INTERNATIONAL DATA TRANSFER SUPPORT SERVICE
As a UK based data protection consultancy, DPAS are pleased to offer our International Data Transfers support services.
At DPAS we recognise that the way we transfer personal data to Third Countries has changed. That is why we have established a new division that concentrates on delivering the new EU Standard Contractual Clauses, Transfer Impact Assessments and the new UK International Data Sharing Agreements.
Services we provide:
The provision, drafting and delivery of EU & UK Transfer Impact Assessments for Third Countries. This includes an assessment of the risks associated with the proposed transfer.
The provision, drafting and delivery of EU Standard Contractual Clauses (SCC) for Data Controller and Processors located in Third Countries.
The provision, drafting and delivery of UK ICO approved addendum to the EU Standard Contractual Clauses for Data Controller and Processors located in Third Countries.
The provision, drafting and delivery of UK ICO approved UK International Data Transfer Arrangement (IDTAs) contracts for Controller and Processors located in Third Countries.
The development, delivery and monitoring of processor adherence to the information security standards laid out in the contract arrangements within the UK Data Impact Assessments and Standard Contractual Clauses.
We have undertaken many country assessments for UK/EU based Data exporters and produced a Transfer Risk Impact Assessment (TIA) which gives a risk-based analysis of these Countries.
The UK position:
- The new IDTAs take effect on 21 March 2022.
- The old SCCs can be used up to 21 March 2024 provided they are in place by 21 September 2022 but if processing has changed you will need a new set. After this date all contracts require an IDTA.
- Any remaining SCCs to IDTAs is 21 March 2024.
The EU position is:
All new contracts after 27th September 2021 have to include the new SCCs and a TIA. As for existing contracts; under the old SCCs controllers and processors can continue to rely on those earlier SCCs for contracts that were concluded before 27 September 2021, up until 27 December 2022, provided that the processing operations that are the subject matter of the contract remain unchanged.
Why DPAS:
We have experience in delivering both the new SCCs and developing bespoke TIAs for Global organisations and we would be delighted to assist you in delivering your compliance requirements.
Your work is handled by our experienced and legally qualified team of experts who with their data protection and information security knowledge are able to deliver all our products to an agreed timeline at a fraction of the cost of the traditional lawyer model.
If you’d like to have a quick chat about how DPAS can support your organisation, get in touch and we can provide you with further information.
why DPAS
INDUSTRY EXPERIENCE
We have experience in delivering both the new SCCs and developing bespoke TIAs for Global organisations and we would be delighted to assist you in delivering your compliance requirements.
EXPERT SUPPORT
Your work is handled by our experienced and legally qualified team of experts who with their Data Protection and Information Security knowledge are able to deliver all our products to an agreed timeline at a fraction of the cost of the traditional lawyer model.
PEACE OF MIND
Ensure that you are complying with the law, get ready for the upcoming changes.
We have been dealing in data protection for years, no problem is too big or too small.
HERE WHEN YOU NEED US
You can call on us at any time after the work has been completed to ask questions or for advice.
We will help you every step of the way.
Our UK representative service includes the following:
- A dedicated specialist to deal with your organisation.
- Initial kick-off meeting to understand your needs.
- A DPAS project manager to support you through the project.
- The provision, drafting and delivery of EU & UK Transfer Impact Assessments for Third Countries. This includes an assessment of the risks associated of the proposed transfer.
- The provision, drafting and delivery of EU Standard Contractual Clauses (SCC) for Data Controller and Processors located in Third Countries.
- The provision, drafting and delivery of UK ICO approved addendum to the EU Standard Contractual Clauses for Data Controller and Processors located in Third Countries.
- The provision, drafting and delivery of UK ICO approved UK International Data Transfer Arrangement (IDTAs) contracts for Controller and Processors located in Third Countries.
- The development, delivery and monitoring of processor adherence to the information security standards laid out in the contract arrangements within the UK Data Impact Assessments and Standard Contractual Clauses.
- Data protection support ticketing system for general advice and support.
- Support of DPO office.
- Client portal where you can access our free tools, templates and materials.
- Ensure you are complying with the law.
- No conflict of interest and fully independent.
- Experienced team with years of experience in Public, Private and Third Sectors.
- Competitively priced solutions.
1. How much does it cost?
Prices start from £1,000 + vat.
2. How quickly can you begin?
We can begin the service once the contract has been signed. We will set up initial meetings with your team to ensure that our experts understand your business.
3. Are your team qualified?
They are qualified Data Protection Officers and Data Protection Practitioners and have years of experience working in the industry.
4. What is the current EU position?
All new contracts after 27th September 2021 have to include the new SCCs and a TIA. As for existing contracts; under the old SCCs controllers and processors can continue to rely on those earlier SCCs for contracts that were concluded before 27 September 2021, up until 27 December 2022, provided that the processing operations that are the subject matter of the contract remain unchanged.
5. What is the UK position?
- The new IDTAs take effect on 21 March 2022.
- The old SCCs can be used up to 21 March 2024 provided they are in place by 21 September 2022 but if processing has changed you will need a new set. After this date all contracts require an IDTA.
- Any remaining SCCs to IDTAs is 21 March 2024.
6. Where can I find out more?
The ICO has some very good information on their website, alternatively, give us a quick call and we can help. https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/international-transfers-after-uk-exit/
