On October 6, 2015, the European Court of Justice (“CJEU”) issued a judgment declaring as “invalid” the European Commission’s Decision 2000/520/EC of 26 July 2000 “on the adequacy of the protection provided by the safe harbour privacy principles and related frequently asked questions issued by the US Department of Commerce.”
We understand that the United States and the European Commission are currently working toward a negotiated solution to replace the Safe Harbor agreement. In the present rapidly changing environment, the Department of Commerce has stated that it will continue to administer the Safe Harbor program, including processing submissions for self-certification to the Safe Harbor Framework. Accordingly, BBB EU Safe Harbor will continue to offer dispute resolution services for privacy complaints from EU consumers, for new or renewing program participants who wish to acquire or maintain current self-certifications stating their ongoing adherence to the Safe Harbor privacy principles with respect to the personal data of EU citizens.
On October 16, the Article 29 Data Protection Working Party (“Article 29 WP”), an EU advisory body on data protection including representatives of the national data protection authorities (“DPAs”), issued a press release, stating its view that data transfers from the European Union to the Unites States under the Safe Harbor Decision after the CJEU judgment are unlawful; and noting that DPAs will take action, potentially including coordinated enforcement actions, if by the end of January 2016 no appropriate solution with the U.S. authorities is found. It also noted that in the meantime, individual DPAs may investigate in particular cases and exercise their powers to protect individuals, for instance, in case of a complaint.
If you have questions regarding how the CJEU judgement will affect your business, please contact the Department of Commerce, the appropriate European national data protection authority, or legal counsel. BBB EU Safe Harbor cannot provide legal guidance with respect to any business’s current or future data transfers from the EU to the United States.
Your privacy is of paramount
importance to HRDQ. The information you or your employees provide to us for the
sole purpose of participating in an online assessment, survey, questionnaire or
inventory is encoded for security purposes, and is not made available to any
third party for any means. We do collect usage statistics to improve the
content of our sites and make use of session-only cookies on the HRDQ
Assessment Center to manage the assessment process. These cookies are deleted
after each online assessment session is over or participants log off the
system. We do not sell, rent, or supply internet usage statistics that identify
individual clients to any third party.
If you are a designated administrator of an
online assessment account, you may be contacted by HRDQ staff or third party
support technicians regarding your online account, to inform you of service
enhancements and product updates.
If you supply us with your telephone number or
fax number, you may be contacted by HRDQ staff regarding orders you have placed
online, in connection with your online user account, or to inform you of
service enhancements or product updates.
US-EU and US-Swiss Safe Harbor Policy
HRDQ complies with the U.S.-EU
Safe Harbor Framework and the U.S.-Swiss Safe Harbor Framework as set forth by
the U.S. Department of Commerce regarding the collection, use, and retention of
personal information from European Union member countries and
Switzerland. HRDQ has certified that it adheres to the Safe Harbor
Privacy Principles of notice, choice, onward transfer, security, data
integrity, access, and enforcement. To learn more about the Safe Harbor
program, and to view the Organization, Design and Development (HRDQ’s) certification,
not responsible for the privacy or security of web sites to which the HRDQ
assessment center may link or for those of any downstream linkages.
HRDQ goes to great lengths to
ensure your personal information is secure at all times, and takes a number of
steps to protect against unauthorized access to, and disclosure of,
individually identifiable information. These steps can include firewalls,
secure socket layers, password verification, etc. You can determine when you
are in a secure environment by locating the key or lock symbol at the bottom of
the browser page. When the key or lock is complete, the information you provide
is encrypted, restricting access by anyone else. If your browser does not
support secure transactions, there is a chance that others may view any
information that you send. You can check your browser’s help button to learn
more about secure transaction support.