Success Portal

UK International Data Transfer Agreement and new EU Standard Contractual Clauses

Adam
  • Updated
Follow

This article explains Reward Gateway’s position to data protection regulations in light of:

  • The departure of the United Kingdom (UK) from the European Union (EU) and European Economic Area (EEA) as part of the Withdrawal Agreement.
  • The publication of the EU's Standard Contractual Clauses (SCCs) in June '21
  • The publication of the UK's International Data Transfer Agreement (IDTA) in March '22

We are happy to discuss this in detail with you should you require further information. 

Will you sign IDTAs and SCCs with us? 

If you are a UK business contracted with Reward Gateway (UK) Ltd

As you are a UK based data controller, sharing data with Reward Gateway, a UK based data processor, then IDTAs and SCCs are not required or valid for your direct transfer to us. 

This also applies if you are transferring us EU data subjects data as part of a wider group company relationship (e.g. the UK business is the regional headquarters.) 

If you are an EU business contracted with Reward Gateway (UK) Ltd

The EU Commission has published an EU adequacy decision for the UK, meaning that the EU recognised that the UK provides an equivalent level of protection for personal data under law.

If you are a UK or EU business contracted with one of our other group companies

We will happily sign SCCs with you alongside our Data Processing Addendum. Please use the documents available at rg.co/agreements

What about sub-processors based in other countries, like the US?

You can find a list of our sub-processors and details of our risk assessment at rg.co/agreements

For sub-processors based in a country where there is no adequacy decision, we conduct a Transfer Risk Assessment. These risk assessments suggest that the residual risks to data subjects is low and would not prevent UK IDTAs or EU SCCs being used to provide a legal mechanism for the transfers.

We have signed agreements with these sub-processors as the data importer and Reward Gateway (UK) Ltd. as the data exporter. We can provide copies of these agreements to you on request. 

Does Reward Gateway have a 'nominated representative' in the EU?

Yes. We have appointed Castlebridge to provide a nominated representative service from Ireland.

They can be contacted through:

Email: GDPR-nomrep@rewardgateway.com 

Post: Reward Gateway Nominated Representative c/o Castlebridge Nominated Representative Services Ltd, Unit 7, 12 Mountjoy Square North, Dublin 1

Did this article help you?

0 out of 0 found this helpful

Related articles

Still haven't found what you are looking for?

Product development updates
Learn now
Can't find what you are looking for?
Get in touch

Comments

0 comments

Article is closed for comments.

top Back to top