20. June 2020
In 2015, the European Commission’s Safe Harbor decision was declared invalid by the European Court of Justice (ECJ). Five months later, the EU and the United States agreed on a new set of rules which intended to protect the personal data of citizens of the European Economic Area in case that this data will be transferred and stored in the United States. A number of provisions should bring the level of data protection in the United States to a level that is in line with EU requirements. Already before Donald Trump published numerous decrees, US law took precedence allowing the FBI and NSA to gain access to the data stored on US servers in justified suspected cases (e.g. to combat terrorism). After living with this artificial, not really secure data protection shield for over four years, the ECJ invalidated this “adequacy decision” known as the “EU-US Privacy Shield” on July 16, 2020. Most of the bilateral agreements closed on a small scale, usually contain data protection rules which are still valid. Big corporations, of which are many well-known global software providers often refer to the EU-US Privacy Shield, which is now invalid. Trinity offers its customers a “private cloud solution” in which the data is only stored on servers located in Germany. As an ISO 27001 / IKS PS 951 and PS 983-certified full-service IT provider, our data center is specialized in highly available IT services for banks, stock exchanges and financial service providers and meets the highest data security requirements. State-of-the-art building technology and physical security measures are used at three locations in Germany to ensure business continuity management. As a result, the EU-US Privacy Shield is completely irrelevant for our corporate-, municipality- and bank customers using the Trinity Treasury Management System.