Commission Implementing Decision (EU) 2021/914 of 4 June 2021 on standard contrac... (32021D0914)
INHALT
Commission Implementing Decision (EU) 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council (Text with EEA relevance)
- COMMISSION IMPLEMENTING DECISION (EU) 2021/914
- of 4 June 2021
- on standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council
- (Text with EEA relevance)
- Article 1
- Article 2
- Article 3
- Article 4
- ANNEX
- STANDARD CONTRACTUAL CLAUSES
- SECTION I
- Clause 1
- Purpose and scope
- Clause 2
- Effect and invariability of the Clauses
- Clause 3
- Third-party beneficiaries
- Clause 4
- Interpretation
- Clause 5
- Hierarchy
- Clause 6
- Description of the transfer(s)
- Clause 7 – Optional
- Docking clause
- SECTION II – OBLIGATIONS OF THE PARTIES
- Clause 8
- Data protection safeguards
- MODULE ONE: Transfer controller to controller
- 8.1
- Purpose limitation
- 8.2
- Transparency
- 8.3
- Accuracy and data minimisation
- 8.4
- Storage limitation
- 8.5
- Security of processing
- 8.6
- Sensitive data
- 8.7
- Onward transfers
- 8.8
- Processing under the authority of the data importer
- 8.9
- Documentation and compliance
- MODULE TWO: Transfer controller to processor
- 8.1
- Instructions
- 8.2
- Purpose limitation
- 8.3
- Transparency
- 8.4
- Accuracy
- 8.5
- Duration of processing and erasure or return of data
- 8.6
- Security of processing
- 8.7
- Sensitive data
- 8.8
- Onward transfers
- 8.9
- Documentation and compliance
- MODULE THREE: Transfer processor to processor
- 8.1
- Instructions
- 8.2
- Purpose limitation
- 8.3
- Transparency
- 8.4
- Accuracy
- 8.5
- Duration of processing and erasure or return of data
- 8.6
- Security of processing
- 8.7
- Sensitive data
- 8.8
- Onward transfers
- 8.9
- Documentation and compliance
- MODULE FOUR: Transfer processor to controller
- 8.1
- Instructions
- 8.2
- Security of processing
- 8.3
- Documentation and compliance
- Clause 9
- Use of sub-processors
- MODULE TWO: Transfer controller to processor
- MODULE THREE: Transfer processor to processor
- Clause 10
- Data subject rights
- MODULE ONE: Transfer controller to controller
- MODULE TWO: Transfer controller to processor
- MODULE THREE: Transfer processor to processor
- MODULE FOUR: Transfer processor to controller
- Clause 11
- Redress
- Clause 12
- Liability
- Clause 13
- Supervision
- SECTION III – LOCAL LAWS AND OBLIGATIONS IN CASE OF ACCESS BY PUBLIC AUTHORITIES
- Clause 14
- Local laws and practices affecting compliance with the Clauses
- Clause 15
- Obligations of the data importer in case of access by public authorities
- 15.1
- Notification
- 15.2
- Review of legality and data minimisation
- SECTION IV – FINAL PROVISIONS
- Clause 16
- Non-compliance with the Clauses and termination
- Clause 17
- Governing law
- Clause 18
- Choice of forum and jurisdiction
- APPENDIX
- ANNEX I
- A.
- LIST OF PARTIES
- B.
- DESCRIPTION OF TRANSFER
- C.
- COMPETENT SUPERVISORY AUTHORITY
- ANNEX II
- TECHNICAL AND ORGANISATIONAL MEASURES INCLUDING TECHNICAL AND ORGANISATIONAL MEASURES TO ENSURE THE SECURITY OF THE DATA
- ANNEX III
- LIST OF SUB-PROCESSORS
Feedback