Information Collection for Self-Certification to the EU_U.S. Privacy Shield Framework

Information Collection for Self-Certification to the EU-U.S. Privacy Shield Framework

EU-U.S. PS questionnaire_Withdrawal_01-13-2017

Information Collection for Self-Certification to the EU_U.S. Privacy Shield Framework

OMB: 0625-0276

Document [docx]
Download: docx | pdf


You are receiving this questionnaire because your organization has indicated that it intends to withdraw from the Privacy Shield program. As a result, the Department of Commerce will remove your organization from the Privacy Shield List, meaning that your organization may no longer benefit from the European Commission’s adequacy decision to receive personal information from the EU and your organization must remove from any relevant privacy policy any references to the Privacy Shield that imply that the organization continues to actively participate in the Privacy Shield and is entitled to its benefits.  

Your organization must verify whether it will return, delete, or continue to apply the Privacy Shield Principles to the personal information that it received in reliance upon the Privacy Shield, and if personal information will be retained, verify who within the organization will serve as an ongoing point of contact for Privacy Shield-related questions.

Failure to respond to this request within 30 days may be subject to enforcement action by the Federal Trade Commission, the Department of Transportation, or other enforcement authorities.



Withdrawal Questionnaire



  1. Please confirm that: (i) you are authorized to make representations on behalf of the organization and its covered entities regarding its adherence to the Privacy Shield Principles for purposes of withdrawal from the Privacy Shield; (ii) the information submitted to the Department of Commerce for purposes of withdrawal from the Privacy Shield, including with regard to personal data received in reliance upon the Privacy Shield, is accurate and correct; (iii) you understand that misrepresentations in any information provided to the Department may be actionable under the False Statements Act, 18 U.S.C. § 1001; and (iv) you understand that failure to adhere to the Privacy Shield Principles with regard to such personal data may lead to enforcement actions by the relevant enforcement authority.



  1. Please provide the following information concerning the organization that self-certified its adherence to the Privacy Shield Principles:

  1. Organization Name;

  2. Organization Contact (the individual or office within the organization handling complaints, access requests, and any other issues concerning the organization’s compliance with the Privacy Shield Framework);

      1. Name;

      2. Title;

      3. Phone number; and

      4. E-mail address

  1. Organization Corporate Officer (the individual certifying the organization’s compliance with the Privacy Shield Framework);

  1. Name;

  2. Title;

  3. Phone number; and

  4. E-mail address

  1. Mailing Address

  1. With respect to personal data received in reliance upon the Privacy Shield, please verify that the organization will:

  1. Retain such data, continue to apply the Privacy Shield Principles to such data, and affirm to the Department of Commerce on an annual basis its commitment to apply the Principles to such data;

  2. Retain such data and provide “adequate” protection for such data by another authorized means (for example, using a contract that fully reflects the requirements of the relevant standard contractual clauses adopted by the European Commission). If so, specify which alternate means it has chosen to use; or

  3. Return or delete such data. If so, specify the date by which all such data was returned or deleted.




File Typeapplication/vnd.openxmlformats-officedocument.wordprocessingml.document
File Modified0000-00-00
File Created2021-01-23
© 2024 OMB.report | Privacy Policy