ADGM Office of Data Protection adopts new Standard Contractual Clauses for Data Transfers
ADGM 11/08/2021
- ADGM Office of Data Protection publishes new Standard Contractual Clauses for data transfers
- The new Standard Contractual Clauses reflect the enhanced requirements outlined by the regulations
- ADGM repeals the 2015 transfer permits and will no longer issue new permits
The Office of Data Protection (ODP) of Abu Dhabi Global Market (ADGM), the international financial centre located in Abu Dhabi, has adopted and released Standard Contractual Clauses (SCCs) regarding the transfer of personal data outside of ADGM.
The SCCs adopted reflect the requirements outlined in the newly issued Data Protection Regulations 2021, which govern the transfer of data from ADGM to third-party jurisdictions, and serve as one of the mechanisms for transferring data between parties.
A key feature of the SCCs is that they cannot be amended by either party involved, with the intention of providing a high level of protection for personal data, irrespective of importer location.
The SCCs are closely aligned with the European Union’s recently published SCCs for data transfers. The ADGM SCCs include several new features and improvements, including, among others:
- Reflects the enhanced requirements of the Data Protection Regulations 2021;
- Promotes interoperability through consistency with international best practice;
- A more flexible approach in one document containing ‘modular’ provisions;
- Covers a broad range of transfer scenarios;
- Makes it possible for more than two parties to accede to the SCCs.
Commenting on the new SCCs, Sami Mohammed, ADGM Commissioner of Data Protection, said: “Data flows are essential for the upkeep of the digital economy and to support innovation at ADGM. The regulations include transfer provisions to facilitate the free flow of personal data, while, at the same time, ensuring a high level of protection, irrespective of the destination, in line with ADGM’s efforts to ensure the highest levels of transparency across its business community. The regulations also ensure that individual rights and safeguards follow this data as the adoption of the SCCs provides an option for exporting personal data lawfully outside of ADGM.”
Following the adoption of the SCCs, the Commissioner of Data Protection has also repealed transfer permits issued under the 2015 regulations, asserting that ADGM will no longer be issuing these permits. New ADGM entities will be given a six-month transition period until 14 February 2022 to either update existing SCCs or comply with an appropriate transfer condition of the new regulations. For more information, the Office of Data Protection has issued a Circular No 2 of 2021.
More information on the SCCs are available within the Guidance on the Office of Data Protection website here: Office of Data Protection - Guidance.
Recently, the Office of Data Protection recently hosted a webinar on the new regulations. You can watch the webinar on the ADGM website under the Past Events section here: Data Protection Regulations 2021 in ADGM.