Are you a U.S.-based Company doing business with the EU, UK and/or Switzerland? You may want to certify under the Data Privacy Framework!
We can help you meet the requirements of the EU-U.S. DPF, the UK Extension to EU-U.S. DPF (if applicable) and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF), which are jointly administered as the Data Privacy Framework (DPF) Program by the International Trade Administration (ITA) of the US Department of Commerce.
Our DPF Certification Services
- We can help you get certified under all Data Privacy Frameworks
- We can verify your claims made in your Application
- We help you to adapt your Privacy Policies to make them compliant with the Data Privacy Frameworks
- We can help you with responses to data subjects and authorities.
- Our team of lawyers is experienced in dealing with data subject requests and liaising with authorities, e.g. in cases of data breaches or other incidents.
- You get privileged access to our team of experts via our helpline.
- You get special rates for additional services relating to GDPR, such as drafting the record of processing activities or privacy policy as well as incident response.
Transfers of personal data between the EU/UK/Switzerland and third countries such as the USA must be safeguarded in accordance with the GDPR. Since June 2023, the “Transatlantic” Data Privacy Frameworks (EU-US DPF, the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF) should be considered in addition to the predominant use of standard contractual clauses.
This requires certification of companies under the DPF, which requires a DPF-compliant Privacy Policy. This leads to a decrease in bureaucracy in the event of, for example, group restructuring or the implementation of new or changes to existing data processing procedures. We recommend using SCCs and the DPF in parallel to achieve the greatest possible compliance. However, an existing certification significantly reduces time pressure in the event that existing SCCs need to be amended.
OUR THREE STEP APPROACH
Additionally, you will receive clear instructions on everything you need to do to certify.
Frequently Asked Questions
You should certify under the DPF if your company operates within the European Union, the United Kingdom, and/or Switzerland and gathers data from EU/UK/Swiss customers/handles personal data of such individuals or processes personal data of these individuals on behalf of a business partner in the EU/UK/Switzerland.
The EU-U.S. DPF, UK Extension to the EU-U.S. DPF, and Swiss-U.S. DPF, developed by the U.S. Department of Commerce and the European Commission, UK Government, and Swiss Federal Administration provides U.S. companies with reliable mechanisms for personal data transfers to the United States from the European Union, United Kingdom, and Switzerland while ensuring data protection for the data subjects in those areas that is consistent with EU, UK, and Swiss law.
Certification under the DPF is not necessary. However, potential clients may consider a certified company, named in a public list by the US authorities, as being more reliable or trustworthy when it comes to Data Protection. Customers of ours have made the experience that their clients demanded certification under the DPF before they were willing to contracting with them.
INTERESTED?
Please contact us at
Or fill out the form to register your interest. Once received, our team will quickly review your services and send you further information regarding our terms and conditions, as well as our agreement form.
Please note our privacy policy.