• Skip to primary navigation
  • Skip to main content
  • Skip to footer
  • 020 3330 7010
  • marketing@allresponsemedia.com
  • E-mail
  • Facebook
  • Instagram
  • LinkedIn
  • Twitter
  • YouTube
ARM logo

All Response Media

  • Home
  • About ARM
    • About ARM
    • Meet the Team
  • Our Services
    • TV
    • Digital
      • PPC
      • SEO
      • CRO
      • Social Media
      • Programmatic
    • Offline Media
      • TV
      • TV Execution
      • Press
      • Radio
      • Inserts
      • Door to Door
      • Outdoor
      • DRTV
    • Analytics
    • ARMalytics®
  • Success Stories
    • Client Success Stories
    • TV Star Competition UK
    • TV Star Competition NL
    • Our Work With Startups
  • Content Hub
  • Careers
  • Contact Us
You are here: Home / GDPR / What is an international data transfer under the GDPR?

What is an international data transfer under the GDPR?

18th November 2022 by Nathan Onojeghuo

International Data Transfers (EU and Adequacy Decision’s) 

The GDPR was established to protect the rights and freedoms of all individuals whilst utilising their data. Although the GDPR is a European established regulation, the same rights can apply internationally to countries outside of the EU and EEA. The concept of globalisation has established growth in trade, investment, the economy, technology and more. However, as of recent, the utilisation of data has become a key contributor as a tool used to improve industries worldwide.  

Nathan Onojeghuo
Data Protection Executive

Although, the GDPR alongside the control from the EU commission has included regulations over countries who have the right to transfer and process data into EU countries and vice versa. All EU member states have the right to process data internationally amongst themselves.  

On the other hand, the EU commission has set out it’s power to grant non-EU members with this same right using the ‘Adequacy Decision’. The commission grants the decision to countries, sectors, and territories with an adequate level of national data protection compliance. In addition, a strict criterion is required which assesses: the respect for rule of law, accesses to justice, human rights standard, an effective judicial and democratic doctrine and a close view on any other international obligations or commitments. The commission also can repeal, amend or suspend processing if required. Once the criteria are matched to be deemed ‘adequate’, countries including the UK, Switzerland, Japan and Israel have the authority to freely transfer data within the EU.  

International Data Transfers (Safeguards) 

The question is then asked, how are countries who are not an EU member state or acknowledged under the adequacy decision able to transfer data? Under the GDPR, safeguards have been established to aid countries and individual companies with international data transfers with member states. The adoption of safeguards also allows member states to transfer data to these non-adequate countries.  

  1. Standard Contractual Clauses  

The standard contractual clause (SCC) establishes the contractual basis for countries within the EU/EEA to share data with a third party. Although, to ensure the transferred data will be handled and protected by the third country, certain requirements can be placed. For example, in addition to a SCC, a data processing agreement (DPA) can be signed with the other party. this agreement will lay down processes and requirements that must be upheld to processes data. This may include components such: technical and organisational measures, the use of audits and internal compliance practices.  

  1. Approved Codes of Conduct and Certification Mechanisms  

Approved codes of conduct are created and revised by associations that represent the data compliance of processors and controllers. These codes of conduct display aid to companies through the application of the GDPR, helping to demonstrate compliance, creates market efficiencies and to facilitate international data transfers. Once this mechanism is applied, the codes are binding and enforceable. This therefore means that once granted, the monitorisation and requirement to remain compliant is mandatory under supervision of the accredited monitoring bodies.  

As for certifications, under article 42 and 43 of the GDPR, a seal or mark of approval is given to a company when they are able to demonstrate an adequate level of compliance. However, this safeguard is subject to renewal every 3 years.  

  1. Ad Hoc Contractual Cluses  

For companies who may possess an international chain of branches all around the world (Inside and out of the EEA) the Ad Hoc safeguard is a suitable option for intra data transfers. This applies to companies who engage in joint economic activity and corporate groups. This form of data transfer may be achieved through approval from supervisory bodies and application o Article 47 which addresses the detailed conditions at hand for international transfers.  

To see how All Response Media protects data, see our privacy policy to find out more.

FEATURED READS

Plans to reform post-brexit data rules

The EU & US announce new data-sharing agreement

Marketing effectiveness in the digital era

Contact us

Find out how our teams across London, Leeds and Amsterdam combine data science with digital and offline advertising to expand your business.

Contact Us Blog

ALL RESPONSE MEDIA SERVICES

Subscribe For More

Newsletter Signup

Footer

ARM logo

The Leading Performance Media Agency

Building businesses and brands by providing clients with an Unfair Competitive Advantage.
ARMalytics®

Get In Touch

London: Sutton Yard, 65 Goswell Road, EC1V 7EN
Phone: +44 (0) 20 3330 7000

Leeds: Marshalls Mill, Marshall Street, LS11 9YJ
Phone: +44 (0) 20 3330 8050

Amsterdam: Koivistokade 3, 1013 AC
Phone: +31 6 3761 9020

marketing@allresponsemedia.com

Privacy Policy | Cookie Policy | Modern Slavery Policy

  • E-mail
  • Facebook
  • Instagram
  • LinkedIn
  • Twitter
  • YouTube

Our Newsletter

Subscribe to receive exclusive media insights straight to your inbox. We respect your privacy.

Newsletter Signup

We are using cookies to give you the best experience on our website.

You can find out more about which cookies we are using or switch them off in settings.

ARM logo
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

Strictly Necessary Cookies

These cookies are essential to provide you with services available through our website and to enable you to use certain features of our website.

If you disable this cookie, we cannot provide you certain services on our website and we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.

Analytical and Performance Cookies

These cookies are used to collect information to analyse the traffic to our website and how visitors are using our website.

For example, these cookies may track things such as how long you spend on the website or the pages you visit which helps us to understand how we can improve our website for you.

The information collected through these tracking and performance cookies do not identify any individual visitor.

Please enable Strictly Necessary Cookies first so that we can save your preferences!

Advertising and Targeting Cookies

These cookies are used to show advertising that is likely to be of interest to you based on your browsing habits.

These cookies, as served by our content and/or advertising providers, may combine information they collected from our website with other information they have independently collected relating to your web browser's activities across their network of websites.

If you choose to remove or disable these targeting or advertising cookies, you will still see adverts but they may not be relevant to you.

Please enable Strictly Necessary Cookies first so that we can save your preferences!

Cookie Policy

More information about our Privacy Policy and Cookie Policy