Schrems II Solutions & Free Tools

Understand data transfer mechanisms and demonstrate privacy compliance

Free Shrems II vendor assessment templates and a complete suite of privacy compliance solutions

Privacy Compliance Schrems II Free Tools

Schrems II Solutions, Judgement, and Impact

On July 16, 2020, the Court of Justice of the European Union invalidated the EU-US Privacy Shield as a lawful mechanism to transfer personal data and determined that Standard Contractual Clauses (SCC) will require stricter considerations of the destination jurisdictions moving forward. The additional SCC-related obligations will also apply to binding corporate rules (BCRs) according to the European Data Protection Board. Businesses are now having to review their third-party vendors to ensure that their means of transferring data meet the heightened obligations for valid transfers from the EU to the U.S. and other jurisdictions.

Map Cross-Boarder Personal Data Transfers

Assess Vendors Relying on Privacy Shield or SCCs

Manage Contract Updates & Vendor Changes

Stay Informed on the Latest Compliance Updates

Track Cross-Border Personal Data Transfers Inside and Outside of Your Business

Deploy a fully containerized privacy solution to eliminate unnecessary data transfers
Track data processing activities by IT system, business unit, and geographic location
Categorize personal data throughout your systems and track custom data transfer attributes
Practice data minimization to eliminate unnecessary personal data
Identify information to consider anonymizing data to avoid the GDPR’s restrictions

Assess Vendors Relying on Privacy Shield, SCCs, OR BCRs

Flag third- and fourth-party providers and data transfer formerly reliant on the Privacy Shield
Prioritize vendor evaluation based on processing activities and inherent risk
Leverage pre-built Schrems II assessment templates to assess vendors relying on Privacy Shield,SCCs, or BCRs
Access pre-completed assessments and 70,000+ vendor profiles through the Vendorpedia Exchange
Leverage assessments-as-a-service to follow up and complete vendor assessments on your behalf

Track Vendor Updates for Lawful Personal Data Transfer Mechanisms

Review and reaffirm ongoing vendor practices with automated assessment technology
Evaluate terms under existing contracts, vendor privacy notices, trust pages, and support portals
Terminate or update contracts that do not have lawful transfer mechanisms in place

Stay Informed On The Latest Updates With OneTrust DataGuidance™

Receive same-day summaries and guidance on the latest judgments and regulatory updates
Access our Schrems II portal with the latest news, opinions, and FAQs
Leverage data transfer comparison charts to compare adequacy and equivalency of third countries

Leverage OneTrust DataGuidance to get the latest insights on the Schrems II Ruling and Related Updates.

OneTrust DataGuidance is the most extensive and up-to-date source for privacy, security, and third party risk research. Review or navigate directly to Schrems II literature and documentation. Leverage insights and summary guidance published by a contributor network of over 500 lawyers, and 40 in-house legal researchers.

Learn More at DataGuidance.com Schrems II Portal