Khoros Schrems II Statement
Last Update: 09/02/2020
Schrems II does not impact how Khoros transfers data from the EEA.
The Court of Justice of the European Union (“CJEU”) recently issued its judgment in Case C-311/18 - Data Protection Commissioner v Facebook Ireland Ltd and Maximillian Schrems (“Schrems II”), which invalidated the EU-U.S. Privacy Shield and found that the Standard Contractual Clauses are still valid.
Khoros, in its role as a data processor under the GDPR, utilizes Standard Contractual Clauses to transfer its customers’ personal data to and from the EEA. Additionally, Khoros requires that all of its subprocessors and partners rely on a valid transfer mechanism in order to transfer personal data to and from the EEA.
In light of the Schrems II ruling, Khoros would like to highlight the following:
- Khoros has contacted all of its subprocessors and partners who previously relied on the EU-U.S. Privacy Shield in order to obtain assurances that they will use another valid transfer mechanism to transfer Khoros personal data to and from the EEA;
- Khoros has a Law Enforcement Data Request Policy to ensure that proper procedures are followed when we receive a data request from a law enforcement agency;
- As part of our subprocessor due diligence, Khoros asks subprocessors pointed questions regarding the subprocessor’s law enforcement request practices and policies to ensure our subprocessors have adequate measures in place;
- Khoros seldom receives requests from law enforcement agencies requesting the disclosure of personal data of our customers;
- Khoros will enter into a Data Protection Agreement and Standard Contractual Clauses with any of its customers upon request; and
- Khoros has robust security measures and comprehensive policies in place regarding access and safeguarding of our customer and employee’s personal data. For more information regarding Khoros’s security practices, please visit: https://khoros.com/khoros-security.
If you have any questions regarding the above, please email firstname.lastname@example.org.
Khoros Legal Department