International data transfer: Cross-border monitoring by data protection supervisory authorities in Germany

Jun 2, 2021

The data protection supervisory authorities of several German states are conducting jointly coordinated checks to ensure compliance with data protection law requirements on international data transfers by companies to countries outside the European Union or the European Economic Area (third countries). The background to this is the enforcement around the requirements of the European Court of Justice from the Schrems II ruling of July 16, 2020.

For this purpose, the supervisory authorities are questioning selected companies on the basis of common questionnaires. These deal, among other things, with applicant portals, intra-group data traffic, mail hosting, web hosting and tracking. Each authority decides individually in which of these areas it will take action by sending out the questionnaires, which companies it will approach, or whether the questionnaires will be adapted regionally if necessary.

The announcements for the coordinated audit were published on June 1, 2021 by the supervisory authorities of the following federal states: Bavaria, Berlin, Brandenburg, Hamburg, Lower Saxony, Rhineland-Palatinate and Saarland.

Find here the current questionnaires for the cross-state reviews of the supervisory authorities.

Recent news

EFDPO Conference. 28 & 29 May 2024, Berlin

EFDPO Conference. 28 & 29 May 2024, Berlin

One of EFDPO’s goals is to create a European network of national associations for the exchange of information, experience and methods, and to improve the quality of training and professional practice.

read more
Position paper on GDPR Evaluation 2024

Position paper on GDPR Evaluation 2024

This paper highlights how, from the perspective of data protection practitioners, the business sector –
particularly small and medium-sized enterprises (SMEs) – can be better supported in meeting data
protection requirements within the context of increasing digitization.

read more