Can SCCs Be Used Only for International Data Transfers Under the GDPR?
ANSWER
The EEA SCCs have been approved by several other jurisdictions as a data transfer mechanism (e.g., the United Kingdom and Switzerland). Such approval has been granted under national data protection laws, with only limited formal adaptations of the SCCs to fit the respective domestic legal frameworks. This can significantly facilitate compliance with applicable data protection requirements for companies operating in those jurisdictions as well.
Some countries have developed model contractual clauses that share many characteristics with the European SCCs. Such clauses have been adopted both at the national level (e.g., New Zealand and Argentina) and by regional organizations (e.g., the clauses adopted by the Ibero-American Data Protection Network and the Association of Southeast Asian Nations (ASEAN)).
Work on model contractual clauses for international data transfers is also being carried out within the framework of the Consultative Committee of Council of Europe Convention No. 108.
The above answer is based on an official document of the European Commission.
You can review it at: https://ec.europa.eu/info/sites/default/files/questions_answers_on_sccs_en.pdf
A translated version of this document is also available on our blog under the title: "Standard Contractual Clauses (SCCs) – Questions and Answers".
References
- https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/international-data-transfer-agreement-and-guidance/
- https://www.edoeb.admin.ch/edoeb/en/home/data-protection/handel-und-wirtschaft/transborder-data-flows.html
- https://privacy.org.nz/responsibilities/disclosing-personal-information-outside-new-zealand
- https://www.redipd.org/sites/default/files/2021-11/red-iberoamericana-clausulas-contractuales-2021.pdf
- https://asean.org/wp-content/uploads/3-ASEAN-Model-Contractual-Clauses-for-Cross-Border-Data-Flows_Final.pdf
