Many organisations have been struggling with a GDPR grey area since the Schrems II litigation. The CJEU invalidated Privacy Shield and added extra layers of risk assessment to the use of Standard Contractual Clauses (SCCs), making compliant personal data transfers to the US complicated to achieve.
Read More