Abstract

The article discusses Recommendations 01/2020 of the European Data Protection Board on measures that supplement transfer tools to ensure compliance with the EU level of protection of personal data. Those recommendations clarify further the decisions of the Court of Justice of the European Union contained in its verdict of 16 July 2020 in Schrems II. That judgment as well as the EDPB recommendations significantly affect the rules for the application of Chapter V of the General Data Protection Regulation concerning transfer of personal data to third countries. In this context, of special significance is the requirement to analyse law and practice of the third country in the situation of using standard contractual clauses, as well as the need for the data transferring entity to employ additional safeguards, including technical and organisational ones.