Question
Hello! We are a startup based in New York developing a software product for the Alternative Energy market. We have had a successful initial launch for our MVP and there are some customers, especially from the US, but also from the UK, Belgium and Switzerland interested in testing our products. Our question is regarding customer data: What kind of privacy framework do we need to comply with for our European customers? Would this be regarding the new EU Privacy Shield? What about Switzerland?
Answers: 2 public & 0 private
First of all if you plan to process personal data of EU citizens the best thing you can do is to comply with the requirements of the General Data Protection Regulation 2016/679 which will soon replace the Data Protection Directive 95/46/EC and many EU countries have already started to implement its provisions into their national legislation.
Furthermore, if you plan to transfer personal data of EU citizens to the U.S. (which, based on your question description, I am guessing you do) you need to ensure that an adequate level of protection is put in place. This mainly means that you need to choose how you will prove that your mechanisms to safeguard data are compliant with EU legislation.
Finally, I would suggest you to publish a privacy policy on your website, where you would give an overview of what you plan to do with the collected data (who will process it, where, under which conditions, how is the data protected, etc.).
I would be happy to advise you further so please feel free to contact me directly at: mavric.jernej@gmail.com
Recent questions
I am looking for ...
3 6114 2