Legal Guidance and Research / Experts / Amy Smyth
Amy Smyth#9496
LinkedIn

Amy Smyth

Latham & Watkins
Amy is a knowledge management lawyer for the Privacy and Cyber group of Latham & Watkins. She has extensive experience in a broad range of technology, commercial, data, and intellectual property matters, with a particular focus on privacy and cyber security.

Practice Area

Panel

  • Contributing Author

Qualified Year

  • 2010

Education

  • Oxford University
  • Cardiff University School of Law

6 Contributions by Amy Smyth

EU GDPR precedent clause: incorporating 2021 EU SCCs Module One (controller-to-controller) into agreements, with Annex details, optional terms, competent supervisory authority, governing law and jurisdiction choices
PRECEDENTS
EU GDPR precedent clause: incorporating 2021 EU SCCs Module One (controller-to-controller) into agreements, with Annex details, optional terms, competent supervisory authority, governing law and jurisdiction choices
1 In this [ clause ], for clarity, 2021 EU SCCs refers to module one (controller to controller) of the standard contractual clauses contained in Commission Implementing Decision (EU) 2021/914. The [ Importer Party ] must meet the data importer’s obligations, and the [ Exporter Party ] must meet the data exporter’s obligations, as described in the 2021 EU SCCs, which are hereby incorporated into and constitute part of this Agreement...
EU Law
EU GDPR: Incorporation clause for the 2021 EU Standard Contractual Clauses for processor-to-processor transfers (Module Three)
PRECEDENTS
EU GDPR: Incorporation clause for the 2021 EU Standard Contractual Clauses for processor-to-processor transfers (Module Three)
1 Within this [ clause ], 2021 EU SCCs refers to module three (processor to processor) of the standard contractual clauses contained in Commission Implementing Decision (EU) 2021/914. The [ Importer Party ] shall fulfil the data importer obligations, and the [ Exporter Party ] shall fulfil the data exporter obligations, as set out in the 2021 EU SCCs, which are hereby incorporated into and constitute part of this Agreement...
EU Law
Precedent clause (EU GDPR) to incorporate 2021 EU SCCs Module Four (processor-to-controller) into agreements, with Annex I particulars, optional provisions, governing law and jurisdiction
PRECEDENTS
Precedent clause (EU GDPR) to incorporate 2021 EU SCCs Module Four (processor-to-controller) into agreements, with Annex I particulars, optional provisions, governing law and jurisdiction
1 In this [ clause ], 2021 EU SCCs refers to module four (processor to controller) of the standard contractual clauses set out in Commission Implementing Decision (EU) 2021/914. The [ Importer Party ] shall adhere to the data importer’s obligations, and the [ Exporter Party ] shall adhere to the data exporter’s obligations, set out in the 2021 EU SCCs, which are hereby integrated into and constitute part of this Agreement...
EU Law
Template clause incorporating the 2021 EU SCCs Module Two (controller-to-processor), with selectable options and Annexes I–III placeholders for EU GDPR international data transfers
PRECEDENTS
Template clause incorporating the 2021 EU SCCs Module Two (controller-to-processor), with selectable options and Annexes I–III placeholders for EU GDPR international data transfers
1 In this [ clause ], 2021 EU SCCs refers to module two (controller to processor) of the standard contractual clauses specified in Commission Implementing Decision (EU) 2021/914. The [ Importer Party ] must fulfil the data importer’s duties, and the [ Exporter Party ] must fulfil the data exporter’s duties, as further detailed in the 2021 EU SCCs, which are hereby incorporated by reference and form part of this Agreement...
EU Law
UK GDPR international transfers: precedent clause incorporating the UK Addendum to the 2021 EU SCCs (Module 2, controller-to-processor) by reference
PRECEDENTS
UK GDPR international transfers: precedent clause incorporating the UK Addendum to the 2021 EU SCCs (Module 2, controller-to-processor) by reference
STOP PRESS: On 15 January 2026, the Information Commissioner’s Office issued updated UK GDPR guidance on international transfers, including advice on ‘appropriate safeguards’ (see: LNB News 16/01/2026 10). It confirms the UK Addendum can be concluded in any manner that renders it legally binding and enforceable, and clarifies how Part 2 (Mandatory Clauses) of the UK Addendum can be incorporated by reference by inserting specified wording into the contract. This Precedent is being revised to align with that guidance. For clause 1, UK Addendum means the International Data Transfer Addendum to the EU Commission Standard Contractual Clauses (version B.1.0) issued by the United Kingdom’s Information Commissioner. The [insert defined term for party, eg Supplier] must meet the Importer’s obligations, and the [insert defined term for party, eg Customer] must meet the...
Information Law
UK GDPR precedent: clause to incorporate the UK Addendum to the 2021 EU SCCs (Module Three: processor-to-processor)
PRECEDENTS
UK GDPR precedent: clause to incorporate the UK Addendum to the 2021 EU SCCs (Module Three: processor-to-processor)
1 For the purposes of this clause 1, “UK Addendum” refers to the International Data Transfer Addendum to the EU Commission Standard Contractual Clauses (version B.1.0) issued by the United Kingdom’s Information Commissioner, as amended, updated or replaced from time to time. The [ insert defined term for party, eg Supplier ] shall fulfil the Importer’s obligations, and the [ insert defined term for party, eg Customer ] shall fulfil the Exporter’s obligations, as detailed in the UK Addendum, which is incorporated into and forms part of this Agreement. 1.1 Within the incorporated UK Addendum, the full legal name, [ trading name (where different from legal name) ], principal address and official registration number of the Importer and the Exporter are as set out in [ insert where set out in this Agreement ], and the Start Date is [ insert, eg ‘the date of this Agreement’...
Information Law
Expert page AD
If you expected to see yourself on this page, click here.