• Nikolay Zisov
    +359 2 8 055 055
  • Deyan Terziev
    Senior Associate
    +359 2 8 055 055

The European Commission Issues Modernised Standard Contractual Clauses Under the GDPR

On 4 June 2021, the European Commission issued standard contractual clauses for use between controllers and processors, and modernised standard contractual clauses for international transfers under the General Data Protection Regulation (the GDPR). The modernised standard contractual clauses will replace the three sets of standard contractual clauses for data transfers to third countries that were adopted under the previous Data Protection Directive 95/46.

The modernised clauses cover data transfers from controllers or processors in the EU/EEA (or otherwise subject to the GDPR) and data transfers to controllers or processors established outside the EU/EEA (and not subject to the GDPR).

1. Standard contractual clauses for use between controllers and processors

The GDPR has specific requirements with respect to the contracts that must be concluded between personal data controllers and processors. The new standard contractual clauses clarify the respective legal provisions and provide an easy to implement template that is expected to contribute to smoother contractual negotiations in the future.

2. Standard contractual clausesfor transfers of personal data from the EU/EEA to third countries

Standard contractual clauses are the most popular legal tool for enabling transfers of personal data to third countries. The modernized clauses substituting the previous templates take into account the requirements of the GDPR and the Schrems II judgement of the European Court of Justice. There is an 18-month transitional period to implement the new template for controllers and processors that are currently using previous sets of standard contractual clauses.

In case you have questions, our team will be happy to assist you.


Copyright picture: