EEA data

Subscribe to EEA data

The following is part of Greenberg Traurig’s ongoing series analyzing cross-border data transfers in light of the new Standard Contractual Clauses approved by the European Commission in June 2021.

Visual Implications
  • Background. Company Z-1 and Company Z-2 are corporate affiliates who are under common ownership or control, but are separate legal entities. Data is

The following is part of Greenberg Traurig’s ongoing series analyzing cross-border data transfers in light of the new Standard Contractual Clauses approved by the European Commission in June 2021.

Visual Implications
Transfers from EEA Controller to EEA Processor: Controller (EEA)→ Processor (EEA) → Affiliated Processor (US)
  • Background. Company Z-1 and Company Z-2 are corporate affiliates under common ownership or control, but are separate legal entities. Data is being directly

The following is part of Greenberg Traurig’s ongoing series analyzing cross-border data transfers in light of the new Standard Contractual Clauses approved by the European Commission in June 2021.

Visual Implications
Controller (EEA) Processor (EEA) → Employee of Processor (non-EEA)
  • Background. Company Z is a European legal entity that does not have a legal presence in Country Q. Company Z has an employee

The following is part of Greenberg Traurig’s ongoing series analyzing cross-border data transfers in light of the new Standard Contractual Clauses approved by the European Commission in June of 2021.

Visual Implications
  • 1st SCC Module 1. Initial cross-border transfer from Company A to Company B utilizes the SCC Module 1 designed for transfers from

The following is part of Greenberg Traurig’s ongoing series analyzing cross-border data transfers in light of the new Standard Contractual Clauses approved by the European Commission in June of 2021.

Visual

Implications
  • Initial cross-border transfer from the EEA to the US utilizes the SCC Module 1 designed for transfers from a controller to another non-EEA

  • Background. Company B-1 and Company B-2 are corporate affiliates who are under common ownership or control but are separate legal entities. Company B-2 is the processor of Company B-1. While data is being directly sent from Company A in Europe to Company B-2, Company B-2 is not acting as the processor of Company A;

  • Background. Company B-1 and Company B-2 are corporate affiliates who are under common ownership or control but are separate legal entities. While data is being directly sent from Controller A in Europe to Controller B-2 in the United States, Controller A has contracted only with Controller B-1 in Europe. Solid line indicates the data

Visual Implications
  • 1st SCC Module 1. Initial cross-border transfer from Company A to Company B utilizes the SCC Module 1 designed for transfers from a controller to a non-EEA Controller.
  • 2nd SCC Module 2. Pursuant to Section 8.7 of the 1st SCC, all subsequent onward transfers to non-adequate jurisdictions must also utilize the

Visual Implications
  • 1st SCC Module 1. Initial cross-border transfer from Company A to Company B utilizes the SCC Module 1 designed for transfers from a controller to a non-EEA Controller (1st SCC).
  • 2nd SCC Module 2. Pursuant to Section 8.7 of the 1st SCC, all subsequent onward transfers to non-adequate jurisdictions must also

Companies are allowed to transfer personal data outside the European Economic Area (EEA) if they are (1) transferring data to an entity that is within a country that has been recognized by the European Commission as ensuring an adequate level of protection or (2) they have put in place a European Commission-approved mechanism (a “safeguard”)