EU GDPR鈥攅xtra-territorial reach


Produced in partnership with Aaron Simpson of Hunton Andrews Kurth and Bridget Treacy of Hunton Andrews Kurth
Practice notes

EU GDPR鈥攅xtra-territorial reach


Produced in partnership with Aaron Simpson of Hunton Andrews Kurth and Bridget Treacy of Hunton Andrews Kurth

Practice notes
imgtext

In summary, organisations with an establishment in the EEA that process personal data and that cannot rely on an exception under the General Data Protection Regulation, Regulation (EU) 2016/679 (EU GDPR) will be within the scope of the EU GDPR. Those organisations without a physical presence in the EEA but that process personal data, whether regularly or sporadically, should consider whether they are likely to be caught by the EU GDPR and/or required to appoint a representative in the EEA.

This Practice Note covers:

  1. key guidance

  2. territorial scope of preceding EU data protection laws

  3. territorial scope of the EU GDPR

  4. extra-territorial enforceability of the EU GDPR

  5. consequences of being within the territorial scope of the EU GDPR

  6. appointing a representative in the EEA

  7. exceptions to the EU GDPR鈥檚 extra-territorial reach and obligations to appoint an EEA representative

Although the text of the EU GDPR refers throughout to the 鈥楿nion鈥, it is stated on page one of the

Aaron Simpson
Aaron Simpson

Hunton Andrews Kurth

Aaron Simpson is a partner at Hunton Andrews Kurth and leader on the firm鈥檚 Global Privacy and Cybersecurity team. He advises clients on a broad range of complex data protection, privacy and cybersecurity matters, including international and US federal and state privacy and data security requirements. His work ranges from advising clients on large-scale cybersecurity incidents to the development of cross-border data transfer solutions, compliance with existing and emerging data protection requirements in Europe, and negotiating data-driven commercial agreements. Aaron is well known as a top privacy professional and has been recognized by Chambers and Partners, Computerworld and The Legal 500 for his work on behalf of clients. Aaron is the only lawyer listed in both The Legal 500 United Kingdom and The Legal 500 United States guides, providing clients with a broad and unique transatlantic perspective on privacy, data protection and cybersecurity matters. He is a sought-after media resource on privacy issues and has been quoted in such publications as Bloomberg BNA, Businessweek Magazine, Computer Weekly, Corporate Secretary, DataGuidance, Law360, SC Magazine, The Times and TIME Magazine. Aaron is a frequent speaker and has written and co-written numerous articles, book chapters and handbooks on data protection, privacy and information security issues.

Read moreRead more
Bridget Treacy
Bridget Treacy

Partner, Hunton Andrews Kurth

Bridget Treacy is a partner at Hunton Andrews Kurth. Her practice focuses on all aspects of privacy, data protection, information governance and e-commerce issues for multinational companies across a broad range of industry sectors. She advises clients on the EU General Data Protection Regulation that is transforming Europe鈥檚 privacy landscape. Other key experience includes big data and analytics, cloud computing, cross-border data transfers and BCRs, behavioural targeting and data breach. She has structured and implemented global privacy and data management compliance programs. Bridget is one of the few UK lawyers with deep, practical experience of advising on EU data protection, cybersecurity and data breach issues. She also has wide-ranging experience advising on outsourcing agreements, strategic alliances, shared services arrangements and technology licensing. She is the editor of the specialist privacy journal 鈥淧rivacy and Data Protection鈥, and has contributed to a number of published texts.

Read moreRead more
Powered by Lexis+
Jurisdiction(s):
European Union

Popular documents

Priority between loss reliefs in loss making companies

Priority between loss reliefs in loss making companiesWhy does it matter?A company that is a member of a group and has incurred any of the types of losses available for surrender by way of group relief may, without any further rules, have more than one way in which to use the loss. There are a

If a rentcharge is shown as being informally exonerated on title information, does this apply to the

If a rentcharge is shown as being informally exonerated on title information, does this apply to the current registered owner? Or does the informal exoneration only apply to the parties to the document which informally exonerated the rentcharge?This Q&A considers the situation where, at some

Late payment penalties鈥攊nheritance tax

Late payment penalties鈥攊nheritance taxWhile interest often accrues on overdue tax, the late payment of certain taxes may also attract a penalty. For information on the interest accruing on overdue tax, see Practice Notes: IHT鈥攑ayment deadlines on death鈥擨nterest on IHT and Interest on late paid

Strike out鈥攎aking an application to strike out a statement of case

Strike out鈥攎aking an application to strike out a statement of caseA strike out order can be made either following an application by the parties or on the court's own initiative. This Practice Note deals with the scenario of the order being made following a party's application.Making an application