EU-US Data Privacy Framework and Adequacy Decision

Zendesk has long been committed to delivering trustworthy products to our customers and their users. We believe that trust is at the core of all our interactions with our customers.

Zendesk applauds the adoption of the adequacy decision for the EU-US Data Privacy Framework by the European Commission. This provides greater legal certainty to thousands of companies that depend on EU-US data transfers. Zendesk maintained our certification to the Privacy Shield Framework, which enables a quick transition to the new Framework. Zendesk is currently taking steps to complete the transition. To learn more about the Data Privacy Framework and to view our certification, please visit:https://www.dataprivacyframework.gov/s/

Background

After the Schrems IIdecision in July 2020, Zendeskhighlighted the numerous security and privacy measuresit takes to secure customer data, including Zendesk’s long-held Binding Corporate Rules (“BCR”), which provide an additional transfer mechanism and protections that remain valid.

What does the new EU-US Data Privacy Framework address?

The EU-US Data Privacy Framework addresses two concerns of the European Court of Justice: (1) scope and proportionality of U.S. security surveillance activities; (2) availability of redress mechanisms for EU individuals. The European Commission’s statement on the updated EU-US Data Privacy Framework is availablehere.

Have questions? Please contact your Zendesk account executive or the Zendesk privacy team at euprivacy@zendesk.com.