Abstract

The issue of localization of personal data processed in cloud services remains one of the key regulatory challenges with respect to the implemention of cloud solutions in the financial sector. Both regulations of the strictly financial area and data protection regulations relating to the transfer of personal data outside the EEA apply here. The current post-Schrems II regulatory landscape seems to be dominated by the challenges relating to compliance with RODO. A particularly important practical issue of RODO compliance is permissibility for exporters to conduct a comprehensive risk assessment, taking broadly into account the context and circumstances of the transfer.