• Overview
    Key features
    • Observability
    • Auto-scaling
    • Multiframework
    • Security
    Frameworks
    • Django
    • Next.js
    • Drupal
    • WordPress
    • Symfony
    • Magento
    • See all frameworks
    Languages
    • PHP
    • Python
    • Node.js
    • Ruby
    • Java
    • Go
  • Industries
    • Consumer Goods
    • Media/Entertainment
    • Higher Education
    • Government
    • Ecommerce
  • Pricing
  • Featured articles
    • Switching to Platform.sh can help IT/DevOps organizations drive 219% ROI
    • Organizations, the ultimate way to manage your users and projects
  • Support
  • Docs
  • Login
  • Request a demo
  • Free Trial
Meet Upsun. The new, self-service, fully managed PaaS, powered by Platform.sh.Try it now
Blog

Proudly announcing Platform.sh's participation in the Data Privacy Framework (DPF)

privacycompliance
20 Feb, 2024
Stefanos Thampis
Stefanos Thampis
Data Privacy Counsel

As individuals become increasingly conscious of their personal data and how it is used, compliance with data protection regulations is a top priority for organizations worldwide. However, a challenge arose with cross-border transfers of personal data between the EU and the US following the Schrems II ruling by the Court of Justice of the European Union, leading to the creation of a new privacy framework.

The EU-US Data Privacy Framework (DPF)—together with the UK Extension and the Swiss-US Data Privacy Framework— was developed to facilitate transatlantic commerce. These approved certification mechanisms enable US organizations to transfer EU personal data—including the UK and Switzerland—to the United States in a privacy-protected way consistent with EU law. On 18 December 2023 Platform.sh became officially DPF-certified and we will renew our certification annually.

To gain certification, participating organizations must self-certify that they provide “adequate” data protection. This is achieved by implementing appropriate safeguards to protect data from loss, misuse, and unauthorized access and by adhering to the DPF Principles. The DPF Principles lay out a set of requirements governing participating organizations' use and treatment of personal data received from the European Union, the UK, and Switzerland. Such as by providing individuals with a notice disclosing:

  • The types of personal data collected and, where applicable, the US entities or subsidiaries of the organization also adhering to the Principles
  • The purposes for which it collects and uses personal information about them
  • The individuals’ rights to access their personal data
  • The possibility, under certain conditions, for the individual to invoke binding arbitration

You can learn more about the specific requirements of the DPF here. For more information on how Platform. sh complies, please see our Data Privacy Framework Notice.

Get the latest Platform.sh news and resources
Subscribe

Related Content

International data protection with EU-entities of US-headquartered IaaS providers

International data protection with EU-entities of US-headquartered IaaS providers

Company
AboutSecurity and complianceTrust CenterCareersPressContact us
Thank you for subscribing!
  •  
Field required
Leader Winter 2023
System StatusPrivacyTerms of ServiceImpressumWCAG ComplianceAcceptable Use PolicyManage your cookie preferencesReport a security issue
© 2024 Platform.sh. All rights reserved.
Supported by Horizon 2020's SME Instrument - European Commission 🇪🇺