Transfers under both UK and EU GDPR have become the number 1 challenge in Privacy since the Schrems II decision in July 2020 took down Privacy Shield, the adequacy decision that allowed for transfer of personal data to the USA. Since then, the whole area of transfers has been in flux – and fair to say a degree of panic.
Privacy Kitchen has great videos on transfers, including [YouTube cookies and privacy policy apply]:
While the EU and USA are closing in on a successor to Privacy Shield, it’s not in place yet, so those in the EEA need to look at the EDPB Recommendations on transfers and carry out a TIA when necessary. And those in the UK need to look at the UK ICO’s guidance and the upcoming TRA once it’s out of draft.
The first thing is to identify your transfers – which is where the quality of your Data Map and Processor Management comes in. We can help here and while we can work with any solution you have, we recommend Keepabl’s Privacy Management Software here as it easily highlights the information you need.
You then need to run through your TIA / TRA as appropriate and make your decision. We can help you with this whole process so you have clarity to make the best decision for your organisation.
SeeĀ all our Services