Pay attention! The Privacy Shield is declared invalid
Currently working with an American platform? Pay attention! The Privacy Shield was declared invalid on July 17, 2020. Companies in the European Union are no longer allowed to transfer personal data to the United States on the basis of the Privacy Shield.
The Privacy Shield was one of the ways to exchange personal data with companies located outside the European Union. According to the European Court, the Privacy Shield cannot guarantee the same protection as GDPR.
This doesn’t mean that no personal data may be shared with countries like the United States. To stay in accordance with GDPR, use Standard Contractual Clauses, or SCCs. These are valid for the time being but you cannot blindly assume that these agreements ensure that the processing of personal data in the US is secure.
If you use an email service provider that stores and processes data in the US, you no longer meet GDPR guidelines. Email marketing platforms like Mailchimp, Close Contact and Sendgrid have these issues. Creating model contracts for all their EU customers is a considerable challenge. Also, technology lawyers and data protection experts believe that model contracts only temporarily provide you with the information and, as mentioned earlier, have a duty to do so.
Do you use an email service provider that stores and processes data in the US? Then it is imperative to check the SCC now. Of course, you can also choose to go for a European email service provider like Mailigo, so you can be sure you’re compliant with the GDPR.
Read more on the subject here .