All contracts that used the traditional Standard Contractual Clauses must be updated and repapered by 27 December 2022. To help companies comply with the deadline, Greenberg Traurig’s Data Privacy & Cybersecurity Group has compiled a 90-page guide explaining how to apply the new Standard Contractual Clauses in over 40 different transfer scenarios – ranging from

The Federal Rules of Civil Procedure, as well as state procedural rules, permit parties to a lawsuit to conduct discovery, in search of information and documents that may be relevant to the litigation. Parties can issue requests for documents, information (called interrogatories), and admissions of fact to other parties to the lawsuit; parties may use

The following is part of Greenberg Traurig’s ongoing series analyzing cross-border data transfers in light of the new Standard Contractual Clauses approved by the European Commission in June 2021.

  • Background. Company A is an EEA controller that utilizes Company Z, a processor based in Country Q. Company Z does not have a legal presence

The following is part of Greenberg Traurig’s ongoing series analyzing cross-border data transfers in light of the new Standard Contractual Clauses approved by the European Commission in June 2021.

  • Background. Company A is an EEA controller that utilizes Company Z, a processor based in Country Q. Company Z does not have a legal presence

The following is part of Greenberg Traurig’s ongoing series analyzing cross-border data transfers in light of the new Standard Contractual Clauses approved by the European Commission in June 2021.

  • Background. Company A is an EEA controller that utilizes Company Z, a processor based in Country Q. Company Z does not have a legal presence

The Federal Rules of Civil Procedure, as well as state procedural rules, permit parties to a lawsuit to conduct discovery, in search of information and documents that may be relevant to the litigation. Parties can issue requests for documents, information (called interrogatories), and admissions of fact to other parties to the lawsuit; parties may use

The following is part of Greenberg Traurig’s ongoing series analyzing cross-border data transfers in light of the new Standard Contractual Clauses approved by the European Commission in June 2021.

Visual Description and Implications
Background. Company A retains Company Z in Country Q to process personal data (e.g., collect personal data from data subjects). Company

The following is part of Greenberg Traurig’s ongoing series analyzing cross-border data transfers in light of the new Standard Contractual Clauses approved by the European Commission in June 2021.

Visual Description and Implications
  • Background. Company A transmits personal data to its processor Company Z, and then instructs its processor to onward transfer the personal

The following is part of Greenberg Traurig’s ongoing series analyzing cross-border data transfers in light of the new Standard Contractual Clauses approved by the European Commission in June 2021.

Controller A-1 (EEA) → Controller A-2 (Non-EEA)

Visual Description and Implications
  • Background. Company A-1 and Company A-2 are corporate affiliates that are under common ownership

On April 29, 2022, China’s National Information Security Standardization Technical Committee (commonly referred to as “TC260”) released a draft Technical Guideline on Personal Information Cross-Border Transfer Certifications (Cert Guideline). While the Cert Guideline is still in draft form and thus subject to change, it provides some clarification regarding the certification process for cross-border transfers of