Search

How can we help?

Privacy and Data Protection

International transfers

 

Political and legal developments mean the rules underpinning international data flows are constantly evolving. Our data protection team keep up-to-date on the changing guidance and advise on the most complex global transfers and data sharing arrangements.

“Very professional, knowledgeable and accessible lawyers.” 

Chambers and Partners

FAQs – International transfers

This refers to the act of sending or transmitting personal data from one country to another. It also covers when an organisation makes personal data available to another entity located in another country, i.e. such data being accessible from overseas.

The UK GDPR contains rules on the transfer of personal data to outside the UK, where these rules apply to all transfers, no matter the size of the transfer or how often you carry them out.

Yes, you can provided you have the correct arrangements in place. Transfers from the UK to the EEA do not require any new arrangements, however transfers (known as ‘restricted transfers’) to ‘third countries’, will require additional safeguards.

This will depend on a case-by-case basis, however before making a restricted transfer, you should consider if the personal data needs to be sent, and whether any personal data could be anonymised so that it is not possible to identify individuals.

Broadly, the following questions should be considered under the UK GDPR before a restricted transfer is made:

  • Is the restricted transfer covered by ‘adequacy regulations’?
  • Is the restricted transfer covered by appropriate safeguards?
  • Is the restricted transfer covered by an exception?

Key contacts

Read, listen and watch our latest insights

art
  • 18 March 2024
  • Privacy and Data Protection

Consent or pay: issues and considerations, Meta’s potential breach

The ICO has stated that any organisation considering using “consent or pay” must ensure that the consent to processing of personal data for personalised advertising is being given freely, and is fully informed.

art
  • 13 March 2024
  • Privacy and Data Protection

21 March 2024 Deadline: Are your international data transfer agreements compliant?

If your organisation transfers personal data from the UK to another country, it needs to comply with statutory requirements to ensure adequate levels of protection for that data are in place.

art
  • 06 March 2024
  • Privacy and Data Protection

Personal Data Breaches – How do I deal with them?

This article will provide an overview of the steps to take when experiencing a personal data breach.

Pub
  • 05 March 2024
  • Privacy and Data Protection

How do I protect my business in the event of a personal data breach?

Don’t let your business fall victim to personal data breaches. Join Louise Keenan and Rebecca Dowle, for a quick overview of how to protect your business.

Pub
  • 05 March 2024
  • Privacy and Data Protection

AI Podcast: AI and Intellectual Property

In the second of our three-part ‘AI Podcast’ series, Jacob Montague and Lucy Densham Brown, will be exploring how artificial intelligence (AI) interacts with intellectual property rights (IP rights).

art
  • 19 February 2024
  • Privacy and Data Protection

The role of Data Protection Officers in ensuring compliance

How many of us receive marketing calls for products and services we did not sign up for?