Deltatre Statement on Personal Data Transfers

Deltatre is a group active on a global scale and has therefore commercial relationships with clients, partners and suppliers established not only in the EU but also in Countries which are not part of the Union or of the EEA (hereinafter “Third Countries”).

While processing and transferring personal data in the context of its business activities, Deltatre pays the utmost attention to privacy and data protection matters from a legal, organizational and technical perspective.

As regards the transfer of personal data from the EU/EEA to Third Countries, Deltatre acts pursuant to Chapter V of EU Regulation 679/2016 (“EU GDPR”) and the UK GDPR (where UK GDPR means the EU GDPR as saved into United Kingdom law by virtue of section 3 of the United Kingdom's European Union (Withdrawal) Act 2018).

Further to the judgment of the European Court of Justice of 16 July 2020 (C-311/18 – Schrems II), the Privacy Shield, that applied to EU-US data flows, is no longer valid and, therefore, Deltatre has adopted an internal procedure according to which it:

  • has a constantly updated picture of its international data flows and it regularly verifies that the data transfers are adequate, relevant and limited to what is necessary in relation to the purposes for which they are transferred;
  • carries out assessments on its data importers aimed at verifying if there is anything in the law or practice of the Third Country that may impinge on the effectiveness of the appropriate safeguards of the transfer tools Deltatre is relying on in the context of a specific transfer;
  • monitors the level of protection afforded to the data transferred to Third Countries;
  • uses the revised standard contractual clauses (issued by the European Commission on 4 June 2021) for data transfers between EU and non-EEA countries ("EU SCCs"), adapted where applicable in respect of data transfers between the UK and non-EEA countries in accordance with the International Data Transfer Addendum to the EU SCCs issued by the UK Information Commissioner;
  • implements supplementary measures to protect personal data, where necessary in the context of transfers from the EEA/UK to Third Countries.

For any other information and clarification, you can contact privacy@deltatre.com

Last update: May 2022