Seven Bridges and the EU-U.S. Privacy Shield

Nick

Compliance / Security
Back to Blog

Seven Bridges and the EU-U.S. Privacy Shield

Written by Nick in

Compliance / Security

The EU-U.S. Privacy Shield

Seven Bridges is an early adopter and strong supporter of the EU-US Privacy Shield, a framework in which US companies pledge to adhere to EU standards of data protection. Privacy Shield, designed by the US Department of Commerce and the European Commission, allows companies to comply with EU data protection requirements when transferring personal data from the EU to the US.

Privacy Shield replaces the Safe Harbor program, which European courts invalidated last year over fears of US government access to customer data.

Because of Privacy Shield’s improved protections, and a pledge by the US government to limit access to company data, the European Commission has found Privacy Shield to satisfy EU data protection laws.

Privacy Shield and Seven Bridges

By participating in Privacy Shield, Seven Bridges self-certifies that we will abide by seven privacy principles:

    1. Notice: We tell our customers how and why we use their data.
    2. Choice: We give our customers control over whether, and how, we use their data.
    3. Accountability for Onward Transfer: If we have to transfer data to a third party, we take reasonable steps to make sure that the third party will apply the same standards we do.
    4. Security: We use the best practices of the industry in protecting our customers’ data.
    5. Data Integrity and Purpose Limitation: We only use data the way we said we would, and only for the purposes our customers agree to.
    6. Access: Our customers have access to their data, and can amend or remove it at will.
    7. Recourse, Enforcement, and Liability: Our customers have several means of recourse if they are unhappy with our performance under Privacy Shield, discussed below.

Any EU data subject can file a complaint directly with our legal department, which must respond within 45 days. They may also pursue the matter through their national Data Protection Authority, or through Seven Bridges’ identified independent recourse mechanism, the Better Business Bureau. Binding arbitration may also be available. Companies who fail to honor their obligations under Privacy Shield may incur a range of penalties under law.

Further information

Seven Bridges’ participation in Privacy Shield is overseen by the International Trade Administration of the United States Department of Commerce, who list us as members on their Privacy Shield website.

To learn more about how Seven Bridges protects its users’ information, view our Privacy Policy and our Compliance white paper.

Nick