Derogations of Article 49 GDPR

Categories Blog, Business, Design / Branding, Free Data Protection Resources, Uncategorized
Date November 5, 2020

Guidelines 02/2018 on Derogations of Article 49 GDPR

Section 2.3 Transfer necessary for the conclusion or performance of a contract concluded in the interest of the data subject between the controller and another natural or legal person – (49 (1) (c))

The interpretation of this provision is necessarily similar to that of Article 49 (1) (b); namely, that a transfer of data to a third country or an international organization in the absence of an adequacy decision pursuant to Article 45(3), or of appropriate safeguards pursuant to Article 46, can only be deemed to fall under the derogation of Article 49(1) (c), if it can be considered tobe “necessary for the conclusion or performance of a contract between the data controller and another natural or legal person, in the interest of the data subject”.

Aside from being necessary, recital 111 indicates that, data transfers may only take place “where the transfer is occasional and necessary in relation to a contract (…)” Therefore, apart from the “necessity test”, personal data here as well may only be transferred under this derogation only when the transfer is occasional.

Necessity of the data transferand conclusion of the contract in the interest of the data subject

Where an organization has, for business purposes, outsourced activities such as payroll management to service providers outside the EU, this derogation will not provide a basis for data transfers for such purposes, since no close and substantial link between the transfer and a contract concluded in the data subject’s interest can be established even if the end purpose of the transfer is the management of the pay of the employee. Other transfer tools provided in Chapter V may provide a more suitable basis for such transfers such as standard contractual clauses or binding corporate rules.

Occasional transfers

Moreover, personal data may only be transferred under this derogation,when thetransfer is occasional as it is the case under the derogation of Article 49 (1) (b). Therefore, in order to assess whether such transfer is occasional, the same test has to be carried out.

Finally, according to Article 49(1) (3), this derogation cannot apply to activities carried out by public authorities in the exercise of their public powers.