Addigy, a leading provider of cloud-based Apple MacOS/iOS management software, today announced EU-U.S. Privacy Shield Certification of the company’s cloud-based platform for Unified Apple Device Management. The certification by the European Union and U.S. Department of Commerce under the EU-U.S. Privacy Shield Framework allows for the collection, use, and retention of personal information transferred from the EU to the U.S. in support of transatlantic business operations.
The EU-U.S. Privacy Shield Framework was designed by the U.S. Department of Commerce and European Commission to provide companies on both sides of the Atlantic with a mechanism to comply with EU data protection requirements when transferring personal data from the European Union to the United States in support of transatlantic commerce. The European Commission deemed the Privacy Shield Framework adequate to enable data transfers under EU law. Once an eligible company makes the public commitment to comply with the Framework’s requirements, the commitment becomes enforceable under U.S. law.
“With the certification of Addigy compliance under the EU-U.S. Privacy Shield Framework, we can assure customers that their personal information is safeguarded and that Addigy’s Apple Device Management platform has the most up to date and appropriate protection and privacy,” said Addigy CEO, Jason Dettbarn. “We are focused on ensuring data asset protection and privacy as businesses with European customers strengthen their compliance profile with regulations that include the GDPR.”
Addigy’s full-stack cloud-based Apple Device Management platform allows for centralized management (including Mobile Device Management) of distributed MacOS/iOS computing environments. The solution provides 24x7x365 oversight of Apple devices to ensure systems are secure, up-to-date, and running at the highest levels of efficiency. IT administrators can fully audit all MacOS/iOS assets quickly without server setup to identify which OS versions and applications are installed, whether updates have been applied to all machines on the network, and which systems are out of compliance with corporate policy or government mandates addressed by the EU-U.S. Privacy Shield Framework.
The EU-U.S. Privacy Shield Framework is designed to provide free and accessible dispute resolution between individuals and organizations. Below is a summary of key Framework certification requirements:†
- Informing individuals about how their data will be used by the organization: This includes an individual’s rights to access their personal data, the requirement to disclose personal information in response to lawful request by public authorities, which enforcement authority has jurisdiction over the organization’s compliance with the Framework, and the organization’s liability in cases of onward transfer of data to third parties.
- Providing free and accessible dispute resolution: Individuals may address concerns directly with a Privacy Shield participant at no cost, and the participant must respond to the individual within 45 days.
- Cooperating with the Department of Commerce: Privacy Shield participants must respond promptly to inquiries and requests by the Department of Commerce.
- Maintaining data integrity and purpose limitation: Privacy Shield participants must limit personal information to the information relevant for the purposes of processing.
- Ensuring accountability for data transferred to third parties: To transfer an individual’s personal information to a third-party, a participant must enter into a contract with the third-party controller that provides that such data may only be processed for limited and specified purposes.
- Transparency related to enforcement actions: Privacy Shield participants must make public any relevant Privacy Shield-related sections of any compliance or assessment report submitted to the Federal Trade Commission (FTC) if the organization becomes subject to an FTC court order based on non-compliance.
- Ensuring commitments are kept as long as the data is held: If an organization leaves the Privacy Shield Framework, it must annually certify its commitment to apply the Principles to information received under the Privacy Shield Framework.