We are happy to announce that effective today Retrium is part of the EU-US Privacy Shield Program and publicly committed to complying with its requirements. This certification enables Retrium to transfer personal data from the European Union to the United States while meeting EU data protection requirements.
After the European Commission decided that the Safe Harbor Principles, which outlined rules for the security of data transferred between the United States and EU by companies, were no longer robust enough, they introduced the EU-US Privacy Shield Framework in August 2016 to address the changing needs of data management and privacy.
With the constant business that flows between the European Union and the United States, sensitive data is moving back and forth continuously. The goal with the EU-US Privacy Shield is to protect the data of individual European consumers and coordinates with the US Department of Commerce to monitor and supervise compliance, including carrying out reviews and investigations of companies that participate.
The Privacy Shield Principles comprise a set of seven commonly recognized privacy principles combined with 16 equally binding supplemental principles, which explain and augment the first seven. Collectively, these 23 Privacy Shield Principles lay out a set of requirements governing participating organizations’ use and treatment of personal data received from the EU under the Framework as well as the access and recourse mechanisms that participants must provide to individuals in the EU. Once an organization publicly commits to comply with the Privacy Shield Principles, that commitment is enforceable under U.S. law.