In a global economy, many organisations will regularly transfer personal data outside of the EU, sometimes unwittingly where for example suppliers for example IT providers such as cloud computing services.
Data protection laws prohibit the transfer of personal data outside of the EU unless appropriate safeguards are put in place in order to ensure that the personal data is processed in a lawful and secure environment. This issue can be particularly relevant to organisations which are members of a multi-national group or where its business partners or suppliers are based outside of the EU.
Relevant safeguards can include adequacy arrangements approved by the EU such as the US-EU Privacy Shield, Binding Corporate Rules approved by relevant supervisory authorities and the inclusion of Model Clause in binding agreements between the relevant parties. Myerson can advise your organisation on the requirements for safeguards and provide you with appropriate documentation to ensure compliance.