flag-deflag-jaflag-koflag-ukflag-usred_applegreen_applered_appledefault-controllerblue-controllergreen-controllerred-controllergreen_speakergreen_speakerred_speaker

Update from Guidebook on the EU-US Safe Harbor Framework

Guidebook takes data privacy very seriously. We treat the data that our customers share, collect and use on our platform with the utmost sensitivity and employ strict policies and protections to help ensure the privacy of that information. With the recent invalidation of the Safe Harbor framework, we are offering our customers a data processing addendum (“DPA”) to our services agreement that incorporates the European Commission’s standard contractual clauses to allow compliance with European Union (“EU”) data protection law for the transfer of personal data. Please email privacy@guidebook.com to request a DPA for your company.

What is the EU-US Safe Harbor Framework?

The U.S. Department of Commerce and the European Commission agreed on a framework of data protection principles (the “EU-US Safe Harbor Framework”) that allowed companies in the United States (“US”) to receive and process personal data from the EU. Guidebook is certified under the EU-US Safe Harbor Framework and many of our customers relied on Guidebook’s certification for their compliance with EU data transfer laws. Additional information about the EU-US Safe Harbor Framework is available at the U.S. Department of Commerce’s Web site.

What did the European Court of Justice decide regarding the EU-US Safe Harbor Framework?

On October 6, 2015, the European Court of Justice (“ECJ”) issued a decision that invalidated the EU-US Safe Harbor Framework thereby ruling that the framework does not provide a valid legal basis for personal data transfers from the EU to the US.

What does the decision to invalidate the EU-US Safe Harbor Framework mean for my company’s use of Guidebook services?

In the absence of EU-US Safe Harbor Framework, companies transferring and receiving personal data from the EU can also comply with EU privacy law by signing standard contractual clauses, which consist of a set of contractual terms that have been approved by the European Commission. Guidebook is making a DPA available to customers that incorporates these approved clauses into their Guidebook services agreement.

How does my company incorporate the addendum to our Guidebook services contract?

Please email privacy@guidebook.com to request a DPA for your company.

What if I have additional questions?

Should you have questions about the Guidebook DPA, please contact your Guidebook Account Manager or open a support case via the Guidebook Support Portal at https://support.guidebook.com.