Performing an international data transfer requires either the receiving country to be deemed adequate or appropriate safeguards to be in place. One such safeguard is standard data protection clauses for an international data transfer.
Standard data protection clauses are a series of clauses which can be added to contracts between the transferring parties, which provide legally binding obligations on the parties to protect the data subjects personal data. These clauses must be adopted by the supervisory authority and cannot be altered from their approved form.
Since supervisory authorities have already approved a standard set of clauses, this safeguard is simple for an EU based organisation to adopt. The challenge is likely to come in gaining commitment from the none EU organisation to sign up to the clauses.
The following link provides access to the EU standard contractual clauses, but you should confirm with the supervisory authority before implementing these that they are suitable for your country. https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-countries_en
Mark Roebuck
Copyright: All information and articles provided represent the views of ProvePrivacy Limited and our contributors. They do not constitute legal or data protection advice. All rights reserved.