UPDATED september 2020
Payroll & Privacy Go Hand in Hand
Our Clients rely on us to manage the payroll of thousands of workers across the globe. Safely and securely managing personal data is, therefore, a crucial part of the services we offer. In demonstration of our commitment to privacy, we have integrated privacy and data protection policies, safeguards and controls into our business activities. These include:
- The appointment of a Global Data Protection Officer;
- Continued investment in security measures and training in the areas of privacy, data protection and security for all of our staff worldwide;
- Adherence to the rules and standards of the General Data Protection Regulation as a global data protection baseline for all companies within the Safeguard Global Group, to be followed whenever and to the greatest extent possible (considering that, depending on the territory, local laws may create conflicts with the GDPR);
- Adherence to the principles and rules laid out in the EU-U.S. Privacy Shield Framework.
More information on our Privacy Policies is available at the links below:
Transfers of Personal Data to the United States of America
The EU-U.S. Privacy Shield Framework was designed by the US Department of Commerce and the European Commission in support of transatlantic commerce, to provide companies on both sides of the Atlantic with a mechanism to comply with data protection requirements, when transferring personal data from the European Union to the United States. However, as of the decision of the Court of Justice of the European Union in Case C-311/18 (“Schrems II”), the EU-U.S. Privacy Shield Framework is no longer suitable as a mechanism to ensure the lawfulness of transfers of Personal Data from the EU to the US.
While we comply with and have adhered to the rules and principles within this Framework regarding the collection, use, disclosure and retention of personal data transferred from the EU to our companies in the United States, the primary mechanism we have always relied on to ensure the lawful transfer of personal data from the EU to the US (and to other non-EU jurisdictions) is the Standard Contractual Clauses, as approved by the European Commission. These were not invalidated by the mentioned decision of the Court of Justice of the European Union as a lawful transfer mechanism, and are incorporated into the data processing agreements we enter with our customers and suppliers, as well as the agreements between our affiliates, whenever necessary. We are monitoring the situation as it develops – with particular focus on the upcoming guidance to be issued by the European Data Protection Board around supplementary measures which may be put in place to address these sorts of transfers – and will update this information with any amendments needed to remain compliant.
The specific Privacy Policies we have developed to help you to understand how personal data sent to the United States is handled are below. If there is any conflict between these policies and the EU-U.S. Privacy Shield Framework’s rules and principles, these rules and principles will apply. To learn more about the EU-U.S. Privacy Shield Framework, please visit: https://www.privacyshield.gov
Please feel free to reach out to us directly at firstname.lastname@example.org if you have any questions regarding Privacy