Safe Harbor – List
U.S.-EU SAFE HARBOR LIST
- The organizations on this list have notified the Department of Commerce that they adhere to the U.S.-EU Safe Harbor Framework developed by the Department of Commerce in coordination with the European Commission. The U.S.-EU Safe Harbor Framework provides guidance for U.S. organizations on how to provide adequate protection for personal data from the EU as required by the European Union’s Directive on Data Protection.
- There are benefits to organizations that participate in the U.S.-EU Safe Harbor program, but participation in the U.S.-EU Safe Harbor Framework and self-certification to the list are voluntary. Once an entity elects to participate in the program, it is legally required to comply with the Safe Harbor Privacy Principles. An organization’s absence from the list does not mean that it does not provide effective protection for personal data or that it does not qualify for the benefits of the U.S.-EU Safe Harbor program. In order to keep this list current, a notification will be effective for a period of twelve months; therefore, organizations must notify the Department of Commerce every twelve months to reaffirm their continued adherence to the U.S.-EU Safe Harbor Framework.
- Organizations should notify the Department of Commerce if their representation to the Department is no longer valid. Failure by an organization to so notify the Department could constitute a misrepresentation.
- An organization may withdraw from the list at any time by notifying the Department of Commerce. Withdrawal from the list terminates the organization’s representation of adherence to the U.S.-EU Safe Harbor Framework, but this does not relieve the organization of its Safe Harbor obligations with respect to personal information received during the time that the organization was on the U.S.-EU Safe Harbor list.
- If a relevant self-regulatory or government enforcement body finds that an organization has engaged in a persistent failure to comply with the U.S.-EU Safe Harbor Privacy Principles, then that organization is no longer entitled to the benefits of the U.S.-EU Safe Harbor program. In this case, the organization must promptly notify the Department of Commerce of such facts either by email or letter. Failure to do so may be actionable under the False Statements Act (18 U.S.C. 1001). That organization must also provide the Department of Commerce with a copy of the decision letter from the relevant self-regulatory or government enforcement body.
|Certification Status:||CurrentNot Current|
|Notice: An organization may be designated as “Not Current” for a variety of reasons. The most common reason is that the organization has failed to reaffirm its adherence to the Safe Harbor Privacy Principles on an annual basis as required by the Safe Harbor Frameworks. Another possible reason is that the organization has failed to comply with one or more of the Safe Harbor Privacy Principles. Organizations designated as “Not Current” are no longer assured of the benefits of the Safe Harbor (i.e., the presumption of “adequacy”). These organizations nevertheless must continue to apply the Safe Harbor Privacy Principles to the personal data received during the period in which they were assured of the benefits of the Safe Harbor for as long as they store, use or disclose those data. Any misrepresentation by an organization designated as “Not Current” concerning its adherence to the Safe Harbor Privacy Principles may be actionable by the Federal Trade Commission or other relevant government body.|
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z ALL
|Organization||Certification Status||Personal Data|
|@ legal discovery LLC||Current||All personal data/On-line/On-line|
|1-800-HOSTING, Inc.||Not Current||off-line, on-line, manually processed data|
|100 Spears, LLC d/b/a eWork||Not Current||On-line, off-line, human resource data|
|101 Distribution||Not Current||on-line, off-line|
|1010data Global Telecom Solutions LLC||Current||All personal information subject to the U.S.-EU Safe Harbor Privacy Principles.|
|12 Forward Entertainment, LLC||Current||No|
|1992 International Ltd., dba, Sutton Associates||Not Current||all employment screening matters|
|1WorldSync, Inc.||Current||Personal information received about individual contacts of former, current and prospective customers.|
|20/20 Software, Inc.||Current||Customer name, Company name, Address, Telephone, Email|
|2020 Research||Current||Market research data primarily dealing with consumer research.|
|247 customer, Inc.||Current||Data collected through 7 predictive experience platform includes information collected through our services offered to our clients as a Software as a solution provider. The data collected can include Online, offline, chat data etc.|
|2Checkout.com, Inc.||Current||On-line, off-line, and manually processed|
|2sms||Current||online data, manually processed data.|
|2Wire, Inc. d/b/a Pace Americas||Current||The personal data transferred may include the IP address of the device. This information will be maintained primarily in an online database restricted to the use of Pace Americas and its corporate customers, and Pace Americas will maintain backups of this data offline. The data processed will not include any manually processed will not include any manually processed data or human resources data.|
|3 Story Software||Current||Off-line, on-line, manually processed data, human resources data.|
|3Cinteractive, LLC||Current||Personal identifiable information, UID|
|3D Systems Corporation||Current||Human Resources Data|
|3d Travel Metrics||Current||off-line, on-line, manually processed data|
|3dna Corporation, Inc. dba NationBuilder||Current||Consumer data, digitally processed.|
|3G SELLING LLC||Current||Client/Customer contact information such as name, email address, mailing address, phone number. Information about their business such as company name, company size, business type. May be online or data received offline.|
|3LZ International Corporation||Not Current||online|
|4imprint Inc||Current||Customer name and address and information related to their purchases.|
|4Thought Marketing||Current||Organization, Client, Customer|
|500friends, Inc||Current||customer loyalty program data including email address, transaction history, loyalty program login credentials. We do not process or store payment information.|
|780 Inc.||Not Current||On-Line|
|7th Sense Limited Partnership||Current||Organization, client and consumer. Consumer data includes phone numbers, email addresses and addresses. The data covered does not include manually processed data.|
|81qd||Current||All personal information received|
|888extramoney.com, LLC (dba extrameasures)||Current||the Personal data processed is names and addresses. No Manually processed data is included|
|89degrees, Inc.||Current||on-line and off-line customer transaction data|