PRIVACY SHIELD CERTIFICATION PROCESS
STEP 1: Revise the Client’s Privacy Policy to be compliant with GDPR
- Send the revised Privacy Policy with GDPR compliant provisions for approval by the Client.
- Do not include any references to the Privacy Shield Certification.
- Once approved, have the Client upload the revised Privacy Policy to its Website.
STEP 2: Send the BBB Application to the Client
- Send the Privacy Shield Questionnaire to the Client to fill in the necessary information including two contacts, titles, web page, email addresses, business address, and URL.
- Obtain the BBB Privacy Shield Application and send to the Client for the Client to fill in the essential information.
- Link to the BBB Privacy Shield application at: https://www.auto.bbbnp.org/scripts/cgiip.exe/WService=PrivShield/EUPrivacy/euapp.w.
STEP 2: Pay the BBB Fee based on the Fee Schedule
- Send the Participation Agreement to the Client for review.
- Put the Participation Agreement on DocuSign for the Client’s signature.
STEP 3: Send the signed Participation Agreement and revised Privacy Policy to BBB
- Send the signed Participation Agreement and the revised Privacy Policy via email to EUPSTeam@bbbnp.org.
- Call [Destiny] of the BBB at 703-247-3658 to make arrangements for Client to pay the BBB charges by credit card payment or ask her to send details for wire transfer.
- Revise the revised Privacy Policy as requested by the BBB personnel.
- Obtain the BBB approval of the revised Privacy Policy, including the BBB Director sign-off on it.
- Have Client upload the BBB revised Privacy Policy (without reference to the Privacy Shield Certification).
STEP 4: Create an Account on the USBOC Privacy Shield Framework Website
- Create an account for the Client at: https://www.privacyshield.gov/PrivacyShield/ApplyNow.
- Save the login details (Username and password) and send them to the Client as well.
STEP 5: Start an Application with the USDOC for Privacy Shield Certification
- Login to the account created from Step 4 for the Client and go to “Self-Certify” to start a new application.
- Complete the application and submit the revised Privacy Policy with proper references to the Privacy Shield Certification.
- Have the Client pay the $375 fee to USDOC.
- Save the Fee Receipt.
STEP 6: Pay $250 to the American Arbitration Association for the Client’s Company
- Have the Client pay the $250 fee to the AAA as required by the USDOC.
- The payment can be made here: https://apps.adr.org/PrivacyShieldFundApp/faces/PrivacyShieldFund.jsf
- Save the Fee Receipt.
STEP 7: Pay $50 to United States Council for International Business
- Have the Client pay the $50 to the USCIB;
- The payment can be made here; https://privacyshield.uscib.org/
- Save the Fee Receipt.
STEP 8: Send the Fee Receipts to USDOC
- Send the receipts from Step 5, 6 & 7 to privacyshield@trade.gov.
- Wait for the USDOC to respond to your email.
- USDOC will likely suggest changes to the Privacy Policy on the portal.
- Finally, make the changes suggested by DOC and have Client upload the new Privacy Policy with the Privacy Shield Certification provisions.
- Wait for USDOC to place the Client’s name on the online Privacy Shield List of companies who have certified.
If you have any questions about this Memo, please email us at privacy@inventuslaw.com.
Disclaimer: The information on this page is being provided for information purposes only and is drafted entirely on the basis of public resources. Information contained on or made available herein is not intended to and does not constitute legal advice, recommendations, mediation or counseling under any circumstance. This information and your use thereof do not create an attorney-client relationship. You should not act or rely on any information provided herein without seeking the advice of a competent attorney licensed to practice in your jurisdiction for your particular business.