de
fr
es
ja
Data Governance & Privacy

What Tealium Customers Should Know About the EU-US Privacy Shield Changes

Hilary July 20, 2020
Back to Blog

It was a long weekend for many legal teams around the U.S. On Thursday, July 16th the Court of Justice for the European Union (CJEU) issued a ruling in a case examining transfers of personal data from the EU. We wanted to take a moment to write down what this means for Tealium customers and also provide some helpful information to further clarify this ruling. 

Key Highlights:

  • Court of Justice for the European Union (CJEU) ruling on Thursday invalidates the use of EU-US Privacy Shield 
  • CJEU did confirm the continued use of Standard Contractual Clauses (SCCs) for data transfers between the EU and U.S.
  • The decision does not impair Tealium’s continued providing, and your use of, Tealium Services
  • Tealium will update all Data Processing Agreements (DPA’s) with Standard Contractual Clauses, if and where needed.

What Was Decided?

The European Union (EU) has several laws addressing the protection of personal information of EU residents, among them the now famous General Data Protection Regulation, or GDPR. There are a few methods in place that provide assurance to EU residents that their personal data that is transferred to the U.S. is carefully protected. One of the most popular methods was certification with the EU-US Privacy Shield framework. The EU-US Privacy Shield was a way to transfer data back and forth for processing while maintaining EU data privacy standards set by GDPR.

The other method of protection is Standard Contractual Clauses or SCC’s. SCCs are as the name suggests, templated clauses that the European Commission wrote, outlining a range of rights and responsibilities in line with the GDPR. Thursday’s ruling by the CJEU invalidated the use of Privacy Shield going forward but did validate continued use of Standard Contractual Clauses.

What Should Tealium Customers Know?

First, we want to make it clear to our customers that last Thursday’s ruling by the CJEU does not affect Tealium’s ability to continue to provide our services to our customers/prospects, or the ability of our customers to use Tealium services. Consumer data privacy is at the heart of our tools, services, and architecture. We put guidelines and business processes in place to protect our customers and their data based on new laws and regulations like the one passed down last week.

Tealium’s standard data processing agreement (DPA) for its European customers and Tealium’s data protection and processing policies allowed for Privacy Shield as the default for EU-US personal data transfers, and that agreement further provides an automatic fall-back to the SCC’s in the event the Privacy Shield framework was invalidated. 

Our dedicated Tealium Data Privacy Team continuously monitors developments around the globe in regards to ever-changing laws around personal data protection and any guidance issued by the relevant authorities. We are committed to continuing to provide our services to you uninterrupted and in compliance with relevant regulations. 

Any customer that has questions or concerns based on this ruling can contact Tealium at privacy@tealium.com and we are happy to help.

Post Author

Hilary Noonan
Hilary is Director of Content at Tealium.

Sign Up for Our Blog

By submitting this form, you agree to Tealium's Terms of Use and Privacy Policy.
Back to Blog

Related Content

Data Governance & Privacy
April 1, 2024

Your Guide to The New Office for Civil Rights (OCR) Guidelines Regarding the Use of Online Tracking Technologies

The bulletin released by the Office for Civil Rights at the US Department of Health and Human Services (HHS) in October 2022 offered specific guidelines regarding the use of online tracking technologies by HIPAA. This led to a major overhaul in how HIPAA-regulated entities performed online visitor tracking and analytics. Following the bulletin, the American […]
Read More
Nirmal Vemanna
Data Governance & Privacy
February 8, 2024

How The Rise of Pen Register Lawsuits Impacts California’s Online Landscape

In recent developments in California, a novel legal trend is reshaping the dialogue around digital privacy and website user tracking. Over fifty class-action lawsuits have been initiated since November 2023, targeting website operators for allegedly installing software that acts as an illegal “pen register.” This marks a significant shift from previous legal challenges that predominantly […]
Read More
DJ Landreneau
Data Governance & Privacy
January 28, 2024

Derisking Data: Regulatory Milestones Shaping the Use of AI and Data in 2024

In 2023, the global digital economy underwent a notable evolution arising from advances in AI, data governance, multilateral digital capacity building, regulatory sandboxes and several legislative developments.  In this first instalment of a two-part ‘Derisking Data’ blog series, gain insight into 5 key regulatory developments that will redefine the contours of AI and data usage […]
Read More
Anna Koleth

Want a CDP that works with your tech stack?

Talk to a CDP expert and see if Tealium is the right fit to help drive ROI for your business.

Get a Demo
9605 Scranton Rd. Ste. 600
San Diego, CA 92121
+1 (858) 779-1344
By submitting this form, you agree to Tealium's Terms of Use and Privacy Policy.
9605 Scranton Rd. Ste. 600
San Diego, CA 92121
+1 (858) 779-1344
Solutions
Products
Resources
Company
Industries
Partners
Support
Legal