European Union: Adoption of final version of Recommendations 01/2020 on cross-border personal data transfers by EDPB

European Data Protection Board publishes the final version of its guidelines for data exporters on privacy protections for cross-border transfer of personal data to third countries after the ECJ Schrems II decision. The guidelines include a step-by-step instruction on how to proceed when transferring personal data to third countries. The individual steps are: (1) Know your transfers, (2) verify the transfer tool is permitted, (3) assess the situation on data handling in the third country, (4) identify and adopt supplementary measures to ensure the needed level of protection, (5) take any formal procedural steps the adoption of supplementary measure may require, (6) re-evaluate at appropirate intervals.