– Important Change in International Data Transfers: GDPR Certification goes global with Europrivacy
/PRNewswire/ — The European Data Protection Board (EDPC) adopted two important decisions that will facilitate international data transfers while improving the protection of personal data: it approved the extension of Europrivacy, the European Data Protection Seal of the General Data Protection Regulation (GDPR), for use in non-European countries. Furthermore, it approved a specific version of the Europrivacy criteria for use as a mechanism for international data transfers under Art. 46 GDPR.
GDPR Certification Goes Global
The first decision of the EDPB authorizes the use of the Europrivacy certification outside Europe. Europrivacy was already approved as a European Data Protection Seal, in accordance with article 42 of the GDPR, for companies established in EU and EEA countries. This decision allows companies subject to the GDPR around the world to use this mechanism to demonstrate compliance with their data processing activities.
A new Mechanism for International Data Transfer
The EDPB also approved a specific version of the Europrivacy certification criteria that can be used in accordance with Article 46 of the GDPR, as part of appropriate safeguards for international data transfers. This represents an important step in the operationalization of certification mechanisms for cross-border data flows. In practice, it will help companies acting as recipients of data outside the EEA to demonstrate compliance with the requirements of the GDPR, provided that binding and enforceable commitments are in place. This advance reinforces legal certainty and fosters confidence in international data transfers.
Impact on Data Transfers
International data transfers face increasing data protection obligations. The GDPR refers to certification 73 times. Through independent assessments and audits, facilitate compliance and data transfers. The European companies that pioneered its adoption claim that it has allowed them to:
- Verify and demonstrate compliance;
- Reduce risks and increase trust;
- Simplify compliance and save associated costs;
- Value compliance and turn it into a source of competitive advantage and income;
- Facilitate data transfer.
Furthermore, Europrivacy allows companies to:
- Expand compliance assessment to jurisdictions outside the EU;
- Access online resources to support compliance and certification;
- Benefit from a global ecosystem of service providers.
Towards International Data Protection Certification
By making the GDPR mechanism accessible to other countries, the EDPB responds to the growing need for reliable methods to demonstrate cross-border data protection compliance. Interprivacy, the international data protection certification scheme, approved by the IAF for global use, is aligned with Europrivacy. Both complement each other to promote a digital economy that respects individual rights and freedoms.
Useful links
Europrivacy: europrivacy.org
ECCP: eccpcenter.org
CEPD: edpb.europa.eu
CEPD Opinion 1
CEDP Opinion 2
Webinars May 5: academy.europrivacy.com/events/gdpr-certification-goes-global