Ask An Expert

Safe Harbor Questions

  • With the recent ruling that invalidated Safe Harbor, how can I protect my privacy and data without Safe Harbor?

    Under Safe Harbor, the processing, storage, and transfer of personal data from the EU to the US were permitted. Safe Harbor required US companies to implement a self-certification process to protect this personal data. This process included providing detailed information on the organization’s privacy policy, sharing the details of what the organization does with this private data, and an agreement to cooperate and comply with EU data protection authorizes.

    However, on October 6, 2015, the European Court of Justice (EJC) ruled the EU-US Safe Harbor Framework invalid. This means every company that previously certified under Safe Harbor is now out of compliance with the European data protection law and is vulnerable to fines by the data protection authorities or orders to suspend transfers. This presents a major challenge for the 4,000+ companies that relied on Safe Harbor. To be compliant, they can either build data centers in Europe to keep their EU personal data in Europe, or alternatives to Safe Harbor (e.g. Model Contracts or Binding Corporate Rules) to legally transfer EU personal data to the US.

    The EU-US Safe Harbor Framework ruling does not affect Egnyte, because Egnyte’s European subsidiaries comply with the EU Data Protection Directive (EUDPD) to ensure customer privacy and data protection. Egnyte can protect your privacy and personal data in lieu of Safe Harbor because:

    • Egnyte has a data center in Europe
    • Egnyte stores all European customers data in Europe only
    • Egnyte has a customer support center in Europe
    • Egnyte has a development center in Europe
    • Egnyte complies with the EU stringent levels of data privacy and security

    Your personal data does not leave the EU even when you place a support ticket, which is handled by Egnyte’s European support team. To learn more about how Egnyte is well positioned to protect your privacy and personal data, contact an Egnyte Product Specialist.

  • My company resides outside the EU and the European Economic Area (EEA). How does the Safe Harbor ruling affect me?

    The Safe Harbor ruling only affects companies that process, store, or transfer personal data from the EU to the US. If your company does not process, store, or transfer EU personal data in to the US, then Safe Harbor and the Safe Harbor ruling is not applicable to you.

  • How does the Safe Harbor ruling impact global companies with data and employees inside and outside Europe?

    Global organizations, small and large alike, need the flexibility to store and maintain data in the region of their choice. Now that Safe Harbor is invalid, the alternative methods available for cross-border transfers of personal data include Model Contracts and Binding Corporate Rules (BCR).

    Model Contracts are standard clauses, which are entered into by US parent companies with their European subsidiaries or their European customers. The European Commission wrote the model contracts, which allow US companies to legally process and transfer personal data.

    BCR’s allow global corporations to make intra-organizational transfers of personal data across borders in compliance with EU data protection law. BCR’s are akin to a code of conduct. However, this is a lengthy process whereby US companies work with the Data Protection Authority to implement the BCR’s.

    Egnyte opened a European data center in 2010 knowing how important it would be to address the specific needs of our international customers. We follow the stringent levels of data privacy and security with this European data center.

    In addition, Egnyte has data centers located in the US. This allows our customers to use the right storage location based on the characteristics of end-user, such as their job role or physical location. This sets Egnyte apart from other cloud companies.

    Learn more about Egnyte secure file sharing and smart collaboration solutions with a Free Trial.

  • What should I look for when selecting a SaaS vendor with regards to European data protection?

    Before you select a SaaS vendor, you should evaluate your company data privacy policies to make sure your company has the proper regulatory requirements in place. What data do you collect from customers? How does your company protect customer data? Who has access to this data? Where is the data being shared? Where is the data being stored and for how long? Is your company compliant with all the different laws and regulations of the various countries and organizations that you do business with?

    In the EU, when a company signs up for a cloud service, typically the company is responsible for how the SaaS provider handles its privacy data, rather than the SaaS provider itself. So its important that you know your company privacy policy as well as the policy of the SaaS vendor you choose.

    You should know how and where the SaaS vendor stores data so they don’t put your company at risk for breach of national or European-wide regulations. If data originates in Europe, does it stay in Europe? How does the vendor address changes in the regulatory and privacy policy landscape? This information should be readily available on the SaaS vendor’s website.

    When choosing a vendor to handle and protect your European data, consider Egnyte.

    • Egnyte is compliant with the EU Data Protection Directive (EUDPD) that provides a consistent data protection framework with EU-level enforcement. So the most recent Safe Harbor ruling does not affect Egnyte.
    • Egnyte opened a European data center in 2010 knowing how important it would be to address the specific needs of their international customers. Having a data center in Europe ensures that data originating in Europe stays in Europe, and provides a safe environment for their European customers and their data.
    • As the regulatory and data privacy landscape continues to change, Egnyte follows best practices to protect customer data.
    • Egnyte offers added protection and cloud agility with Storage Connect, which provides secure remote access to your files on any local storage (e.g. in your data center), without the files or file metadata going through the cloud.

    Egnyte offers more than a SaaS-only solution. Egnyte is the only Enterprise ready file sharing solution. We offer hybrid deployments with high performance and business continuity, an open architecture that supports any application, any device, any cloud, and on-premises storage.

    Should you have any questions about the Egnyte privacy policy, or their secure file sharing and smart collaboration solutions contact Egnyte.