On July 08, 2021, the European Data Protection Board (‘EDPB’) adopted Guidelines on Codes of Conduct as a tool for transfers. The main purpose of the guidelines is to clarify the application of articles 40 (3) and 46 (2) (e) of the GDPR. These provisions stipulate that once approved by a competent Supervisory Authority and after having been granted general validity within the EEA by the Commission, a Code of Conduct may also be adhered to and used by controllers and processors not subject to the GDPR to provide appropriate safeguards to transfers of data outside of the EU. The guidelines complement the EDPB Guidelines 1/2019 on codes of conduct which establish the general framework for the adoption of codes of conduct.
The EDPB adopted a final version of the Guidelines on Virtual Voice Assistants. The Guidelines aim to provide recommendations to relevant stakeholders on how to address some of the most relevant compliance challenges for Virtual Voice Assistants.
The EDPB also adopted a final version of the Guidelines on the concepts of Controller and Processor. These Guidelines aim to provide clarifications concerning fundamental concepts such as (joint) controller and processor.
Read the Press Release HERE