On July 16th, 2020, the European Court of Justice (CJEU) released its highly anticipated decision in Case C-311/18, otherwise known as Schrems II. The CJEU ruled that the EU-U.S. Privacy Shield is to be invalidated. In turn, the CJEU ruled that the system of Standard Contractual Clauses (SCCs) which allows for data transfers from the EU to third countries, is valid.
Talogy has not solely relied on the EU-U.S. Privacy Shield for US data transfers but has implemented SCCs with our vendors and has subsequently taken the approach on implementing the SCCs across all Talogy affiliates under an Intra-Group Data Sharing Agreement.
What does this mean for Talogy Customers?
Talogy is committed to the protection of your data and the legal data transfer under GDPR to the US. We have implemented the SCCs and also aligned all of our security measures to ISO 27001, which subsequently ensures that industry encryption measures are in place while data is in transit and at rest. Talogy also has strict Access Control procedures to limit who, how and what is being processed while Talogy is continuing to evaluate its US transfers, and where feasibly and reasonable to do so, we will minimize any unnecessary third-party data transfers. Talogy also confirms that as of the date of this notice it has not been subject to any data requests by the US government [for national security purposes].
Talogy’s legal and compliance teams are closely monitoring this ruling and the anticipated guidance that will follow to ensure our compliance, and more importantly, to protect the data of our customers according to GDPR.
You may find the FAQs recently issued by the European Data Protection Board (EDPB) on the invalidation of the Privacy Shield and the implications for the SCCs useful, please click here.
If you have any questions or complaints in relation to this matter, you may contact Talogy’s Data Protection Officer here.
We are now called Talogy bringing together these companies that you know, love, and respect.