06.12.2022 | KPMG Law Insights

Schrems II – Update your contracts until 27.12.2022

Schrems II – What does that mean for you?

With the EU Commission’s implementing decision ((EU) 2021/914 COM), all standard contractual clauses for data transfers to third countries must be adapted. This has already been mandatory for new contracts since September 27, 2021, and existing contractual relationships must be adjusted by December 27, 2022.

What do you have to pay special attention to?

Probably the most extensive change is the obligation of the data submitter to conduct a so-called “Transfer Impact Assessment” (abbreviated to “TIA”). This includes a comprehensive risk assessment of third country transfers on a case-by-case basis. Legal peculiarities in the destination country must be taken into account and may entail special contractual, organizational or technical compensatory measures to protect personal data. This can lead to sometimes considerable additional costs for the data recipient and a change in the previous contract conditions.

Consequences of non-compliance

After the deadline of December 27, 2022, fines of up to 4% of annual sales or 20,000,000 euros may be levied if the previous models continue to be used. Claims for damages by those affected and warnings from competitors are further possible consequences. The transparency obligations under data protection law make it easy for third parties to determine whether the new requirements have been implemented, making repression not unlikely. Those who have not yet started updating their standard contractual clauses should do so immediately. The complexity of this process should not be underestimated, and failure to implement it is readily apparent and poses a high risk of liability.

We can assist you in adapting your standard contractual clauses. Feel free to contact us.

Explore #more

17.05.2024 | KPMG Law Insights

Podcast series “KPMG Law on air”: When the family business is to be sold

Around 38,000 family businesses are currently handed over each year. In most cases, the change of ownership takes place within the family. But more and…

03.05.2024 | KPMG Law Insights

Doubts about inability to work? What employers can do

The certificate of incapacity for work (AU certificate) serves as proof of incapacity for work due to illness. However, only if the certificate meets certain…

29.04.2024 | KPMG Law Insights

Agreement on ecodesign regulation: products to become more sustainable

After lengthy negotiations, the Council and Parliament of the European Union reached a provisional agreement on the Ecodesign Regulation on the night of December 5,…

27.03.2024 | KPMG Law Insights

EU Buildings Directive: life cycle greenhouse potential becomes relevant

On March 12, 2024, the EU Parliament approved the amendment to the EU Buildings Directive. The directive obliges member states and, indirectly, building owners and…

19.03.2024 | Business Performance & Resilience, KPMG Law Insights

CSDDD: Provisional agreement on the EU Supply Chain Directive

The EU member states agreed on the CSDDD, the EU Supply Chain Directive, on March 15, 2024. Germany abstained from the vote. Negotiators from the…

19.03.2024 | KPMG Law Insights

The AI Act is coming: EU wants to get a grip on AI risks

For many people, artificial intelligence (AI) is the great hope for business, healthcare and science. But there are also plenty of critics who fear the…

21.02.2024 | KPMG Law Insights, KPMG Law Insights

The Digital Services Act – what does it mean for companies?

The Digital Services Act (DSA) is a key component of the EU’s digital strategy and came into force on November 16, 2022. As a regulation,…

15.02.2024 | KPMG Law Insights

Data compliance management: How to implement it in practice

Part 3 of the article series “Professional tips for data compliance management”   The third part of this series of articles deals with data compliance

14.02.2024 | Business Performance & Resilience, PR Publications

Guest article in ZURe: Monitoring the implementation of the LkSG

The current issue of ZURe (p. 20 ff.) contains a guest article by KPMG Law Partner Thomas Uhlig (Head of General Business and Commercial Law),…

09.02.2024 | KPMG Law Insights

Podcast series “KPMG Law on air”: The employment law function

In almost all German companies, the employment law function is located in the HR department and not in the legal department. One of the reasons…


Francois Heynike, LL.M. (Stellenbosch)

Head of Technology Law

THE SQUAIRE Am Flughafen
60549 Frankfurt am Main

tel: +49-69-951195770

Miriam Oussalah


Münzgasse 2
04107 Leipzig

tel: +49 341 22572-500

© 2024 KPMG Law Rechtsanwaltsgesellschaft mbH, associated with KPMG AG Wirtschaftsprüfungsgesellschaft, a public limited company under German law and a member of the global KPMG organisation of independent member firms affiliated with KPMG International Limited, a Private English Company Limited by Guarantee. All rights reserved. For more details on the structure of KPMG’s global organisation, please visit

 KPMG International does not provide services to clients. No member firm is authorised to bind or contract KPMG International or any other member firm to any third party, just as KPMG International is not authorised to bind or contract any other member firm.