Show all guides
Europe
GDPR

European Data Protection Board issues guidelines on data transfer scope

Last update:
May 19, 2022

On November 19, 2021 the European Data Protection Board (EDPB) published new Guidelines regarding the interplay between Article 3 of the GDPR – which sets out the GDPR’s territorial scope – and the provisions on international transfers in Chapter V of the GDPR. The Guidelines aim to provide clarification as to what constitutes an international transfer, and how to implement a lawful transfer in accordance with GPPR if making such a transfer.The Guidelines provide three cumulative criteria that would categorise data processing as a transfer of personal data to a third country or an international organisation.

Key things to know

  • The data exporter (a controller or processor) is subject to the GDPR for the given processing;
  • The data exporter transmits or makes available the personal data to the data importer (another controller, joint controller or processor);
  • The data importer is in a third country or is an international organisation.
The full guidelines can be found
here

Related Guides

TikTok Slapped with $369 mil Fine over GDPR Violations

September 18, 2023

TikTok receives its second GDPR fine of 2023, this time over dark patterns in its sign up flow leading to children's accounts being set to public view
Europe
GDPR

France joins Austria in ruling that the use of Google Analytics violates the GDPR

May 17, 2022

Following the determination by the Austrian data protection authority (DPA) that the continuous use of Google Analytics violates the GDPR, the French data protection authority, or the Commission nationale de l’informatique et des libertés (CNIL) reached a similar conclusion....
Europe
GDPR
The information provided on this website does not, and is not intended to, constitute legal advice; instead, all information, content, and materials available on this site are for general informational purposes only