The following is part of Greenberg Traurig’s ongoing series analyzing cross-border data transfers in light of the new Standard Contractual Clauses approved by the European Commission in June 2021.
1 See New SCC Module 1 at 8.7. The position that a transfer between companies in the same non-EEA country requires a safeguard also accords with Article 44 of the GDPR which requires that “any transfer of personal data . . . after transfer to a third country” must take place pursuant to the restrictions in Chapter V of the GDPR.