InVision’s commitment to EU International Data Transfer following the ‘Schrems ii case’
  • 26 Apr 2023
  • 1 Minute to read
  • Dark
    Light

InVision’s commitment to EU International Data Transfer following the ‘Schrems ii case’

  • Dark
    Light

Article summary

InVision’s updated DPA includes the latest Standard Contractual Clauses issued by the European Commission on 4th June 2021.

Summary of the Schrems ii case

The CJEU’s judgment in Data Protection Commissioner v Facebook Ireland Limited, Maximilian Schrems Case on the 16th of July 2020 ruled that:

  • The Standard Contractual Clauses (SCCs) remain valid; and
  • The Privacy Shield does not constitute an acceptable legal mechanism to legitimize transfer of personal data to the US.

Updated Standard Contractual Clauses (the ‘2021 SCCs’)

On the 4th June 2021 the European Commission released new Standard Contractual Clauses (‘2021 SCCs’). The 2021 SCCs take into account the Schrems ii decision and confirm that international data transfers under the GDPR can continue to be based on the 2021 SCCs where appropriate technical and organizational safeguards have been implemented to legitimize the data transfer outside of the European Economic Area and Switzerland.

What does this mean for InVision’s users? 

InVision has updated its Data Processing Addendum (InVision DPA) to incorporate the 2021 SCCs. This means that InVision customers can continue to rely on the SCCs included in the InVision DPA as a valid transfer mechanism under GDPR. 

The InVision DPA with the 2021 SCCs is available for all InVision customers transferring data outside of the EEA, including to the US. InVision customers can therefore continue to use InVision’s services in compliance with the GDPR. 

What’s next?

If you are an existing customer and have a DPA in place with InVision, you can continue to use InVision’s services in compliance with the GDPR, and you can update your existing DPA, by entering into our updated InVision DPA. Just follow the prompts through the form to complete the signature process.

If you are a new customer and require a DPA, please follow this link, which will bring you to our DPA for your review and signature.   

For any further details, please visit our dedicated GDPR page, and if you have any questions, please contact InVision Support; we will be happy to assist you. 

At InVision, Privacy is paramount, so be reassured that we are monitoring the privacy developments closely and we will keep you updated as things evolve. During this time, we will continue to follow our commitments under existing DPAs and our commitments under the SCCs.


Was this article helpful?