International data transfer: Cross-border monitoring by data protection supervisory authorities in Germany

Jun 2, 2021

The data protection supervisory authorities of several German states are conducting jointly coordinated checks to ensure compliance with data protection law requirements on international data transfers by companies to countries outside the European Union or the European Economic Area (third countries). The background to this is the enforcement around the requirements of the European Court of Justice from the Schrems II ruling of July 16, 2020.

For this purpose, the supervisory authorities are questioning selected companies on the basis of common questionnaires. These deal, among other things, with applicant portals, intra-group data traffic, mail hosting, web hosting and tracking. Each authority decides individually in which of these areas it will take action by sending out the questionnaires, which companies it will approach, or whether the questionnaires will be adapted regionally if necessary.

The announcements for the coordinated audit were published on June 1, 2021 by the supervisory authorities of the following federal states: Bavaria, Berlin, Brandenburg, Hamburg, Lower Saxony, Rhineland-Palatinate and Saarland.

Find here the current questionnaires for the cross-state reviews of the supervisory authorities.

Recent news

FAQ: Data Protection Officers

FAQ: Data Protection Officers

Data Protection Officers Do you process large amounts of personal data? Are you scared of terms like GDPR, ePrivacy, cookies, data breach, but you work with the data of a large number of people? Consider engaging a data protection officer (DPO). The responsible...

read more