EU-US Privacy Shield Certification. USA, GDPR, TYPE CONTRACTUAL CLAUSES AND ADDITIONAL GUARANTEES
If you are outside the United States and choose to provide us with information, you must bear in mind that your data is
transferred to the United States and processed there.
To date, data transit between data exporters from the EU and data importers from the USA (as would be our case) could be
covered by the Privacy Shield agreement, under the adherence of the US-based company to the requirements set out under
As of today, the judgment of the CJEU of July 16, 2020 declares the Privacy Shield agreement invalid, therefore, until a
new agreement can be carried out or a unified position is adopted, the international transfer of data to the USA from
the EU it must be justified under other types of measures.
Until November 2020, the date on which the Irish data protection authorities have to pronounce, Standard Contractual
Clauses (CCT) may continue to be applied together with the necessary complementary security measures, which will be
those that we initially put in place to be able to give service to our customers in the EU with full guarantee for our
users in the EU.
While the EU and the USA define a protocol that updates the appropriate mechanisms for the international transfer of
personal data between both territories, and until the corresponding control authorities pronounce themselves in
November, the adaptation to regulations of the Standard Contractual Clauses remains in force. They define the
obligations of the data importer (Mobile Leaves Corp) and the security measures applied, together with the definition of
the data collected, categories of interested parties, etc.