SCC Generator

Standard contractual clauses (SCC‘s) for data transfers to a country with an inadequate level of data protection based on standard contractual clauses

For controllers or processors in the EU/EEA (or otherwise subject to the GDPR) and from Switzerland to controllers or processors established outside the EU/EEA (or otherwise subject to the GDPR) and Switzerland, the European Commission issued on 4 June 2021 new standard contractual clauses under the GDPR.

On the 27 August 2021, the FDPIC recognized these standard contractual clauses for the transfer of personal data to third countries applicable for Switzerland as well. However, the FDPIC does not accept these standard contractual clauses unconditionally; if necessary, these SCC will still need to be adapted and/or supplemented when they are applied. The SCC are new divided in four modules.

This generator will help you chose the right module and make basic adjustments. Keep in mind, for a more detailed and tailored version, we will be happy to assist you personally.

Create your customized SCC

We have created a SCC generator for you, which allows you to generate your standard contractual clauses for free in just a few steps. In order to download the document, you need to register or be logged in and follow the steps below. For a customized SCC, i.e. to adjust appendix and individually needs, we will be happy to assist you. You can contact us anytime.

You are 3 steps away to generate your personal SCC

Questionnaire

Fill in the following forms

Download

Receive your SCCs via e-mail

Customize

You want to have your SCCs tailored to you, then contact us

Please register or log in to fill out the form. After registration or login please refresh this page and continue with step 2.


Please select below the assigned module from step 2. After answering and submitting the form below, you will receive an e-mail with a link to download your SCC.

Please keep in mind, that this is an automatic generated document and does not replace legal consultation. We do not take any liability arising from this SCC. For a tailored and detailed customized SCC, as well for help with the Appendix of the SCC, we will gladly assist you personally. You can contact us anytime.

If you do not see the following form, please register or log in.

Please select below the assigned module from step 2. After answering and submitting the form below, you will receive an e-mail with a link to download your SCC.

Please keep in mind, that this is an automatic generated document and does not replace legal consultation. We do not take any liability arising from this SCC. For a tailored and detailed customized SCC, as well for help with the Appendix of the SCC, we will gladly assist you personally. You can contact us anytime.

If you do not see the form, please register or log in.

Link List of third countries with adequate data protection according to the FDPIC or according to the European Commission
Exporter You are sending personal data into a third country.
Importer You are receiving personal data from a third country.
Controller Controls the procedures and purpose of data usage; the one to dictate how and why data is going to be used by the organization
Processor Processes any data that the data controller gives them; processor does not own the data that they process, nor do they control it. This means that the data processor will not be able to change the purpose and the means in which the data is used
Countries with third party beneficiary right According to Clause 3 of the SCC country laws should allow data subjects (as third parties) to invoke and enforce the standard contractual clauses.
Clause 13: Territorial scope of application in accordance with Art. 3 Para. 2 GDPR Processing of personal data, where data subjects are in the EU but the processor or controller is not established in the EU and the processing activities are related to: the offering of goods or services, irrespective of whether a payment oft he data subject is required, to such data subjects in the Union or the monitoring of their behavior as far as their behavior takes place within the Union.
With representative Art. 27 Para. 1 GDPR Where Art. 3 Para. 2 applies, the controller or the processor shall designate in writing a representative in the Union.
Without representative Art. 27 Para. 2 GDPR The obligation of designating a representative in the EU does not apply to processing which is occasional, does not include, on a large scale, processing of special categories of data as referred to in Art. 9 Para. 1 GDPR or processing of personal data relating to criminal convictions and offences referred to in Art. 10 GDPR, and is unlikely to result in a risk to the rights and freedoms of natural persons, taking into account the nature, context, scope and purposes of the processing; or to a public authority or body.
Sub-processor An entity engaged by a processor who agrees to receive from the processor personal data exclusively intended for the processing activities to be carried out as part of the services.