What Is the Difference Between SCCs Adopted by National Supervisory Authorities and SCCs Adopted by the European Commission?
ANSWER
Article 28(8) GDPR empowers national supervisory authorities to adopt standard contractual clauses (SCCs) for use in relationships between controllers and processors.
If a national supervisory authority adopts its own SCCs, those clauses apply only within the territorial jurisdiction of that authority. Whether other supervisory authorities will recognize or accept the use of such SCCs depends on their individual decisions.
By contrast, SCCs adopted by the European Commission pursuant to Article 28(7) GDPR may be used throughout the entire EEA and are binding on all supervisory authorities within the EEA.
The validity of SCCs adopted by the European Commission may only be challenged before the Court of Justice of the European Union (CJEU).
As a result, SCCs adopted by the European Commission provide a harmonized approach across the EEA and offer the legal certainty associated with an EU legal instrument.
The above answer is based on an official document of the European Commission.
You can review it at: https://ec.europa.eu/info/sites/default/files/questions_answers_on_sccs_en.pdf
A translated version of this document is also available on our blog under the title: "Standard Contractual Clauses (SCCs) – Questions and Answers".
