On 20 May 2021, the Belgian Data Protection Authority (Gegevensbeschermingsautoriteit / Autorité de protection des données – the DPA) approved the first transnational code of conduct to be adopted within the European Union since the entry into force of General Data Protection Regulation (EU) 2016/679 (the GDPR). The “EU Data Protection Code of Conduct for Cloud Service Providers” (the EU Cloud CoC) aims to establish good data protection practices for cloud service providers and wishes to contribute to a better protection of personal data processed in the cloud in Europe. One day earlier, on 19 May 2021, the European Data Protection Board issued a favourable opinion, allowing the DPA to approve the first transnational code of conduct. In its approval decision, the DPA underlines the importance of codes of conduct as voluntary accountability tools to tailor data protection rules to the specificities of a sector. By adhering to the code, companies will ensure that data handling is in line with the GDPR. Adherence to the EU Cloud CoC is also achievable for small and medium enterprises that are active in this sector. Please click below to read our note on the Code of Conduct.