Data Protection and GDPR Level 3 for Managers and Business (VTQ)

64 videos, 2 hours and 55 minutes

Course Content

The Privacy Shield

Video 9 of 64
2 min 48 sec
Want to watch this video? Sign up for the course or enter your email below to watch one free video.

Unlock This Video Now for FREE

This video is normally available to paying customers.
You may unlock this video for FREE. Enter your email address for instant access AND to receive ongoing updates and special discounts related to this topic.

On the 12th July 2016, the privacy shield came into force between the European Union (EU) and the United States (U.S.). The EU and US have strong commercial ties and therefore an agreement was needed regarding the use of personal data transferred between the EU and US.

Transfers of personal data are an important and necessary part of the transatlantic relationship, especially in today’s global digital economy. Many transactions involve the collection and use of personal data, for example, your name, phone number, birth date, home and email address, credit card number, national insurance or employee number, login name, gender and marital status, or any other kind of information that makes it possible to identify you.

For instance, your data may be collected in the EU by a branch or a business partner of an American company which receives the data and then uses it in the U.S.

This is the case, for instance, when you buy goods or services online when using social media or cloud storage services, or if you are an employee of an EU-based company that uses a company in the U.S., for example, the parent company, to deal with personal data. EU law requires that when your personal data is transferred to the U.S, you continue to benefit from a high level of data protection.

This is where the EU-U.S. Privacy Shield comes in. The Privacy Shield allows your personal data to be transferred from the EU to a company in the United States, provided that the company there, processes your personal data according to a strong set of data protection rules and safeguards.

The protection given to your data applies regardless of whether you are an EU citizen or not.

In order to transfer personal data from the EU to the U.S. different tools are available such as contractual clauses, binding corporate rules and the Privacy Shield.

If the Privacy Shield is used, U.S. companies must first sign up to this framework with the U.S. Department of Commerce. The obligation applying to companies under the Privacy Shield are contained in the “Privacy Principles”.

The U.S. Department of Commerce is responsible for managing and administering the Privacy Shield and ensuring that companies live up to their commitments.

In order to be able to certify, companies must have a privacy policy in line with the Privacy Principles. They must renew their “membership” to the Privacy Shield on an annual basis. If they do not, they can no longer receive and use personal data from the EU under that framework.

We have put some links in the download area of this course regarding the privacy shield.