We acknowledge the great value of the updated framework of standard data protection clauses, which will help companies when relying on third country transfers.
- We appreciate the efforts undertaken by the European Commission in modernizing the SDPC framework, also to reflect the Schrems II judgment. In particular, we welcome the introduction of the new Clauses also for the processor-to-processor environment.
- From our perspective, there are several areas where the updated clauses can be further improved, such as the terminology used, questions of enforceability and some provisions that seem to be phrased ambiguously. We also noted that some concepts may be subject to different interpretations or even misunderstanding by the parties actually implementing the Clauses, e.g. in relation to the so-called docking clause.
- However, it is also worth stressing that we welcome many provisions which can enable companies to implement a robust framework for third country data transfers, especially the mentioned sections which follow a similar approach to our SDPC draft.
We hope our detailed comments may contribute to the further enhancement of the SDPC and we look forward to further contributing to the related developments.