GDPR-EDI-V2
GDPR / RGPD compliance for EDI partners (v2) regulation.
Definition
GDPR (Regulation EU 2016/679) applies to EDI flows as soon as they contain personal data — individual addresses, contacts, employee identifiers. Practical v2 updates: USA / TADPF (Trans-Atlantic Data Privacy Framework) transfers following Schrems II, Article-30 records of processing for EDI iPaaS, retention policies differentiated by document type (invoices = 10 years, ASN = 3 years).
Origin
GDPR effective May 25, 2018. TADPF adopted July 2023, in current application 2024-2026.
Example in context
A European EDI VAN must provide DPA (Data Processing Agreement) Art 28 and SCCs (Standard Contractual Clauses) to its US trading-partner customers.
Related terms
- GDPR EDI — V1 coverage.