In light of this significant development, we have updated our coverage to reflect the latest information. To stay up-to-date on the new EU-US Data Privacy Framework agreement and its implications, we invite you to read our latest article on the topic.
🔍 Discover the latest: EU to USA Personal Data Transfers Now Approved
Thank you for your continued support and trust in our coverage of important global issues!
The latest ruling from the Court of Justice of the European Union on transfers outside of the EU came as quite a surprise to many and will directly impact the way that the data of EU based persons can be shared outside of the EU.
Following the decision of July 16, 2020 in Data Protection Commissioner v Facebook Ireland Ltd, Maximilian Schrems and intervening parties, Case C-311/18, businesses can no longer rely on the US Privacy Shield as a condition for cross-border data transfer under the GDPR as the shield had been invalidated.
We have compiled some preliminary information for you on the specifics of this decision and will keep you updated here on medium in the coming weeks and months, should anything notable happen.
We’re currently making all the necessary changes to our product clauses wherever Privacy Shield impacts our product (in this case, the privacy policy disclosures).
If you’d like to update your processes to match the ruling of the Court right away, you can begin by reviewing any data transfer you make to the US (e.g. you use a vendor or tool that’s run by a US company).
If the data transfer was based on the Privacy Shield you’ll need to check whether or not that provider is now offering an alternative legal basis to justify data transfers, such as Standard Contractual Clauses integrated into the contract with the vendor, or explicit consent, for example.
To access more information and keep track of further developments, follow iubenda here on medium or on twitter.
Attorney-level solutions to make your websites and apps compliant with the law across multiple countries and legislations.
