I have an Indian Company migrating my Magento 1.9 site to Magento 2. The issue I face is under GDPR I can't easily hand over my Customer Data to the Dev company as India has not yet got Adequacy status under EU law. I can fill in a large Standard Contractual Clauses document but it is very long winded and I'm not sure entirely if it is enough.
My question is!
Can my Indian Dev company migrate my product data from my UK server onto their local Development server and build me my new M2 site but leave the customer data where it is on the current M1 site, then when they push the finished site to my staging server back in the UK for testing at this stage can they move/migrate the customer data. So meaning the customer details never left the UK.
I'm sure this isn't the first time this issue will have popped up and i'm sure it won't be the last either :-)
As i know using SCCs is a common approach to ensure that the data transfer complies with GDPR. However, as you mentioned, they can be lengthy and complex. prepaid att login It's crucial to work with legal experts who are well-versed in data protection laws to create and review these contracts.
If possible, consider anonymizing or pseudonymizing the customer data before transferring it. This means that the data can no longer be attributed to a specific individual without additional information.