497 views

The authorization pattern for the abroad transfer of personal data, based on binding corporate rules

In the Official Gazette of Romania, Part I, no. 218 of 27 March 2014 was published the decision no. 41/2014 belonging to the president of the National Supervisory Authority for Personal Data Processing, for establishing an authorization model for the abroad transfer of personal data based on binding corporate rules (Binding Corporate Rules – BCR).

According to Law no. 677/2001 on the individuals protection regarding the personal data processing and the free circulation of such data, the National Supervisory Authority for Personal Data Processing may authorize the personal data transfer to a state whose laws do not provide a level of protection at least equivalent to the one provided by the Romanian law, when the operator provides adequate safeguards with respect to the fundamental rights protection. These safeguards must be established through contracts between operators and individuals or legal persons from which the transfer is made.

:: The source: JURIDICE.ro

Adina Elena OPREA
Junior Lawyer D&B David şi Baias

Related posts