Last Friday, the European Commission released a draft set of new standard contractual clauses (SCCs) for cross-border transfers of personal data. But what happens next?

Under the GDPR, a common way of legally transferring personal data out of the EU/EEA is to sign SCCs between data exporters in the EU/EEA and data importers in so-called 'third countries' outside the EU/EEA. SCCs have existed for 20 years and have been very widely adopted.

The much-anticipated new SCCs published by the Commission in June 2021 take a different approach from the current clauses and include a range of new features that organisations must manage.

Please join us as we give a first overview of the changes in data transfers and discuss how the clauses work in practice, likely timelines for adoption in business relationships, how organisations can manage their introduction and build workable procedures to operationalise them.