Safely Transferring Data Across Borders

Recently, the Court of Justice for the European Union issued a ruling invalidating the use of Privacy Shield, a framework for regulating how companies transfer data between the European Union (EU) and the United States. We want to ensure our customers understand that, even with this decision, you can continue transferring data between the EU and the US using cloud-based solutions from Genesys, in accordance with European law.

While Privacy Shield is one of the frameworks we’ve used to protect cross-border data transfers, it’s not the only one. We have long complied with the Standard Contractual Clauses (SCCs) as well to legitimize data transfers to the US and other regions.

SCCs remain a valid framework for data transfers — and Genesys continues to provide General Data Protection Regulation (GDPR)-compliant services following the Court’s decision — without the need to alter how we provide services. As a company with a global customer base, there are times when we transfer information outside of the EU. For example, we provide support 24 hours per day, 7 days a week, so we can quickly respond to customer inquiries. This means tickets and related data are passed between team members working in different countries.

Genesys works tirelessly to safeguard the privacy and security of our customers’ data. To that end, we routinely audit our environment to ensure compliance with internationally recognized standards. In addition, we’ll continue to monitor data transfer mechanisms under GDPR, and update our customers as developments arise.

Rest assured that our template data-processing addendum includes the SCCs by default. If you require a data-processing addendum, or Standard Contractual Clauses, please reach out to your account owner for assistance. As privacy laws continue to evolve, Genesys is committed to staying current on legal requirements and our customers’ needs.