Privacy Glossary

Standard Contractual Clauses

Pre-approved contract clauses issued by the European Commission for lawfully transferring personal data outside the EEA.

GDPR

Full Definition

Standard Contractual Clauses (SCCs) are standardised contracts approved by the European Commission that provide a valid transfer mechanism for transferring personal data from the EU/EEA to third countries that have not received an adequacy decision. The 2021 SCCs replaced older versions and introduced four modules: controller-to-controller, controller-to-processor, processor-to-processor, and processor-to-controller transfers. Following Schrems II, SCCs must be supplemented by a Transfer Impact Assessment (TIA) to assess whether the SCCs can be effective in the destination country. SCCs are the most commonly used transfer mechanism globally.

Back to all terms

Related terms

Cross-Border Transfer

The transfer of personal data from one country to another, subject to restrictions under data protection laws.

Data Controller

An entity that determines the purposes and means of processing personal data.

Data Processor

An entity that processes personal data on behalf of and under the instructions of a Data Controller.

Relevant regulations

GDPR

Browse more terms

Explore all 25 privacy and compliance terms in our glossary.

View full glossary

Automate your privacy program

TruePrivacy handles DSRs, consent management, data mapping, and breach response — all in one platform.

Start Free Trial Book a Demo