Wim Nauwelaerts, Brussels partner and leader of the firm’s EU Privacy and Data Protection practice, has authored a summary of the European Data Protection Board’s (EDPB) guidelines on the territorial scope of the GDPR. On November 12, 2019, the EDPB adopted the final version of its guidelines – almost one year after they had been published in draft form.
In his summary of the guidelines, Nauwelaerts notes the key question of “…whether the GDPR applies to a specific data processing activity, particularly if the controller or processor involved in that processing is located outside of the EU.” The EDPB guidelines were published to provide guidance on this and other areas of concern for companies affected. Nauwelaerts also highlights areas where additional guidance and attention may be needed in the future.
To read the full summary click here.