Personal data can be transferred outside of the EEA. According to the GDPR, which transfers outside the EEA are always lawful?
Personal data can be transferred outside of the EEA. According to the GDPR, which transfers outside the EEA are always lawful?
A. Transfers based on the laws of the non-EEA country concerns
B. Transfers falling under World Trade Organization rules
C. Transfers governed by approved binding corporate rules (BCR)
D. Transfers within a global corporation or organization
Answer: C
Explanation:
Transfers based on the laws of the non-EEA country concerned. Incorrect. This would also require an adequacy decision confirming that those laws are sufficient.
Transfers falling under World Trade Organization rules. Incorrect. WTO only covers free trade of goods and services.
Transfers governed by approved binding corporate rules (BCR). Correct. Binding corporate rules approved by a supervisory authority involved make the transfer lawful. (Literature: A, Chapter 7; GDPR Article 47)
Transfers within a global corporation or organization. Incorrect. This would also require that they adopt official binding corporate rules.
Reference: https://edps.europa.eu/data-protection/data-protection/reference-library/international-transfers_en
Latest PDPF Dumps Valid Version with 149 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund