GDPR : Data transfers outside the EU

The Data Protection Directive applies to countries of the European Economic Area (EEA), which includes all EU countries and in addition, non-EU countries Iceland, Liechtenstein and Norway.

Special precautions need to be taken when personal data is transferred to countries outside the EEA that do not provide EU-standard data protection.

Without such precautions, the high standards of data protection established by the Data Protection Directive would quickly be undermined, given the ease with which data can be moved around in international networks.

The Directive states that personal data can only be transferred to countries outside the EU and the EEA when an adequate level of protection is guaranteed.

The Data Protection Directive requires that data transfers should not be made to non-EU /non-EEA countries that do not ensure adequate levels of protection. However, several exceptions (or “derogations”) to this rule could be applicable.

Read more on international transfers of personal data:

Be the first to comment

Leave a Reply

Your email address will not be published.