The transfer of data to Great Britain/EU Commission declares Great Britain a secure third country in accordance with Article 45 of the GDPR

After Brexit, the transfer of data to Great Britain required proof that the data was also secure in the recipient country.

The European Union and the British government temporarily reached a trade agreement. The so-called TCA provided transitional regulations until June 30, 2021.

The EU Commission issued a so-called adequacy decision on 28 June 2021, shortly before the end of the transitional regulation. This decision declares in accordance with Article 45 of the General Data Protection Regulation (GDPR) that the UK is a safe third country in terms of data protection after leaving the European Union.

Thus, the transfer of personal data to Great Britain is generally safe, and other bilateral agreements are generally not required to ensure the level of data protection.

The European Union Commission has established Standard Contractual Clauses (SCCs) for these bilateral contracts between the sender and receiver of personal data. With the conclusion of these EU standard contractual clauses, transfer between contracting parties is usually free of consent.

After the European Court of Justice repealed the EU’s Standard Contractual Clauses with its Schrems II decision, a new SCC has been available to the EU Commission since 4 June 2021. It takes into account both the provisions of the General Data Protection Regulation and the ECJ’s objections to the Schrems II decision.

If you conduct regular business operations with partners outside the European Union, you may need to take action under data protection law. Our law firm specializes in data protection law and supports you in structuring your business operations with partners outside the European Union in a legally secure manner.