ARCHIVED CONTENT
You are viewing ARCHIVED CONTENT released online between 1 April 2010 and 24 August 2018 or content that has been selectively archived and is no longer active. Content in this archive is NOT UPDATED, and links may not function.Extract from article from Bryan Cave
Privacy Policy Requirements
In order to rely on the Privacy Shield, employers who handle an EU individual’s personal data must make the following updates to their publicly-available privacy policies:
1. Include a statement of the employer’s participation in the Privacy Shield framework.
2. Provide a hyperlink to the Privacy Shield List.
3. Include a statement of the individual’s right to access his or her personal data.
4. Include a statement that the employer may be responsible for disclosures of information to third parties acting on its behalf.
5. Identify the independent dispute resolution body that is available to investigate and resolve complaints from individuals. Examples of independent resolution bodies include alternative dispute resolution providers based in the U.S. or EU or a dispute resolution panel established by the EU data protection authorities.
6. Provide a hyperlink to the complaint submission form for the independent dispute resolution body.
7. Include a statement that the employer is subject to the authority of relevant regulatory bodies and that it may be required to disclose personal information in response to lawful requests made by regulators or law enforcement.