Organisations that self-certify under the new EU-US Privacy Shield by 30 September 2016 will benefit from a "grace period" of 9 months, starting from the date upon which they certify, at the end of which their data processing agreements must be in conformity with the Accountability for Onward Transfer principle.
More information is available in the Q&A of the Privacy Shield webpage.
As self-certification currently takes approx. 12 days, companies must seize this opportunity now to benefit from the grace period.
Act quickly !
Q. What is the initial timeframe for bringing existing commercial relationships with third parties into conformity with the Accountability for Onward Transfer Principle?
The Privacy Principles apply immediately upon certification. Recognizing that the Principles will impact commercial relationships with third parties, the Framework allows organizations that submit their self-certification to the Department of Commerce within the first two months (between August 1 and September 30, 2016) up to nine months from the date upon which they certify to bring existing commercial relationships with third parties into conformity with the Accountability for Onward Transfer Principle.
