For the minimal data processed in central components of the LDS (registry of participants, personal data in metadata descriptions…), no transfers to third countries occur and personal data is processed on the basis of the Privacy Statement of the LDS.
As for datasets, participants can restrict how the description of the data can be accessed by different participants. These can refer to geographical restrictions regarding the access to the metadata profiles of the datasets they share. Participants can, per instance, choose to make their datasets’ metadata profiles only visible to entities established in the EAA or to those in the EAA and countries benefiting from an EC adequacy decision.
These restrictions are supplemented by modular contractual clauses, when adequacy decisions are absent, compliant with Chapter V GDPR mechanisms in order to make compliant extra-EEA transfers by requiring safeguards.
