Safe Harbour Ruling
Are you complying with EU Privacy Laws?
On October 6, 2015 the Safe Harbour agreement was declared invalid by the European Court of Justice meaning the processing of data between the EU and the US is no longer legal. SmartSurvey stores and processes data using ISO27001 certified facilities within the UK/EU.
What is the Safe Harbour ruling?
EU law forbids the transfer of personal data to parts of the world it views as not providing ‘adequate’ privacy protections. The Safe Harbour agreement, regulating the easy transfer of personal data between the US and the EU, was declared invalid by the European Court of Justice in 2015, meaning that companies can no longer transfer data from the EU to the US solely on the basis that they are members of the Safe Harbour scheme.
Why has this happened?
In the EU, data privacy is viewed as a fundamental right, which means your data and any data you collect and store in the cloud, should only be accessed by you and no one else should be able to access or share it without your permission. However, in the US, other rights can be given priority over the right to privacy.
What does this mean for customers?
Having servers in Europe is not necessarily a solution with respect to personal data protection. The question customers should be asking their supplier is where their data will be accessed from and where will it be stored.
Some survey/research suppliers may have offices throughout the world needing access to the data making them non-compliant with the EU’s standard of data protection.
This is one of the reasons that data transfers to the US, and potentially even data held in the UK by companies which are headquartered in the US, are not viewed as compliant with the EU’s standard of data protection.
What does this mean for Data Protection Act (DPA) compliance?
The ruling has had significant impact on how companies choose online applications they use to collect, store and process data. The Safe Harbour agreement can no longer be relied on, meaning businesses storing their data in the US will need to provide systems that ensure your data is handled securely and appropriately.
SmartSurvey is registered under the Data Protection Act and has no Safe Harbour issues. Data collected is owned by ‘you’ the user;
- Your data is stored in the UK/EU
- Your data is backed up in the UK/EU
With SmartSurvey your data never leaves the EU
It has always been our belief that data should be kept safe here in the UK/EU. All the data you collect is stored and backed up on UK/EU-based servers. The SmartSurvey team is based in the UK and therefore when you speak to any of our team members for information on the product or support, you are speaking with our team in the UK.
Data collected by you is owned by you and will not be accessed nor shared without your permission. This is a fundamental principle behind our philosophy of ensuring your data is safe and secure.
Find out how we can help
If you would like to find out more about data protection and Safe Harbour issues that affect your business, please call us on 0800 0937 822 or complete the form below.