EEA data

Transfers from a European Data Subject: Data Subject→Controller (US)→Processor (US)

By David A. Zetoony, Carsten A. Kociok & Andrea C. Maciejewski on March 24, 2022

Posted in Data collection, EEA, European Data Protection Board, European Union, GDPR, Online tracking, SCC

The following is part of Greenberg Traurig’s ongoing series analyzing cross-border data transfers in light of the new Standard Contractual Clauses approved by the European Commission in June 2021.

Visual	Description and Implications
	The EDPB has taken the position that a data subject “cannot be considered a controller or processor,”1 and, as a result,

…

Transfers from a European Data Subject: Data Subject→Controller (US)→Controller (US)

By David A. Zetoony, Carsten A. Kociok & Andrea C. Maciejewski on March 22, 2022

Posted in Data collection, EEA, European Data Protection Board, European Union, GDPR, Online tracking, SCC

The following is part of Greenberg Traurig’s ongoing series analyzing cross-border data transfers in light of the new Standard Contractual Clauses approved by the European Commission in June 2021.

Visual	Description and Implications
	The EDPB has taken the position that a data subject “cannot be considered a controller or processor,”[1] and, as a result,

…

Transfers from a European Data Subject – Data Subject→Controller (US)

By David A. Zetoony, Carsten A. Kociok & Andrea C. Maciejewski on March 17, 2022

Posted in Data collection, EEA, European Data Protection Board, European Union, GDPR, Online tracking, SCC

The following is part of Greenberg Traurig’s ongoing series analyzing cross-border data transfers in light of the new Standard Contractual Clauses approved by the European Commission in June 2021.

Visual	Description and Implications
	The EDPB has taken the position that a data subject “cannot be considered a controller or processor.”1 As a result, the

…

Other Transfers from EEA Controller Controller A (EEA)→Employee of Controller A (non-EEA)

By David A. Zetoony, Carsten A. Kociok & Andrea C. Maciejewski on March 16, 2022

Posted in Data collection, EEA, GDPR, Online tracking

The following is part of Greenberg Traurig’s ongoing series analyzing cross-border data transfers in light of the new Standard Contractual Clauses approved by the European Commission in June 2021.

Visual	Description and Implications
	Background. Company A is a European legal entity that does not have a legal presence in Country Q. Company A has

…

Transfers from a US Controller to EEA processors (Renvois) Controller (US)→Processor (EEA) (on deck) (Basic Renvoi)

By David A. Zetoony, Carsten A. Kociok & Andrea C. Maciejewski on March 15, 2022

Posted in Data collection, EEA, European Union, GDPR, SCC

The following is part of Greenberg Traurig’s ongoing series analyzing cross-border data transfers in light of the new Standard Contractual Clauses approved by the European Commission in June 2021.

Visual	Description and Implications
	Cross border transfers in the United States don’t need a SCC. Company A is not required under U.S. law or the GDPR

…

Transfers from a US Controller to EEA processors (Renvois): Controller (US) → Processor (US) → Sub-processor (EEA) → Processor (US)

By David A. Zetoony, Carsten A. Kociok & Andrea C. Maciejewski on March 4, 2022

Posted in Data, Data collection, Data Privacy & Cybersecurity, EEA, European Union, SCC

The following is part of Greenberg Traurig’s ongoing series analyzing cross-border data transfers in light of the new Standard Contractual Clauses approved by the European Commission in June of 2021.

Visual	Summary
	Cross border transfers in the United States don’t need a SCC. Company A is not required under U.S. law or the GDPR to

…

Transfers from EEA Controller to non-EEA Processor: Controller A (EEA) → Processor Z-1 (US), Processor Z-2 (Non-EEA), Processor Z-3 (Non-EEA), etc.

By David A. Zetoony, Carsten A. Kociok & Andrea C. Maciejewski on March 2, 2022

Posted in Data, Data collection, Data Privacy & Cybersecurity, EEA, European Union, SCC

Visual	Summary
Overview of situation. Company A in the EEA retains Company Z-1 in the US to process personal data. Company Z-1 intends to

…

Transfers from EEA Controller to non-EEA Processor: Controller A (EEA) → Processor Z (non-EEA) → Processor X (Non-EEA) → Controller A (EEA)

By David A. Zetoony, Carsten A. Kociok & Andrea C. Maciejewski on February 28, 2022

Posted in Data, Data collection, Data Privacy & Cybersecurity, EEA, European Union, Online tracking, SCC

Visual	Summary
	1st Transfer: SCC Module 2. Initial cross-border transfer from EEA to Country Q utilizes the SCC Module 2 designed for transfers from

…

Transfers from EEA Controller to EEA Processor: Controller (EEA)→ Processor (EEA) → Affiliated Processor (US) (data directly sent from controller to processor in the US)

By David A. Zetoony, Carsten A. Kociok & Andrea C. Maciejewski on February 18, 2022

Posted in Data, Data collection, EEA, European Union, Online tracking, SCC

The following is part of Greenberg Traurig’s ongoing series analyzing cross-border data transfers in light of the new Standard Contractual Clauses approved by the European Commission in June 2021.

Visual	Implications
	Background. Company Z-1 and Company Z-2 are corporate affiliates who are under common ownership or control, but are separate legal entities. Data is

…

Transfers from EEA Controller to EEA Processor: Controller (EEA)→ Processor (EEA) → Affiliated Processor (US)

By David A. Zetoony, Carsten A. Kociok & Andrea C. Maciejewski on February 16, 2022

Posted in Data collection, EEA, European Union, GDPR, Online tracking, SCC

The following is part of Greenberg Traurig’s ongoing series analyzing cross-border data transfers in light of the new Standard Contractual Clauses approved by the European Commission in June 2021.

Visual	Implications
	Background. Company Z-1 and Company Z-2 are corporate affiliates under common ownership or control, but are separate legal entities. Data is being directly

…

Data Privacy Dish

EEA data

Transfers from a US Controller to EEA processors (Renvois): Controller (US) → Processor (US) → Sub-processor (EEA) → Processor (US)

Transfers from EEA Controller to non-EEA Processor: Controller A (EEA) → Processor Z-1 (US), Processor Z-2 (Non-EEA), Processor Z-3 (Non-EEA), etc.

Transfers from EEA Controller to non-EEA Processor: Controller A (EEA) → Processor Z (non-EEA) → Processor X (Non-EEA) → Controller A (EEA)

Transfers from EEA Controller to EEA Processor: Controller (EEA)→ Processor (EEA) → Affiliated Processor (US) (data directly sent from controller to processor in the US)

About Greenberg Traurig