essensys is committed to achieving and maintaining the trust of our customers. To Facilitate our global operations, we act as a data processor for certain services, certified under the the EU-U.S. Privacy Shield framework. See our Privacy Shield Registration for more information.
The EU-U.S. and Swiss-U.S. Privacy Shield Frameworks were designed by the U.S. Department of Commerce, and the European Commission and Swiss Administration, respectively, to provide companies on both sides of the Atlantic with a mechanism to comply with data protection requirements when transferring personal data from the European Union and Switzerland to the United States in support of transatlantic commerce. For more information visit the Privacy Shield Framework site.
On July 16th 2020, the Court of Justice of the European Union (“CJEU”) confirmed the validity of the European Commission’s standard contractual clauses (SCCs) as a legal mechanism for the transfer of EU personal data but invalidated the EU-US Privacy Shield framework. essensys would like to assure our customers that we continue to respect and handle your personal data with the highest levels of integrity and transparency.
Prior to the introduction of GDPR, we issued all customers with our data processing addendum. This included standard contractual clauses and binding corporate rules (BCRs) and explained how we collected, stored and transferred personal information. The SCCs and BCRs are available for review here (link to data processing addendum).
[This PDF below should already be available on our website. data processing addendum.pdf]
Additional information regarding the Schrems II case can be accessed via the ICO’s statement here