Webinar: Schrems II judgement and its relevance to personal data transfers outside the European Economic Area

10 Aug 2020

During the webinar we will present in detail the legal issues related to personal data transfers, with particular focus on the guidelines provided by the Court of Justice of the European Union (CJEU) in its judgement in the Schrems II case. Those issues are grouped into four blocks.

  1. Meaning of CJEU judgement in the Schrems II case
  • Invalidity of Commission Implementing Decision (EU) 2016/1250 concerning the Privacy Shield – arguments presented by CJEU
  • Assessment of admissibility of personal data transfers on the basis of standard contractual clauses (Commission Decision 2010/87, amended by Commission Implementing Decision (EU) 2016/2297)
  1. How to use available transfers mechanisms after the Schrems II judgement
  • Recommended order of use of the transfer mechanisms specified in GDPR
  • European Commission decisions confirming adequacy of protection in a third country (whitelisting)
  • Transfer of data with reservation of appropriate safeguards (standard data protection clauses, binding corporate rules, other instruments contemplated in the GDPR)
  • Derogations set out in Article 49 GDPR
  1. Obligations of the controller and the processor if standard data protection clauses are used
  • Standard data protection clauses approved by the European Commission versus contractual clauses approved by the supervisory authority – legal meaning of the differentiation
  • Types of standard data protection clauses
  • Obligation to carry out prior assessment if a data importer is able to meet the protection requirements arising from standard data protection clauses approved by the European Commissions – assessment criteria and method
  • Data transfers under standard data protection clauses versus the accountability principle
  1. Personal data transfers under derogations (Article 49 GDPR)
  • Data transfers under standard data protection clauses versus the accountability principle
  • Transfers or sets of transfers of personal data to a third country – legal meaning of the differentiation
  • Conditions for admissible personal data transfers under derogations contemplated in Article 49 GDPR
  • Personal data transfers justified by compelling legitimate interests pursued by the controller

We invite you to participate in the event.

visit the site