Description

Following the invalidation of Privacy Shield by the Court of Justice of the European Union in 2020, Wolkvox and its provider, Google Cloud Platform (GCP), have adopted alternative mechanisms to ensure the legal and secure transfer of personal data between the EU, Switzerland, and the United States. Google Cloud complies with the European Commission’s Standard Contractual Clauses (SCC), as well as other legal frameworks and certifications that ensure data protection in accordance with GDPR and other applicable regulations. Wolkvox conducts continuous validation of these frameworks to ensure that all international data transfers comply with current regulations.

Features

Data Transfer Mechanisms

• Standard Contractual Clauses (SCC): Google Cloud uses SCC approved by the European Commission, which establish legal safeguards for data transfers outside the European Economic Area (EEA).
• Compliance Commitments: Google maintains certifications such as ISO 27001, ISO 27701, and SOC 2/3, and adheres to internationally recognized privacy principles, even after the invalidation of Privacy Shield.
• Risk Assessment: Wolkvox performs periodic analyses to verify that data transfers through GCP meet the protection standards required by GDPR and other local regulations.

Additional Protection Measures

• Data Encryption: All data transferred or stored in GCP is encrypted in transit and at rest, using protocols such as TLS 1.2+ and AES-256.
• Transparency and Audits: Google publishes detailed reports on its privacy and security practices and allows independent audits to validate compliance with legal frameworks.
• Alignment with Regulations: Wolkvox and GCP actively monitor updates in legislation (such as the new EU-U.S. Data Transfer Framework) to adapt their processes and ensure compliance.