Policy Briefing — EU Updates Standard Contractual Clauses
The European Commission adopted new modular Standard Contractual Clauses for GDPR-compliant international data transfers following Schrems II.
On 4 Jun 2021 the European Commission replaced its legacy Standard Contractual Clauses (SCCs) with modernised modules covering different controller and processor transfer scenarios, adding detailed Schrems II safeguards.
- 4 Jun 2021 — Implementing Decision published. The decision introduced modular SCCs for controller-to-controller, controller-to-processor, processor-to-processor, and processor-to-controller data flows.
- 4 Jun 2021 — Supplementary measures guidance. The Commission aligned the clauses with EDPB recommendations by requiring transfer impact assessments, government access challenges, and transparency commitments.
- 27 Sep 2021 — Migration timetable. Organisations received 18 months to repaper legacy SCCs, pushing global exporters to update contracts, supplier assessments, and documentation.
Zeph Tech supports cross-border data programmes with transfer impact assessments, SCC repapering kits, and regulator-ready documentation mapped to the new clauses.
Continue in the Policy pillar
Return to the hub for curated research and deep-dive guides.
Latest guides
-
Semiconductor Industrial Strategy Policy Guide — Zeph Tech
Coordinate CHIPS and Science Act, EU Chips Act, and Defense Production Act programmes with capital planning, compliance, and supplier readiness.
-
Digital Markets Compliance Guide — Zeph Tech
Implement EU Digital Markets Act, EU Digital Services Act, UK Digital Markets, Competition and Consumers Act, and U.S. Sherman Act requirements with cross-functional operating…
-
Export Controls and Sanctions Policy Guide — Zeph Tech
Integrate U.S. Export Control Reform Act, International Emergency Economic Powers Act, and EU Dual-Use Regulation requirements into trade compliance, engineering, and supplier…