Please enable JavaScript.
Coggle requires JavaScript to display documents.
12-transfers outside EEA only if (TRANSFER= transit+processing) (PRIVACY…
12-
transfers outside EEA only if
(TRANSFER= transit+processing)
1-
ADEQUATE LEVEL OF PROTECTION
assessed by Commission based on
local laws, dp rules, protection of fundamental rights,
DSrights and redress mechanism
DPA presence
international commitments or conventions re dp
PRIVACY SHIELD
notice
choice
accountability for onward transfer
security
data integrity/purpose limitation
access
recourse/enforcement/liability
2-
ADEQUATE SAFEGUARDS
provided that enforceable
DS rights
and
legal remedies
are in place
legally binding instrument btw public bodies
BCRs
(transfers within corporate groups)
approved by DPA via
consistency
mechanism
contact details of group entities
data transfers
their legally binding nature
general dp principles
DS rights and how to exercise them
acceptance by EEA based entity of liability for breaches by extra EEA entities
complaint procedure
cooperation mechanism with DPA
standard clauses approved by Commission
approved code of conduct
approved certification mechanism
contractual clauses specifically approved for a purpose and approved by competent DPA
3-
DEROGATIONS
DS
consent
substantial public interest
performance of contract
btw exporter and DS,
or btw exporter and 3rd party if contract is in DS interest/request
legal claims
vital interest of DS/other person
public registers
non repetitive transfers
if limited DSs,
legitimate interest
, safeguards, notification to DPA and DS
NO transfer
:no_entry:
tech
routing of data packets
through servers located worldwide(e.g. email)
access to PD by
travelers
being for a short period in a non-adequate country