Transparency and protecting your data has always been of utmost importance to us. Even before the Privacy Shield was ratified, we ensured that we were TRUSTe certified and you can rest assured that the lists that you upload to our platform are yours alone. We will never use, rent or sell your client lists. That said, though, we are very excited to announce that we are now one of a select few companies that have been shown to comply with the Privacy Shield’s data protection requirements.
I’m sure you’ve got plenty of questions on just what that means, so I’ve decided to answer five of the most pressing Privacy Shield questions asked by our customers. If you do have any others, feel free to leave a comment or contact us personally on email@example.com, subject: Privacy Shield.
What is the Privacy Shield?
Privacy Shield imposes stronger obligations on US companies to protect the personal data of Europeans. The agreement obliges the companies involved to enforce greater transparency and there are several redress possibilities. It also, for the first time, includes restrictions on the access that US public authorities have to the data.
What does that mean?
It means that your personal data can be transferred from the EU to a company in the United States as long as the company there “processes (e.g. uses, stores and further transfers) your personal data according to a strong set of data protection rules and safeguards. The protection given to your data applies regardless of whether you are an EU citizen or not.”
How does it work?
Any company that wants to be recognised as fulfilling the requirements of the Privacy Shield must get certified. Additionally, this certification is renewed on a yearly basis. If a company does not renew, they will not be able to receive and use data from the EU under this particular framework.
How do I know if a company is Privacy Shield certified?
Very easily. You can check by searching the official Privacy Shield list. Here’s the link: https://www.privacyshield.gov/list.
If the company searched for is Privacy Shield certified, they will appear among the active results like this:
What are the rights and obligations outlined in the agreement?
You’ll find a full explanation of the Privacy Shield together with all rights and obligations in the following link http://ec.europa.eu/justice/data-protection/document/citizens-guide_en.pdf. A few key points include:
- You have a right to be informed generally. Whether that’s you being informed about how and why your data will be used, how to access your personal data or how to make a complaint
- There are now limitations on how your data can be used for different purposes
- The company is obliged to minimise the data it has on you and keep that data for only as long as can be proven necessary
- The company must keep your data secure
- In the case that it is necessary for your data to be transferred to another company, the Privacy Shield company must protect your data
- You have a right to access and correct your data
- You have the right to complain and receive a resolution. There are several ways to lodge a complaint
- You have the right to redress if your data is accessed by US public authorities
Is there anything else I need to know?
Yes, and it’s very important. We heard from a few customers that there was a rumour that any US-based company wanting to work with European data would need servers in Europe. This is completely false.
The only requirement is that US-based companies comply with the Privacy Shield and we do. Your data is safe with us.
If you are not yet a Benchmark customer but would like to know if your email marketing provider complies with current legislation, access the link we have provided above and search for them. If they don’t appear, they are not certified so your data and information may be at risk.
Want to know more?
Browse the following two official Privacy Shield documents or get in touch on firstname.lastname@example.org.
- Fact Sheet: http://ec.europa.eu/justice/data-protection/files/factsheets/factsheet_eu-us_privacy_shield_en.pdf
- Guide to the EU-U.S. Privacy Shield: http://ec.europa.eu/justice/data-protection/document/citizens-guide_en.pdf