Privacy Shield Complaint Form

To qualify for consideration under the EU-U.S. Privacy Shield Framework, complaints must originate from consumers or businesses in one of the participating EU Member States. Your complaint must involve a data privacy concern involving transfer of personally identifiable information (name, address, email address, phone, account information, etc.) from Europe to the United States.

Section 1: Verification

Please mention which country it originates from:

Name or other type of identifier used by the US company to individualise you, such as username (mandatory in the case in which the right of access is at stake(1))

Section 2: Authorization & Contact Info

Preferred contact (i.e. phone number, e-mail address, mailing address)

Your name (for contact purposes)

Section 3: Nature of Complaint

If known, which company has sent your data to the US? (Please provide contact information related to this company).

If known, which is/are the United States companies believed to be involved in processing your personal data?

Please elaborate on the reasons why you believe that your personal data have been transferred from the EU to a Privacy Shield US organisation (for instance, information given in a privacy policy)?

Please explain the alleged violation of the Privacy Shield Framework by the US organization

If you are looking for information or relief, please provide some details

Did you already try to resolve your case by contacting the U.S Company (or companies) involved directly?(2) If yes, what was the outcome? Please provide the previous correspondence in that matter.

What other measures have you taken to obtain the information or relief requested and what response have you received through those other measures?

2 + 13 =

Who will be handling the data provided by this form and how is my personal data protected?

Your DPA is the data controller of personal information provided in the form. Where the “Informal Panel of EU DPAs” is competent, your personal data will be shared with the EU DPAs participating to the panel. European data protection law applies to protect your personal data processed by all EU DPAs involved. In accordance with European data protection law the DPAs will process your personal data exclusively for the purpose of handling your complaint. Your data will be submitted to restricted access and available only to authorised personnel within the relevant DPA.

Will my personal data be transferred to US-companies or to US-authorities?

Where your complaint can be handled without disclosing your personal data, they will not be disclosed.

Please be advised that the handling of your complaint might require the transfer of your personal data to the concerned US company and/or US-authorities (US Department of Commerce – DoC, US Federal Trade Commission – FTC, US Federal Transportation Authority – FTA). Such personal data may include your name, any other identifier you have used when communicating with the US-company or any other personal information that has been processed by the US –company and is part of your complaint3

If such transfer turns out to be necessary in order to handle your complaint, you will be specifically informed before the data is transferred and you will be given the opportunity to decide if you wish to proceed.

The outcome of the complaint procedure might be published, if appropriate. However, your personal data will not be disclosed in the course of this publication.

1 If your complaint concerns your right of access to your personal data, it will be necessary to provide this information since otherwise the US company will not know which user has lodged the complaint and hence will not be able to identify and therefore to handle the case. Additional information might also be asked by DPAs to ensure the proper verification of this information (authentication).

2 Please note that in most cases, it would be advisable that you first contact the US Privacy Shield-certified company to attempt to resolve your case. Your national EU DPA can help you to do so.

3 The „Informal Panel of EU DPAs“ is a group of Data Protection Authorities of EU member states which will be set up in order to handle a complaint concerning human resources personal data transferred from an EU entity to an US Privacy Shield company, or when the US company has voluntarily committed to cooperate with the EU DPAs.

Creating the world’s most advanced brain health analytics engine.

Enter your email to receive information regarding our technology.

Thank You

Creating the world’s most advanced brain health analytics engine.

Enter your email to receive information regarding our technology.

Thank You