Connect to a new world of efficiency by utilising cleversoft’s business solutions.
On June 7th, new Standard Contractual Clauses (SCCs), for the transfer of personal data to third countries, were published in the Official Journal of the European Union. My team and I are constantly monitoring the evolution of the Regulation EU 2016/679 (General Data Protection Regulation “GDPR”), and here’s what we’ve learned so far about the latest changes.
As it is emphasized by the European Commission, the new SCCs are intended to align with the requirements under the GDPR and the judgement by the Court of Justice of the European Union on the Schrems II case.
The new SCCs come into force on 27 June, 2021, and companies shall adopt the new SCCs until 27 September, 2021. All existing contracts for third-country transfers must be converted to the new SCCs by 27 December,2022.
The new SCCs cover all requirements stated in Art.28 of the GDPR. Therefore, once parties have the new SCCs in place, there will be no need for signing a separate Data Processing Agreement.
Prior to signing the new SCCs, parties will be required to assess and document the level of data protection in the third country. In case of a risk, parties must ensure supplementary measures are in place to mitigate such risk, and that personal data is protected in accordance with the standards laid out in the GDPR.