In July 2020, the Court of Justice of the European Union (CJEU) invalidated the US ‘Privacy Shield’ data transfer arrangements. In the same judgment the Court considered Standard Contractual Clauses (SCCs) are still valid for the transfer of personal data to processors established in third countries.

Shortly after, the European Data Protection Board (EDPB) published a series of answers to some frequently asked questions received by different European supervisory authorities

This FAQs note follows the early EFAMRO review of the immediate aftermath of the judgment available here. Whilst this document contains considerations of some of the actions recommended for adoption, it is not legal advice and should not be relied upon as such.