Regulation of Transborder Data Flows under ... - Tilburg University

More documents

Recommendations

Info

Kuner/Regulation of Transborder Data Flows under Data Protection and Privacy Law 76 Country Source Text or translation (excerpts; notes are given in italics) Mexico Decree issuing the Federal Law on Protection of Personal Data Held by Private Parties (2010) Article 36. Where the data controller intends to transfer personal data to domestic or foreign third parties other than the data processor, it must provide them with the privacy notice and the purposes to which the data owner has limited data processing. Data processing will be done as agreed in the privacy notice, which shall contain a clause indicating whether or not the data owner agrees to the transfer of his data; moreover, the third party receiver will assume the same obligations as the data controller that has transferred the data. Article 37. Domestic or international transfers of data may be carried out without the consent of the data owner in the following cases: I. Where the transfer is pursuant to a Law or Treaty to which Mexico is party; II. Where the transfer is necessary for medical diagnosis or prevention, health care delivery, medical treatment or health services management; III. Where the transfer is made to holding companies, subsidiaries or affiliates under common control of the data controller, or to a parent company or any company of the same group as the data controller, operating under the same internal processes and policies; IV. Where the transfer is necessary by virtue of a contract executed or to be executed in the interest of the data owner between the data controller and a third party; V. Where the transfer is necessary or legally required to safeguard public interest or for the administration of justice; VI. Where the transfer is necessary for the recognition, exercise or defense of a right in a judicial proceeding; and VII. Where the transfer is necessary to maintain or fulfill a legal relationship between the data controller and the data owner.
Kuner/Regulation of Transborder Data Flows under Data Protection and Privacy Law 77 Country Source Text or translation (excerpts; notes are given in italics) Moldova Law No. 17-XVI of February 15, 2007 on the Protection of Personal Data (modified by Law No. 141-XVI of 26.06.2008, in force as of 1 August 2008) Monaco Law No. 1.165 - Act Concerning the Processing of Nominal Information (23 December 1993) Article 16 - Transborder transfer of personal data (1) The present Article is applied in the case of transfer across national borders, whatever support is used, of personal data, which are subject to processing or are collected with the purpose to be subject of such processing. (2) Personal data, that are on the territory of the Republic of Moldova and destined to be transferred to other states, are protected in accordance with the present law. (3) The transborder transfer of personal data, that are subject to a processing or are going to be processed after the transfer, can be made in the case when the respective state ensures an adequate level of protection of the rights of personal data subjects and of the data destined for the transfer, as well as in other cases according to the international agreements the Republic of Moldova is party of. (4) The level of protection is established by the Center, taking into consideration the conditions in which the data transfer is performed, especially the nature of the data, the purpose of the data transfer and processing, the country of final destination, the legislation of the requesting state. (5) In the case when the Center concludes that the level of protection offered by the state of destination is unsatisfactory, it may prohibit the data transfer. (6) The transfer of personal data to the states that do not ensure an adequate level of protection, can be made only: (a) with the written consent of the personal data subject; (b) in case of the need to sign or execute an agreement or a contract between the personal data subject and their holder, or between the holder of these data and a third party in the interest of the personal data subject; (c) if the transfer is necessary to protect the rights, freedoms or interests of the personal data subject; (d) in case when personal data are accessible to the public. Article 8 (8) To be admissible, the declaration envisaged in the first subparagraph of Article 6… must include: (8) mention, when necessary, that the data processing is intended for the communication of data abroad, even if it results from operations previously carried out outside Monaco. NOTE: Article 6 refers to the obligation that persons or entities under private law must file a declaration of their processing activities with the DPA.
Page 1 and 2:
TILT (TILBURG INSTITUTE FOR LAW, TE
Page 3 and 4:
Kuner/Regulation of Transborder Dat
Page 5 and 6:
Page 7 and 8:
Page 9 and 10:
Page 11 and 12:
Page 13 and 14:
Page 15 and 16:
Page 17 and 18:
Page 19 and 20:
Page 21 and 22:
Page 23 and 24:
Page 25 and 26: Kuner/Regulation of Transborder Dat
Page 75: Kuner/Regulation of Transborder Dat
show all

Regulation of Transborder Data Flows under ... - Tilburg University

Create successful ePaper yourself

Delete template?

Save as template?