What is Safe Harbor Certification?
In 1998, the European Commission enacted a directive to prevent the transfer of personal data to non-EU nations that did not meet a European “adequacy” standard in terms of privacy protection. The U.S. Department of Commerce and the European Commission created the Safe Harbor framework to help American organizations comply with the Directive and therefore enable European customers to use American services.
The Safe Harbor framework consists of seven parts:
- Transfer to Third Parties
- Data Integrity
Individuals must have access to personal information about them that an organization holds and be able to correct, amend, or delete that information where it is inaccurate. You have several options for accessing and changing your information.
FormAssembly will take reasonable precautions to protect personal information from loss, misuse and unauthorized access, disclosure, alteration and destruction. For information on our security procedures, please see our status page.
Personal information must be relevant for the purposes for which it is to be used. FormAssembly should take reasonable steps to ensure that data is reliable for its intended use, accurate, complete, and current. For information on our security procedures, please see our status page.
An independent recourse mechanism must exist so that individuals’ complaints can be investigated and resolved, and penalties enforced as necessary. TRUSTe acts as this mechanism for FormAssembly.
Visit the Safe Harbor page for more information about the framework. As always, we welcome your comments and suggestions, as well as any questions you may have regarding this or other privacy/security matters. Feel free to leave a comment below, send us an email, leave a suggestion on our UserVoice forum, or follow us on Twitter.