Schrems II: Addressing Personal Data Transfer Concerns with Your Processors

Resource Data Transfers Third-Party Risk

In the Schrems II case, the Court of Justice of the European Union (CJEU) invalidated the EU-US Privacy Shield as a lawful mechanism to transfer personal data from the EU to the U.S. under the General Data Protection Regulation. Although the Privacy Shield is no longer a lawful transfer mechanism, the CJEU upheld the use of Standard Contractual Clauses (SCCs) as valid mechanisms. However, organizations relying, or intending to rely, on SCCs, as well as Binding Corporate Rules (BCRs), to transfer personal data from the EU to third countries face legal uncertainty, because they must assess the adequacy of data protection in those other countries.

So, what are organizations doing to address personal data transfer concerns when working with processors? In this webinar, you’ll learn how:


Leading organizations are navigating the CJEU’s invalidation of the EU-US Privacy Shield in Schrems II


Organizations should manage their personal data flows from the EU to third countries in the next 30, 60, and 90 days in light of Schrems II


Organizations can use Privacy Risk Exchanges to reduce personal data transfer risks

Watch Video

Note: All fields marked with * are required

I’d like email updates on local events, news, resources and products to stay connected with the OneTrust community. Unsubscribe at any time.

I’d like a solution expert to provide product information or show me a custom demo of the OneTrust platform

How would you like us to contact you?

Privacy Notice

You can learn more about how we handle your personal data and your rights by reviewing our privacy notice.

Onetrust All Rights Reserved