If an organization uses electronic services or other services provided to them by business partners based in the USA or another country outside of EU/EEA, it is likely that it also transfers some personal data to that country. In that case, the data needs to be protected by appropriate safeguards.
In this course, participants will learn which data protection measures are provided by the GDPR and in which situations to implement them. We will also take a look at the present events – status of the UK after Brexit, proposal of the new standard contractual clauses (SCC), and status of the USA after the invalidation of Privacy Shield.
- Overview of appropriate data protection measures – advantages and limitations
- Analysis of the standard contractual clauses (SCC)
- What should an organization pay attention to if it services of US-based companies (e.g. Mailchimp, Cloudflare, etc.)
- Exemptions to the application of protection measures
- Binding corporate rules (BCR)
- Status of the UK in relation to data transfers
- Transferring data to neighbouring countries (Bosnia and Herzegovina, Serbia, Macedonia, and others)