1. Support Center
  2. Data Protection and Security

Schrems II ruling

All you need to know about SwipedOn and the Schrems II ruling

In July 2020, The Court of Justice of the European Union (ECJ) published the Schrems II ruling, declaring the EU-US Privacy Shield decision invalid because US law doesn't provide adequate protection, and the only way to continue to export data to the US is to rely on supplementary measures. However, the ECJ has given no guidance on what these supplementary measures should be.

SwipedOn is currently doing everything that has been requested. If the ECJ decides what the supplementary measures should be, we will adopt these as well. All our subprocessor agreements include standard contractual clauses, so we are confident that SwipedOn still has adequate GDPR controls and processes in place. All SwipedOn data is currently hosted by AWS in the USA. We expect to offer alternative data storage locations in the near future.

We have a Data Processing Addendum especially for companies within the EU to opt into. This is pre-signed and can be downloaded here and returned to privacy@swipedon.com.

If you should have any further questions around the Schrems II ruling and data security please contact us at privacy@swipedon.com.