Last Updated October 31, 2018

Law and Practice

Authors



Luther Rechtsanwaltsgesellschaft mbH (Cologne) has more than 380 lawyers and tax advisers in ten national and six international offices, of which 16 specialise in outsourcing in the offices in Cologne, Frankfurt, Essen, Berlin and Stuttgart. The firm's key areas of practice are technology, media and telecommunications, data protection law, IT security, and public procurement law in the field of IT.

When processing data, it must be taken into account whether the outsourcing involves a data transfer or whether there is only a so-called order processing. The concept of data transfer is regulated in Article 4 paragraph 2 of the GDPR. During order processing, personal data are disclosed by the responsible office to other persons or third parties. In the case that the provider undertakes data processing on behalf of the customer as data controller, it is mandatory to conclude a separate data processing agreement in accordance with Article 28 of the GDPR.

For the legality of data transfer outside the EU or EEA, the general principles of Article 44 of the GDPR must be observed. If data leaves the scope of EU data protection law, there is a risk of unrestricted use of the data in the country of the recipient as well as uncontrolled return to the EU. For the transfer of personal data to a recipient in a third country, the transfer must not only comply with other provisions of the GDPR (eg, an appropriate level of protection), but at least one of the conditions of authorisation in Articles 45 to 49 of the GDPR must also subsist.

Luther Rechtsanwaltsgesellschaft mbH

Anna-Schneider-Steig 22
50678 Cologne

+49 221 9937 0

+49 221 9937 110

cologne@luther-lawfirm.com www.luther-lawfirm.com
Author Business Card

Authors



Luther Rechtsanwaltsgesellschaft mbH (Cologne) has more than 380 lawyers and tax advisers in ten national and six international offices, of which 16 specialise in outsourcing in the offices in Cologne, Frankfurt, Essen, Berlin and Stuttgart. The firm's key areas of practice are technology, media and telecommunications, data protection law, IT security, and public procurement law in the field of IT.

{{searchBoxHeader}}

Select Topic(s)

loading ...
{{topic.title}}

Please select at least one chapter and one topic to use the compare functionality.