German Supervisory Authority Publishes New Standard Clauses for Processors

By Kristof Van Quathem & Anna Oberschelp de Meneses on April 10, 2020

On April 9, 2020, the German Supervisory Authority of Baden-Wuerttemberg published standard contractual clauses for data processors pursuant to Article 28(8) GDPR. It is the first German Supervisory Authority to do so, and the second in EU after the Danish Supervisory Authority published its own standard clauses in July 2019. However, while the Danish clauses…

EDPB Publishes Article 28 Standard Clauses Adopted by Danish Supervisory Authority

By Kristof Van Quathem & Nicholas Shepherd on December 13, 2019

Posted in Data Privacy, EU Data Protection, European Union

On December 11, 2019, the European Data Protection Board (“EDPB”) published the final text of the standard clauses adopted by the Danish Supervisory Authority (Datatilsynet, hereafter “Danish SA”) pursuant to Article 28(8) of the General Data Protection Regulation (“GDPR”). The Danish clauses are now accessible on the EDPB’s register of decisions taken by Supervisory Authorities. The Danish clauses serve as a standard data processing agreement that controllers and processors may choose to adopt to fulfill the requirements of Article 28(3) and (4) of the GDPR. However, note that these SCCs are not standard data protection clauses under Article 46(2)(c) or (d) of the GDPR, and as such, cannot serve as a valid legal mechanism to transfer personal data outside the European Economic Area (“EEA”).
…
Continue Reading EDPB Publishes Article 28 Standard Clauses Adopted by Danish Supervisory Authority

Inside Privacy

Article 28 GDPR

About this Blog