GDPR introduces Standard Data Protection Clauses ('SDPC') as one of several safeguards for transferring personal data to third countries or international organisations in Article 46 (1), (2) (c) GDPR. To function as such a safeguard, SDPC need to be adopted by the European Commission.
To date, there is a lack as SDPC have not been adapted to GDPR yet, so clauses currently in use still reflect directive requirements. Additionally, clauses specifically addressing the needs of processor-to-processor ('p2p') environments are missing. And lastly, the approach of current clauses by expecting at least one party to be exporting does not reflect (European) business needs and modern business models where personal data may be leaving and (re-)entering the EU through a processing chain. By drafting these SDPC, those issues were key to be reflected.
Due to the current lack of SDPC according to Art. 46 (1) GDPR reflecting processor-to-processor environement, the development of a draft set of clauses was initiated by a consortium of different European and international companies.