The new UK International Data Transfer Agreement (“IDTA”) and Addendum to the new 2021 EU Standard Contract Clauses (“New EU SCCs”) are now in force (as of the 21 March 2022), providing much needed certainty for UK organisations transferring personal data to service providers and group companies based outside of the UK/EEA.
The IDTA and Addendum replace the old EU Standard Contractual Clauses (“Old EU SCCs”) for use as a UK GDPR-compliant transfer tool for restricted transfers from the UK, which also enables UK data exporters to comply with the European Court of Justice’s ‘Schrems II’ judgement.
For new UK data transfer arrangements or where UK organisations are in the process of reviewing their existing arrangements, use of the new ITDA or Addendum would be the best option to seek to future proof against the need to replace them in 2 years’ time.
Where the data flows involve transfers of personal data from both the UK and the EU, the use of the Addendum alongside the New EU SCCs, will enable organisations to implement a more harmonised solution. This will be discussed in an upcoming blog post on Consumer Privacy World, subscribe here for further updates.
To view copies of the documents please follow the links below:
- International data transfer agreement (PDF)
- International data transfer agreement (Word document)
- International data transfer addendum to the European Commission’s standard contractual clauses for international data transfers (PDF)
- International data transfer addendum to the European Commission’s standard contractual clauses for international data transfers (Word document)
- Transitional provisions
To read our previous blog post on this topic, click here.
Our global Data Privacy, Cybersecurity and Digital Assets team is perfectly placed to assist organisations in navigating through this area. For assistance, please reach out to the authors.