Your personal data is generally processed by subcontractors (Saas publishers, data hosts, information managers, etc.) who transfer it either directly or as part of a subcontracting chain outside the European Union.

The most widespread solution is certainly Google Analytics, which does not comply with the RGPD. The CNIL is issuing warnings and formal notices to customers to stop using it.

We can help you secure your use of subcontractors and your international data transfers outside the EU in a changing and uncertain legal environment.

We can help you put in place a combination of standard contractual clauses, risk analysis tools (Transfer Impact Assessment or TIA) and proxification.