German Data Protection Authorities Want To Know What Companies Are Doing With Customer Data

Fox Rothschild LLP
Contact

Fox Rothschild LLP

Several German Data Protection Authorities commence independent investigation of cross border transfers of personal data in violation of Schrems II.

The investigation has commenced by sending companies questionnaire regarding among other things, the use of service providers for:

  • sending e-mails
  • hosting of websites
  • web tracking
  • the administration of applicant data
  • the internal exchange of customer data
  • the intercompany transfer of employee data.

The authorities are mindful of the Court of Justice of the European Union’s (CJEU) instruction that the supervisory authorities “suspend or forbid” transfers that do not meet with the Schrems II requirements for mode of transfer or supplemental measures. Suspending a transmission, says the Berlin DPA in a press release, is likely to succeed in starting a cooperative dialogue with the companies. Where this is not possible regulatory action will follow.

Per Christopher Schmidt, FIP CIPP⁄E CIPM CIPT CDPO’s unofficial translation, questions include:

  • Does your company transfer personal data to other companies of the group located outside the EEA (this includes accessing data stored in Germany from other locations)?
  • Which data is transferred, to which companies and at what intervals?
  • What is the purpose and legal basis of the transfer?
  • Have you checked whether there are no provisions in the third country’s legislation that make it impossible for data importers to comply with their contractual obligations under the SCC?
  • Are any of the other companies subject to FISA 702?
  • Do you use encryption? What kind?
  • What are preparatory steps for alternatives to this transfer/mode of transfer?

[View source.]

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Fox Rothschild LLP | Attorney Advertising

Written by:

Fox Rothschild LLP
Contact
more
less

Fox Rothschild LLP on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide

This website uses cookies to improve user experience, track anonymous site usage, store authorization tokens and permit sharing on social media networks. By continuing to browse this website you accept the use of cookies. Click here to read more about how we use cookies.