Matthew Bertenthal

Here at Medallia, we strive to be an industry leader in privacy compliance. That’s why we’re proud to share that, in July 2017, Medallia obtained certification under the EU-U.S. Privacy Shield and the Swiss-U.S. Privacy Shield frameworks.
Privacy Shield is a framework established between the US Department of Commerce, the European Commission, and the Swiss Administration that allows companies to transfer personal data freely between the European Union and the United States. The framework provides privacy protections for Europeans, including a say on how their information is used and a direct avenue for resolving complaints.
To earn the certification, US companies promise to handle personal information transferred from the European Union and Switzerland according to the Privacy Shield principles. Medallia has committed to following these principles for customer data that it handles on its SaaS platforms.
Yesterday, the European Commission issued its report following its first annual review of the Privacy Shield, concluding that the United States continues to ensure an adequate level of protection for personal data transferred under the Privacy Shield from the European Union to organizations in the United States. The European Commission also stated that they standstrongly behind the Privacy Shield arrangement with the U.S.”
Medallia offers the Privacy Shield as one way that customers with survey respondents in Europe can meet adequacy requirements. In addition to the Privacy Shield, Medallia has always offered and will continue to offer a data processing agreement that includes the controller-to-processor Standard Contractual Clauses approved by the European Commission. Also referred to as “Model Clauses,” these clauses establish safeguards for the transfer of personal data from the EU to other countries such as the US.
Medallia has always taken privacy and security seriously, and we’re proud to have earned Privacy Shield certification.
Photo Credit: Dayne Topkin