Kigo is serious about data privacy. We treat the data that our clients collect and use through our Kigo system with the utmost respect and sensitivity, employing numerous policies, controls, and standards to ensure the privacy and security of this information. In the European Union (EU), Kigo’s commitment to data privacy and protection is especially valuable to our clients given the regulatory framework associated with international data transfers.
EU data protection laws restrict the exporting of personal data from the European Economic Area (EEA) unless the data exporter “legitimizes” the transfer of data by obtaining assurance that the receiving party will maintain data privacy and security in accordance with EU standards. Previously, Kigo and our European clients were able to rely on the EU-US Safe Harbor framework to legitimize the international transfer of personal data associated with the use of our Kigo system. On October 6, 2015, the European Court of Justice (ECJ) issued a decision in Schrems v. Facebook invalidating the Safe Harbor framework and requiring international data transfers originating from the EEA to be legitimized via alternative means.
In the absence of Safe Harbor, companies transferring and receiving personal data from the EEA can comply with EU data protection law by signing standard contractual clauses (also known as “model clauses”) that have been approved by the European Commission. Therefore, in an effort to continue our commitment to privacy, Kigo is providing our European clients the attached Data Processing Addendum that incorporates these model clauses into their Kigo Services Agreement. This addendum provides our clients with assurance that personal data will be transferred and processed in compliance with EU data protection law.
Your Client Success representative will follow up with you to ensure the addendum has been signed. The information provided herein does not constitute, and should not be relied upon as, legal advice. Consult with your legal counsel for any questions you have about your legal and data privacy obligations.