Search

2.1. The consequences for international data transfers in the event of a “no deal” Brexit In the event of a “no deal” Brexit, the United Kingdom will leave the European Union as of 1 February 2020 and will become

1.1. The consequences of the ratification of the Withdrawal Agreement, as amended, with regard to international data transfers If the Withdrawal Agreement, as amended, is ratified, the EU data protection rules will continue to apply in and to the

Note 1 → Will the transfers continue after the United Kingdom’s withdrawal ? If yes, is the transfer necessary? Bear in mind the principle of data minimization, which requires that you only process data that are necessary (and not only useful

I bought products online from a company based in Luxembourg. This company transmits my purchase history to one of its subsidiaries in the United Kingdom for the purpose of its stock management. Is the Luxembourg company authorised to transfer my

The so-called “EU-U.S. Privacy Shield Framework” (operational since 1 August 2016) protects the fundamental rights of anyone in the EU whose personal data is transferred to the United States of America for commercial purposes. The framework also

Since the entry into force of the GDPR on 25 May 2018, new transfer mechanisms are available to controllers or processors, who intend to transfer personal data to a third country with no adequate level of protection. These are: approved

Data exporters can use a series of appropriate safeguards enabling transfers to countries not offering an adequate level of protection. One of these safeguards is the possibility for controllers to offer adequate protection through a contract, which is binding for

International data transfers Any transfer of personal data, which are undergoing processing or which will be processed after the transfer, to a

Derogations under Article 49 are exemptions from the general principle that personal data may only be transferred to third countries if an adequate level of protection is provided for in the third country or if appropriate safeguards have been adduced

Transfers from a Luxembourg public authority or body to another public authority or body in a third country (i.e. outside the European Economic Area) may take place: with a legally binding and enforceable instrument between public authorities or bodies

Binding Corporate Rules ("BCRs") help ensure an adequate level of protection for data exchanged within a group of companies located both inside and outside the European Economic Area, and are ideal for a multinational group of companies

EU data protection rules apply to the European Economic Area and personal data may therefore be transferred freely between these countries, provided that the processing complies with the general principles of the GDPR (e.g. lawfulness of processing,  compatibility

When a country outside the EEA is not recognised by the European Commission as offering an adequate level of protection, there are several options that can be used to transfer personal data to these countries. The CNPD recommends, as its

Transfers of personal data may take place between different countries in the context of international cooperation in the field of Police and Justice, in accordance with existing international agreements or treaties. Cross-national supervisory authorities (e.g. Europol, Eurojust) apply

Any controller wishing to transfer personal data outside the EEA must first ensure that the country of destination offers an adequate level of protection. If the level of protection of the destination country can be considered adequate, the personal data

Le nouveau règlement renforce les droits existants et octroie aux individus une maîtrise accrue de leurs données personnelles, grâce à : Un droit à l'effacement des données élargi et un « droit à l'oubli » Lorsqu'une personne ne souhaite plus que

La réforme de la protection des données est un ensemble de mesures législatives proposé par la Commission européenne en 2012 pour actualiser et moderniser les règles contenues dans la directive de 1995 sur la protection des données (Directive 95/46/CE) et dans

La réforme apporte clarté et cohérence en ce qui concerne les règles à appliquer, et rétablit la confiance du consommateur, ce qui permettra aux entreprises de tirer pleinement parti des possibilités offertes par le marché unique numérique. Pour les entreprises, la

Le nouveau règlement prévoit un rôle plus important pour les autorités de protection des données tel que la CNPD. Ds amendes administratives dissuasives pourront être infligées en cas de traitement illicite ou d'abus constatés dans le cadre de l'utilisation de données