Welcome to our Schrems II Universe

ComplyCloud follows Schrems II closely and regularly adds new content here on the page so you can keep updated.

Read more about TIA in ComplyCloud  here.

Schrems II

In July 2020, the European Court of Justice ruled in the long-awaited Schrems II case. The outcome of the ruling is of great importance to all EU organizations that use international cloud and hosting providers which directly or indirectly receive or transfer personal data to countries outside the EU/EEA.

Additional measures

In November 2020, the European Data Protection Board published a draft of a number of new recommendations on the transfer of personal data to third countries. The long-awaited new recommendations include among other things, concrete examples of effective “supplementary measures”.


In ComplyCloud, we follow Schrems II closely and regularly post news here on this home page, so you can keep updated.

New standard contractual clauses

The European Commission has adopted new standard contractual clauses (SCC’s) that is required to be applied by all organizations from the 27th of September 2021. This means that your organization can no longer use the old SCC’s. Are you a customer at ComplyCloud, the new SCC’s will soon be integrated in the software. Read our latest whitepaper on the new standard contractual clauses. Find it below.

NEWS: It is now possible to make a Transfer Impact Assessment (TIA) in ComplyCloud

Play Video

With ComplyCloud it is now possible to make a Transfer Impact Assessment (TIA) in only 30 minutes and automatically receive the legal documentation and assessment to act on. Read more about our Transfer Impact Assessments here.

Why Make a Transfer Impact Assessment?

Schrems II and the latest guidelines from the European Data Protection Board make it a requirement that all companies and organizations carry out a transfer impact assessment for each supplier, partner, or group company, where personal data is transferred to third countries outside the EU and the EEA. Such an analysis is called a Transfer Impact Assessment (TIA).

It is not an easy task, and as almost all companies use international processors with a presence in third countries, all organizations face this challenge.


If you would like to hear more about how ComplyCloud can help you make a Transfer Impact Assessment, please contact us on +45 28296436 or fill out our contact form by pressing the button below.

Whitepaper: New Standard Contractual Clauses

Our legal team has just finalized ComplyCloud’s latest whitepaper New Standard Contractual Clauses. We take a closer look at the differences between the old and new contract terms, and what they mean for your company in practice. Also read our recommendations for how you should proceed from now on and forward.

In our whitepaper from September 2021 you can read more about:

Whitepaper: FISA 702 and EO 12.333 in the light of The Schrems II Ruling

Our legal team has worked nonstop towards the publish of our new whitepaper that we know many have been waiting for.


The waiting time is finally over. In this whitepaper you can learn more about FISA 702 and EO 12.333 as well as how American governmental services can gain access to European personal data. We go through the American legislation and identify the most important things you should be aware of in your company and organization. We also bring suggestions for handling American IT suppliers.




We have prepared a simple roadmap that step by step illustrates the reflections you need to do in connection with transfers of data in third countries.


To book a class, become a member, or rent our studio, please complete this short form. We’ll get back to you as soon as we can.