Mitigate Risk When Expanding Business in Europe
Companies come to TRUSTe when they’re concerned about the protection of customer and HR data in their global operations. Business teams especially want to mitigate any risks when expanding or acquiring operations in Europe requiring the collection, use and transfer of EU customer or employee data to non-EU nations.
Securing US-EU Safe Harbor Self-Certification is a critical component of your global compliance strategy as it provides you with a mechanism for establishing “adequate” protections required for cross-border data transfer under EU laws.
TRUSTe offers comprehensive US-EU Safe Harbor Assessments to analyze and verify compliance under the Safe Harbor Framework for both customer and employee data. We can also provide Certification services for companies needing additional remediation guidance and validation in preparation for US-EU Safe Harbor Self-Certification under Department of Commerce authority.
- Incident prevention & reduced legal risks – associated with meeting complex data privacy requirements
- Independent assessment – for a strong Safe Harbor submission
- Full-service team of privacy experts – with practical in-house business process experience, by your side throughout the process
- Detailed and actionable guidance – to implement immediate steps
- Digital monitoring – powered by TRUSTe’s state-of-the-art privacy technology
- Streamlined process minimizes disruption – to your daily business operations and lightens the load for your in-house team
- Brand protection – against negative media coverage
- Demonstrated privacy commitment to build trust – with users, clients, business partners, and regulators
- Flexibility – to extend Assessments to full Certification for remediation guidance and validation
Our Assessments provide you with the information you need to take control with specific steps to mitigate risks.
Comprehensive AssessmentWe first define the scope of assessment by business units, product/service lines, and digital properties (websites, apps, cloud platforms). Then determine whether to extend review to employee data or offline practices. A dedicated Privacy Solutions Manager (PSM) works with your team to efficiently guide discovery of necessary information, including relevant data flows. We then evaluate your privacy policies and practices against the US-EU Safe Harbor Framework requirements.
Findings ReportOur team delivers a findings report with a gap analysis dashboard and remediation recommendations so you have the privacy risk information you need to take actionable steps.
Tracker ScanningTRUSTe will apply proprietary scanning technology to the applicable digital properties providing comprehensive insight into personally identifiable information (PII) data collection, first and third party trackers on your property, and level of risk through the Privacy Sensitivity Index (PSI).
Ongoing GuidanceYou also get access to TRUSTe privacy experts for ongoing policy guidance, along with educational webinars, events, whitepapers, client advisories, privacy tips and research.
With Assessment results in hand, you have the flexibility to choose whether to obtain additional support for your US-EU Safe Harbor Self-Certification with the Department of Commerce.
Remediation / ValidationWe assist with any necessary remediation steps, including providing relevant templates and process change advice. We then validate that your privacy statements accurately reflect your privacy practices and are consistent with Safe Harbor requirements.
Dispute ResolutionTRUSTe provides a third-party dispute resolution service, which helps you efficiently manage privacy inquiries from customers, and addresses the dispute handling requirements of the US-EU Safe Harbor Framework.
SOLUTIONS TO ADDRESS A WIDE RANGE OF PRIVACY CHALLENGES
We provide a number of service tracks specifically designed to tackle the most important privacy challenges faced by our clients. TRUSTe US-EU Safe Harbor Assessments and Certifications are part of our broad range of privacy services. You may also be interested in our Enterprise, Asia Cross Border, or Kids Privacy services to further expand your risk and compliance management efforts.
General Assessments Regulatory Assessments Strategic Priorities Privacy Impact (PIA) TRUSTe Enterprise EU Safe Harbor Customer + HR Data Asia Cross Border (APEC) Kids / COPPA Privacy Framework Privacy Maturity Model, Others Any Relevant Requirements FIPs, OECD, GAPP, CalOPPA, Others US-EU Safe Harbor APEC CPBR’s COPPA Term One-time One-time Annual Annual Annual Annual Assessment & Findings Report Tracker Scanning Ongoing Guidance Dispute Resolution Certifications (Optional Add-on) Remediation / Validation Dispute Resolution TRUSTe Seals TRUSTe Certified Privacy TRUSTe APEC TRUSTe Kids Other Seals EU Safe Harbor** = TRUSTe provides guidance to prepare for DOC Safe Harbor filing
TRUSTe Privacy Professionals
TRUSTe Privacy Services are delivered by our Privacy Consultants and Privacy Services Managers, a team of recognized data privacy experts with significant experience conducting privacy assessments. Our team has a unique hybrid background of privacy, technology, business process, and project management experience. All are CIPP trained or certified, many have law degrees, and have hands-on experience working for a wide range of companies including Adobe, American Express, Citrix, Comcast, HSBC Bank, IBM, Kimberly-Clark, Microsoft, Pfizer, and many more.
Our privacy team leverages nearly 20 years experience delivering data privacy management solutions for thousands of global brands along with our comprehensive technology platform. We also have key regulatory relationships and are a leading provider of privacy services supporting regulatory and self-regulatory compliance programs for a wide range of agencies including APEC, DOC, DAA, EDAA, and FTC.
TRUSTe Technology Platform
Our Data Privacy Management Services leverage the TRUSTe Platform, a comprehensive, SaaS technology solution that provides state of the art assessment management, compliance control, and website scanning / monitoring capabilities.