GDPR Adequacy Decisions

Approved non-EU Countries for data transfer.

To ensure that your personal data remains safe, GDPR specifies that your personal data best never leaves the EU. That said, the EU has reviewed the privacy legal frameworks and practices and has found a number of countries to be deemed safe.

Those, non-EU countries, are listed on the European Commission website, approved non-EU Countries for data transfer. Do note that this is an external link taking you away from our website and that you should be comfortable with that site’s privacy policy before travelling to the page.

Transferring Data outside the EU? | GDPR Adequacy decisions.

A List of non-EU countries with adequate level of data protection :

Here is the link:

Do note that rules on international transfers are not designed to cover situations where the obtaining and transferring of personal data is contained entirely within one company, even where the company is based in a third country.

This is because a non-EU company is already bound by the GDPR whenever it is processing the personal data of EU data subjects.


Check our GDPR Knowledge Base covering Data Security or our post, GDPR Compliance checklist for the SME.