The Schrems II ruling given by the Court of Justice of the European Union (CJEU) on 16 July 2020 (Data Protection Commissioner v Facebook Ireland LTD, Maximilian Schrems and intervening parties, Case C-311/18) upset the apple cart for organizations affected by the EU’s General Data Protection Regulation (GDPR) and how they export data.

Not surprisingly, Schrems II is generating waves of anxiety among in-house legal teams charged with ensuring that their contracts are updated to comply with GDPR. Many organizations are dealing with thousands, if not tens of thousands, of supplier contracts that involve the processing of personal data. The impact is wide-ranging, affecting almost every business sector.

While the ramifications of the Schrems II ruling are still being played out, there are many processes that suppliers should put in place to ensure they are complying now and in the future.

If you are daunted by the impact of Schrems II and its impact on your organization, you are not alone. Factor is partnering with its clients across industries to effect compliance. We have condensed our learnings into a handy checklist of considerations, as a starting point, for your organization as it prepares for the December 2022 deadline. Complete the brief form to download the checklist!