPR

New Standard Contractual Clauses for transferences of data out of the European Economic Area (EEA) in compliance with the GDPR and for complex transference of data which are frequently affected not only two, but also more entities.

On the 27th June 2021 will enter in force the decision of the European Commission n. 2021/914 on Standard Contractual Clauses for transference of personal data towards third countries. It substitutes the previous decisions which have been adopted in based on the Directive n. 95/46/CE that require an adaptation to the GDPR.

Standard Contractual Clauses are adequate guarantees according to the article 46 of the GDPR in order to permit the transference of personal data out of the European Economic Area. Standard Contractual Clauses refers to different scenarios of transferences:

  • Transference of data between data controllers
  • Transference of data from a data controller to a processor in a third country
  • Transference of data among data processors
  • Transference of data from a data processor to a controller in a third country

Previous decisions of the European Commission, for example the Decision 2001/497/CE and the decision 2010/87/UE, will expire on the 27th of September 2021.

At the same time, contracts end before the 27th of September 2021 on the basis of the same previous decisions CE offer adequate guarantees according to the article 46, paragraph 1 of the GDPR until the 27th of December 2022, under the condition that the mentioned processing by the object of the contract remain unchanged and that the application of these clauses guarantee that the personal data processing is submitted to a adequate guarantees.

The implementation of these Standard Contractual Clauses does not exclude the need to assess the transference required in order to guarantee the compliance with the Schrems II Judgement of the EUCJ and possibly to adopt measures in addition to standard contractual clauses.

SOURCE: AUTORITA’ PER LA PROTEZIONE DEI DATI DELLA POLONIA – UODO

Recommended to you

Advanced Research