EU4.pdfDate de publication :Date of publication :Fecha de publicación :Tél/Tel :Type/Clase : Contrat-type et guide de rédaction/Model contract with users’s guide/Modelo de contrato con guías de redacción Source/Procedencia : Union européenne / European Union / Unión Europea Rue de la Loi, 200 Bruxelles, 1000 Belgique Date de publication : Date of publication : Fecha de publicación : 15/06/2001 Tél/Tel : (32) 02 299 11 11 Web : www.europa.eu.int Avertissement: Les contrats et guides de la présente collection ont été sélectionnés à seule fin d'illustration. Leur contenu et leur utilisation n'engagent pas la responsabilité de Juris International. Please note: The contracts and guides contained in the present collection have been selected for illustrative purposes only. Juris International shall not be liable for their contents or use. Advertencia: Los contratos y las guías de la presente colección han sido seleccionados únicamente a manera de ilustración. Su contenido y utilización no compromenten la responsabilidad de Juris internacional.EN Official Journal of the European Communities4.7.2001 L 181/19II(Acts whose publication is not obligatory)COMMISSIONCOMMISSION DECISIONof 15 June 2001on standard contractual clauses for the transfer of personal data to third countries, under Directive95/46/EC(notified under document number C(2001) 1539)(Text with EEA relevance)(2001/497/EC)THE COMMISSION OF THE EUROPEAN COMMUNITIES,Having regard to the Treaty establishing the European Community,Having regard to Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995on the protection of individuals with regard to the processing of personal data and on the free movementof such data (1), and in particular Article 26(4) thereof,Whereas:(1) Pursuant to Directive 95/46/EC, Member States are required to provide that a transfer of personaldata to a third country may only take place if the third country in question ensures an adequate levelof data protection and the Member States' laws, which comply with the other provisions of theDirective, are respected prior to the transfer.(2) However, Article 26(2) of Directive 95/46/EC provides that Member States may authorise, subject tocertain safeguards, a transfer or a set of transfers of personal data to third countries which do notensure an adequate level of protection. Such safeguards may in particular result from appropriatecontractual clauses.(3) Pursuant to Directive 95/46/EC, the level of data protection should be assessed in the light of all thecircumstances surrounding the data transfer operation or set of data transfer operations. TheWorking Party on Protection of Individuals with regard to the processing of personal data establishedunder that Directive (2) has issued guidelines to aid with the assessment (3).(1) OJ L 281, 23.11.1995, p. 31.(2) The Internet address of the Working Party is:http://www.europa.eu.intlcomm/internal_market/en/medial/dataprot/wpdocs/index.htm.(3) WP 4 (5020/97) ‘First orientations on transfers of personal data to third countries working document — possibleways forward in assessing adequacy’, a discussion document adopted by the Working Party on 26 June 1997.WP 7 (5057/97) ‘Judging industry self regulation: when does it make a meaningful contribution to the level of dataprotection in a third country?’, working document: adopted by the Working Party on 14 January 1998.WP 9 (3005/98) ‘Preliminary views on the use of contractual provisions in the context of transfers of personal datato third countries’, working document: adopted by the Working Party on 22 April 1998.WP 12: ‘Transfers of personal data to third countries: applying Articles 25 and 26 of the EU data protectiondirective’, working document adopted by the Working Party on 24 July 1998, available, in the web-working docu-ment site ‘europa.eu.int/comm/internal_markt/en/media.dataprot/wpdocs/wp12/en’ hosted by the European Commis-sion.EN Official Journal of the European Communities 4.7.2001L 181/20(4) Article 26(2) of Directive 95/46/EC, which provides flexibility for an organisation wishing to transferdata to third countries, and Article 26(4), which provides for standard contractual clauses, areessential for maintaining the necessary flow of personal data between the Community and thirdcountries without unnecessary burdens for economic operators. Those Articles are particularlyimportant in view of the fact that the Commission is unlikely to adopt adequacy findings underArticle 25(6) for more than a limited number of countries in the short or even medium term.(5) The standard contractual clauses are only one of several possibilities under Directive 95/46/EC,together with Article 25 and Article 26(1) and (2), for lawfully transferring personal data to a thirdcountry. It will be easier for organisations to transfer personal data to third countries by incorpor-ating the standard contractual clauses in a contract. The standard contractual clauses relate only todata protection. The data exporter and the data importer are free to include any other clauses onbusiness related issues, such as clauses on mutual assistance in cases of disputes with a data subjector a supervisory authority, which they consider as being pertinent for the contract as long as they donot contradict the standard contractual clauses.(6) This Decision should be without prejudice to national authorisations Member States may grant inaccordance with national provisions implementing Article 26(2) of Directive 95/46/EC. The circum-stances of specific transfers may require that data controllers provide different safeguards within themeaning of Article 26(2). In any case, this Decision only has the effect of requiring the MemberStates not to refuse to recognise as providing adequate safeguards the contractual clauses describedin it and does not therefore have any effect on other contractual clauses.(7) The scope of this Decision is limited to establishing that the clauses in the Annex may be used by acontroller established in the Community in order to adduce sufficient safeguards within the meaningof Article 26(2) of Directive 95/46/EC. The transfer of personal data to third countries is aprocessing operation in a Member State, the lawfulness of which is subject to national law. The dataprotection supervisory authorities of the Member States, in the exercise of their functions andpowers under Article 28 of Directive
View Full Document