Schrems II and US-based subprocessors
We have taken several measures to comply with the Schrems II ruling, invalidating EU-US Privacy Shield as a legitimate way of transferring data between the EU and the US. The measures we have taken to ensure the legality of US data transfers are the following:
- Review of subprocessors
- Changes in subprocessors
- For all US-based subprocessors, updated DPAs with the EU's Standard Contractual Clauses (SCCs).