The Schrems II decision invalidated the EU-US Privacy Shield requiring organizations to evaluate alternative data transfer mechanisms to comply with new GDPR requirements. OneTrust helps operationalize the steps you must take and the additional safeguards you must apply to legally transfer personal data from the EU to a third country.
Overcome Schrems II cross-border data transfer concerns by implementing BYOK as a supplementary data protection measure.
Maintain control to create, disable, and revoke access to your encryption keys, protecting your data subjects’ information from unauthorized access by external parties.
Leverage a private or multi-tenant cloud environment without sacrificing security. Gain the flexibility to migrate at any time.
Benefit from organizational measures by default based on EDPB Guidelines and European Commission updated Standard Contractual Clauses (SCCs) including adoption of the new SCCs, Transfer Impact Assessment processes, and more.
Centrally document and visualize all international data flows, related data importers, and the third countries involved. Take a risk-based approach to prioritize transfers, like those relying on SCCs.
Assess third countries, identify those without adequate protection, and send additional TIAs to vendors as necessary. Access vendor transparency reports, certifications, and pre-filled TIAs from the OneTrust platform.
If the data transfer tool is considered ineffective, use pre-built templates based on the EDPB guidelines to determine the additional supplementary measures that can be adopted to mitigate data privacy risks. Track controls implemented and contract updates against the centralized vendor record.
Monitor third country developments and evaluate new transfers to ensure that supplementary measures remain effective for the transfer of personal data and data importers honor their commitments. Manage the full third-party vendor lifecycle, including on-boarding and off-boarding.
Generate transparency reports, SCCs, and other privacy documentation with editable templates. Publish policies and notices directly to your website and maintain changes over time from a single platform. Publish key documentation to the OneTrust Third-Party Risk Exchange, making it visible to thousands of our customers. You can securely share your Trust Profile and control access permissions to the documentation.
Centralize all incoming TIAs and other assessment requests. Answer TIAs once and automatically answer new TIAs (or any questionnaire) by autocompleting answers using AI, NLP, and ML technology.
Request a demo to learn more about how OneTrust can support your journey toward Schrems II compliance.
