Kristof Van Quathem and Anna Oberschelp de Meneses of Covington & Burling write:
On April 9, 2020, the German Supervisory Authority of Baden-Wuerttemberg published standard contractual clauses for data processors pursuant to Article 28(8) GDPR. It is the first German Supervisory Authority to do so, and the second in EU after the Danish Supervisory Authority published its own standard clauses in July 2019. However, while the Danish clauses passed the GDPR consistency mechanism before the European Data Protection Board (“EDPB”), the German clauses have yet to be reviewed by the EDPB.
Both the Danish and the German clauses set out a high level of protection by imposing a wide range of obligations on processors.
Read more on InsidePrivacy.