Skip to main content
All CollectionsExternal RecipientsExternal Recipients - Compliance
Do I have to fill in all the compliance information to approve an External Recipient?
Do I have to fill in all the compliance information to approve an External Recipient?

External recipients, compliance, approval

Updated over 2 months ago

Yes, you must complete all information to authorize an external recipient.

Depending on the place of data processing and the exact circumstances of the contract, information from the categories

  • Data processing and

  • Other processors (subcontractors) are required.

Individual questions may be answered with “No”. We recommend that you explain your decision in more detail in the Notes field if necessary

When is a recipient not displayed as a potential third country transfer in the .pdf export of processing activities?

The following criteria must be met:

Data processing:

  • “Place of data processing” = within the EU or in a third country with an adequacy decision

  • “Yes” - Is data processing outside the EU or a third country with an adequacy decision excluded?

  • “Yes” - Is it contractually ensured that all services of the provider (e.g. support) are provided within the EU or a third country with an adequacy decision?

Other processors (subcontractors)

  • “Yes” - Is data processing outside the EU by another processor (subcontractor) excluded?

Related Articles
.pdf export processing activity: Why is a recipient displayed with "third country transfer" even though I have not entered any data?
Where do I upload the AVV and other documents to external recipients?
External recipients: Can I add multiple server locations or data processing locations?
External recipients: How do I release generic recipients such as health insurance companies or authorities?
External recipients: Can I add further contract types or manage existing ones?
Did this answer your question?