Third-country data transfers

If an organization uses electronic services or other services provided to them by business partners based in the USA or another country outside of EU/EEA, it is likely that it also transfers some personal data to that country. In that case, the data needs to be protected by appropriate safeguards.

In this course, participants will learn which data protection measures are provided by the GDPR and in which situations to implement them. We will also take a look at the present events – status of the UK after Brexit, proposal of the new standard contractual clauses (SCC), and status of the USA after the invalidation of Privacy Shield.

Course contents

  • Overview of appropriate data protection measures – advantages and limitations
  • Analysis of the standard contractual clauses (SCC)
  • What should an organization pay attention to if it services of US-based companies (e.g. Mailchimp, Cloudflare, etc.)
  • Exemptions to the application of protection measures
  • Binding corporate rules (BCR)
  • Status of the UK in relation to data transfers
  • Transferring data to neighbouring countries (Bosnia and Herzegovina, Serbia, Macedonia, and others)


Vlatka Vuković


3 hours

Delivery formats

Live, online, or in-house



80 €


72 €


Two or more participants from the same company.
64 €

Applications and inqueries

We will use the submitted data exclusively to answer the inquiry and we will not use it for other purposes. For more information, read our Privacy Policy.