Bring Your Own Key Solutions for US Data Transfers

Green Globe Icon for Built to Scale Card on Carbon Accounting

Securely Facilitate International Data Transfers

Overcome Schrems II cross-border data transfer concerns by implementing BYOK as a supplementary data protection measure.


Take Control Over Your Data

Maintain control to create, disable, and revoke access to your encryption keys, protecting your data subjects’ information from unauthorized access by external parties.

Reliable Integrations Icon

Choose How You Deploy

Leverage a private or multi-tenant cloud environment without sacrificing security. Gain the flexibility to migrate at any time.

Pencil and Paper Icon Representing Full Customization

Apply the Latest SCCs

Benefit from organizational measures by default based on EDPB Guidelines and European Commission updated Standard Contractual Clauses (SCCs) including adoption of the new SCCs, Transfer Impact Assessment processes, and more.

Schrems II Solutions for Data Exporters

Cross-Border Vendor Transfer Example

Know Your Cross-Border Data Transfers and Vendors

Centrally document and visualize all international data flows, related data importers, and the third countries involved. Take a risk-based approach to prioritize transfers, like those relying on SCCs.

Assess third countries, identify those without adequate protection, and send additional TIAs to vendors as necessary. Access vendor transparency reports, certifications, and pre-filled TIAs from the OneTrust platform.

Data Transfer Risk Details Example

Mitigate Risk and Adopt Supplementary Measures

If the data transfer tool is considered ineffective, use pre-built templates based on the EDPB guidelines to determine the additional supplementary measures that can be adopted to mitigate data privacy risks. Track controls implemented and contract updates against the centralized vendor record.

Inventory Details Example

Continuously Monitor and Re-Evaluate

Monitor third country developments and evaluate new transfers to ensure that supplementary measures remain effective for the transfer of personal data and data importers honor their commitments. Manage the full third-party vendor lifecycle, including on-boarding and off-boarding.

Schrems II Solutions for Data Importers

Example of Building Trust Profiles on the OneTrust Platform

Build Your Trust Profile

Generate transparency reports, SCCs, and other privacy documentation with editable templates. Publish policies and notices directly to your website and maintain changes over time from a single platform. Publish key documentation to the OneTrust Third-Party Risk Exchange, making it visible to thousands of our customers. You can securely share your Trust Profile and control access permissions to the documentation.

TIA Autocomplete Example

Automate Transfer Impact Assessment (TIA) Responses

Centralize all incoming TIAs and other assessment requests. Answer TIAs once and automatically answer new TIAs (or any questionnaire) by autocompleting answers using AI, NLP, and ML technology.

Get Started Today with Schrems II Solutions

Request a demo to learn more about how OneTrust can support your journey toward Schrems II compliance.

Request Demo

You Might Also Be Interested In

SEP 20, 2022
Consent and Preferences

Build Trust by Honoring Privacy

SEP 20, 2022
Consent and Preferences

Privacy-Driven Marketing Trends: Analytics, AI, and AdTech Updates

NOV 15, 2022
Consent and Preferences

Digital Privacy Experience Summit - London 2022

SEP 15, 2022

A US Federal Privacy Bill is On the Horizon: Get to Know the ADPPA

SEP 27, 2022

How to Reinforce Your InfoSec Risk Program with a Single, Integrated Platform

OCT 12, 2022
Third-Party Risk

5 Ways to Save Time When Assessing Third Parties for Privacy and Security Risks

SEP 14, 2022
Third-Party Risk

3 Strategies for Simplifying Privacy Compliance When Working with Third Parties

SEP 28, 2022
Third-Party Risk

7 Core Metrics Every Third-Party Risk Program Must Track (and How to Track Them)

Onetrust All Rights Reserved