The European Data Protection Board (“EDPB”) released draft guidelines on the interplay between Article 3 GDPR – which sets out the GDPR’s territorial scope – and the provisions in Chapter V of the GDPR, which impose restrictions on international data transfers. In this draft guidance, the EDPB clarifies which (cumulative) criteria must be fulfilled in order to have a transfer of personal data to a third country or to an international organization, under the GDPR. The EDPB also discusses some of the consequences of international data transfers, in terms of making sure that appropriate safeguards are provided when transferring personal data outside of the EU.
TikTok Fined €530 Million for GDPR Violations Over Data Transfers to China
The Irish DPC fined TikTok €530 million for GDPR breaches related to inadequate protection of European user data transferred to […]