Author

Dr Michaela Nebel

Browsing

The European Commission (“EC”) recently issued its revised standard contractual clauses for data transfers to third countries (“Ex-EU SCCs”) and a companion set of standard clauses for controllers and processors in the EU/EEA (“Intra-EU SCCs”). Both are now published in the Official Journal. The following is an introduction to the core elements of the Ex-EU SCCs and a brief overview of the Intra-EU SCCs. Legal Context The Ex-EU SCCs are a mechanism that companies can…

The 25 May 2021 marks the third anniversary of the GDPR coming into force. As we have moved from preparation for the GDPR to business as usual compliance with the GDPR, regulators have focused on various issues in different jurisdictions. Although we are now three years into compliance with the GDPR being part of our day to day operations, it is clear that interpretation and expectations regarding compliance from the courts and regulators continue to…

Questions continue to arise over the interplay of the second Payment Services Directive (PSD2) with the General Data Protection Regulation (GDPR). Both PSD2 and the GDPR are complex legislation and the relationship between distinct provisions of each law and how they work together is not altogether clear, which has led to uncertainty for payment service providers, including banks. For example, when is “consent” required to access payment data and what does consent mean? To this…