To deliver services to our clients and conduct our business, we sometimes need to transfer personal information outside the European Economic Area (EEA). The main situations in which we will need to do so are:
- if you are located outside the EEA;
- if any third parties we are using to provide legal services to you are located outside the EEA (for example, experts or other professional advisers);
- where there is an international dimension to the matter on which we are advising you.
As non-EEA countries may not offer the same protection to personal information as the United Kingdom and EEA law, transfers of personal information outside the EEA are subject to special rules. Generally speaking, we must only transfer your personal information outside the EEA if:
- the country in question is included on a list of countries published by the European Commission as having adequate data protection laws. You can view a list of those countries here; or
- an appropriate safeguard is put in place (there are various options under data protection law). Our usual practice is to use standard data protection contract clauses which have been approved by the European Commission. You can obtain a copy of those clauses and find out more about them here.
If you would like more information about situations in which your personal information may be transferred outside the EEA and/or how we will seek to ensure that your personal data remains secure, please contact us.