On July 16, 2020, the Court of Justice of the European Union (CJEU) invalidated the EU-US Privacy Shield. More information on the ruling may be found here. As a Privacy Shield member and certification holder, SocialChorus has reviewed the ruling and decisions made thus far by the court.
To ensure that our customers can lawfully transfer personal data to SocialChorus from outside of the European Economic Area, we provide adequate protection through a series of intercompany agreements based on the Standard Contractual Clauses (SCCs) authorized under EU law. SocialChorus understands and agrees to enter into the standard contractual clauses as they relate to privacy and personal data protection subject to GDPR. The clauses are standard and are non-negotiable by either party.
Current customers have the right to review their contract with SocialChorus to ensure the standard contractual clauses are in place. Should agreements need to be modified to reflect the new ruling, the SocialChorus compliance and legal team will work with the customer’s legal team to make appropriate updates. SocialChorus is reviewing agreements to determine if additional agreements (SCCs) are needed. As more information is released from the court, SocialChorus will continue to review and make proper adjustments. Additional communication will be issued as needed.
Data Protection and Security
SocialChorus continues to commit to keeping customer data, including personal data, protected and secured. We maintain compliance with the General Data Protection Regulation (GDPR). Furthermore, SocialChorus is ISO 27001 certified and maintains SOC 2 Type II compliance, showing that security controls are in place to protect all data that SocialChorus processes.
If you have questions, please reach out to your SocialChorus Account Executive or Engagement Manager.