Skip links

Privacy Shield Data Processing Agreement

How personal data transmitted between the EU and the US is protected. We take all necessary measures to ensure that our agreements with our international third-party suppliers (including subprocessers) contain appropriate obligations of these third parties with regard to the transfer and processing of European data outside Europe, and that we would establish an appropriate and legitimate data transfer mechanism (such as standard contractual clauses) and , if necessary, additional guarantees. For more details on the subprocessors we used, click here. Mailchimp restricts third-party access to its internal tools and infrastructure. Our legal team evaluates all access requests and ensures that the requirement is appropriate for the work to be done and that the third party complies with all the security and data protection rules outlined in their contract. After approval, Mailchimp only allows access to clearly defined parts of the system through controlled accounts. Given the EU-U.S. data protection shield and the Swiss-U.S. We no longer rely on the data protection shield as a data transfer mechanism. The data protection shield is no longer valid because of the ECJ`s recent ruling at Schrems II. However, to the extent that Mailchimp has ongoing obligations under our existing Privacy Shield certification, we will continue to comply with them, including by honouring direct remedies granted to individuals against Mailchimp, including a right to a binding arbitration procedure. In addition, the complexity of modern software applications that must be deployed on different platforms and devices has made software testing mandatory to prevent unauthorized authorities from accessing personal data. The additional urgency of the messages, which are constantly overflowing with successful cyberattacks, has also increased the need for in-depth quality assurance (QS) methods to maximize the use of software applications and the transmission of information over the internet.

A leading lawyer, Max Schrems, questioned the Privacy Shield agreement and argued that US security laws were inadequate and therefore did not protect EU citizens` data from surveillance. “Data protection laws” are all data protection and data protection laws and regulations applicable to the processing of personal data under the agreement, including, where appropriate, EU data protection law. The Privacy Shield Framework was an agreement between the EU and the US that aimed to “provide businesses on both sides of the Atlantic with a mechanism to comply with data protection requirements to support transatlantic trade,” as stated in the statement on the framework`s website. 2.3 Customer obligations. The client agrees (i) to fulfill his obligations as a processing manager in accordance with the data protection legislation relating to the processing of personal data and all the processing instructions he gives to Applivery; and (ii) it has obtained the consents and rights necessary to process personal data and provide services in accordance with the agreement and this Authority. Customers are increasingly aware of the importance of data protection and security. What is important is that Mailchimp does not sell, rent or exchange user data. Google, for example, is a provider of electronic communications services, which puts it in both categories.