International Data Protection

Data transfers which are compliant with the law

Transferring Data Abroad

Many of our clients are global players and, as such, depend on their ability to send data on their employees or customers to bodies in other European, American or Asian countries, or to have such data processed in those countries. Data may be transferred within a corporate group or when use is made of external service providers in other countries.

Based on our experience in advising globally operating corporate groups with complex structures, we not only know which data protection compliance solutions are appropriate when transferring data to various countries abroad, we are also familiar with the national idiosyncrasies which affect the communication of these measures with data recipients. Make sure your projects benefit from our special knowledge.

The following PDF offers a summary of our “International Data Protection” services:

International data protection (PDF)

Tailored Solutions for International Data Transfers

The law requires additional protective measures to be taken as soon as personal data is sent outside the European Economic Area to a country or territory which does not ensure an “adequate level of protection”. This includes countries such as Japan and other Asian countries, as well as the USA. We offer solutions that are right for you:

  • Analyses of who holds data protection responsibility for various processes
  • Data transfer or commissioned data processing? Different situations call for different measures
  • Advice on which contractual solutions will best enable you to achieve your objective (e.g. standard contractual clauses or individual contracts)
  • Preparation of the required documents

Data Transfers between the EU and the US

The Safe Harbor framework provided additional mechanisms for ensuring an adequate level of data protection when personal data is transferred to the US. On October 6th 2015 the European Court of Justice declared these agreements invalid. The impact of this decision is substantial. To ensure that your data transfers to the US are compatible with the regulations, we provide alternatives to the Safe Harbor self-certification.

AEO Procedure for “Authorised Economic Operators”

Authorised Economic Operators (AEOs) enjoy a number of privileges under the customs law of the European Union. One of the requirements for AEO certification is that the operator meets certain security standards, including the screening of employees.

  • Our experienced consultants support you in implementing the measures stipulated by national customs administrations while ensuring that you continue to comply with data protection prohibitions and provisions.
  • Implementation of screening actions to reconcile master data with sanction lists in compliance with data protection regulations.
  • Advice on how to minimise impairments of employees’ rights to privacy.