Global data transfers are a daily occurrence for many businesses.
Following the Schrems II judgement of Europe’s highest court, businesses transferring personal data from Europe or the UK to a third country must first carry out a transfer impact assessment (TIA), on a case-by-case basis, of the level of protection provided in that third country. Meeting the requirements of Schrems II is a challenge even for the most sophisticated and well-resourced organisations.
Transfer has been developed to streamline the process of carrying out TIAs, providing a clear step-by-step methodology by which data exporters and importers may logically and consistently assess problematic laws and practices in “third countries”, the level of safeguards in place and the severity and likelihood of harm as a result of public authority access when transferring personal data.
- Comparative assessments: Transfer offers a library of country-specific comparative assessments, developed with the assistance of local counsel. These assessments provide an "essential equivalence" evaluation of the privacy and surveillance laws in over 70 countries, simplifying vendor onboarding questionnaires and reducing procurement complexity.
- User-friendly interface: Transfer's user-friendly interface is consistent with the principles of accountability in GDPR, allowing assessments to be completed quickly and recorded easily.
- Modular approach: Transfer allows organizations to purchase the tool according to their specific needs, from the basic tool to multiple country assessments supported by our maintenance service to ensure assessments keep up to date with evolving laws and practices.
- Global coverage and local experience: Transfer provides global coverage and local experience provided by DLA Piper's Data Privacy team, which comprises more than 180 specialist lawyers worldwide, including several lawyers who were closely involved in the Schrems II litigation.
- Security: Transfer is secure, using only Microsoft® Word and Excel in its development, without any third-party software.
Measures that supplement transfer tools to ensure compliance with the EU level of protection of personal data.