SugarCRM is thrilled to report that our submission to the EU-US Privacy Shield Framework has been accepted. We are now certified.
First some background: the “EU-US Privacy Shield Framework,” was introduced earlier this year to succeed the now-invalid Safe Harbor agreement, which had been in place for decades. The Safe Harbor agreement allowed transfer of personal data from the European Union to the United States. Safe Harbor was invalidated by the European Court of Justice in October 2015 because of the perceived risk of US government spying on EU data.
The new arrangement, worked out earlier this year, imposes a range of new safeguards for transferring personal data from the European Union to the US:
- US companies wishing to import personal data from Europe will need to commit to robust obligations on how personal data is processed and individual rights are guaranteed.
- The US has given the EU assurances that the access of public authorities for law enforcement and national security will be subject to clear limitations, safeguards and oversight.
- There will be a dedicated new Ombudsperson role in the US State Department to address complaints from European privacy regulators on behalf of individuals.
What does this mean for SugarCRM and our customers? SugarCRM has committed to applying the Privacy Shield’s principles and safeguards to EU-U.S. transfers of personal data. No action is required on our customers’ part to benefit from the protection of this framework.
The official Privacy Shield Website where you can find SugarCRM’s listing is here: https://www.privacyshield.gov/list