Privacy Shield Framework

E-U-US and Swiss-US
Amended: June 29th, 2022

On July 16, 2020, the Court of Justice of the European Union (“CJEU”) invalidated the EU-US Privacy Shield mechanism on the ground that it does not ensure guarantees essentially equivalent to those required by the GDPR and the Charter of Fundamental Rights of the European union (“Charter”) for a transfer from the European Economic Area (“EEA”) to a third country. The Federal Data Protection and Information Commissioner of Switzerland issued a similar opinion. For more information, please refer to the Privacy Shield website.

Therefore, Coveo  Software Corp. ("Coveo") does not rely on the Privacy Shield Framework as a transfer mechanism pursuant to the GDPR but continues to abide by its principles, as described below.

  1. Privacy Shield. Coveo abides by the Privacy Shield frameworks set forth by the U.S. Department of Commerce regarding the collection, use and retention of personal information collected by organizations in the European Economic Area and Switzerland (“Privacy Shield”). Coveo has certified that it adheres to the Privacy Shield principles. For more information on the Privacy Shield, including the Privacy Shield Principles, please visit this website.
  2. Arbitration. Please contact us here if you have any questions or complaints regarding Coveo’s compliance with the Privacy Shield Framework. If your complaint regarding Coveo’s Privacy Shield compliance is not resolved by contacting us, you may invoke binding arbitration, at Coveo’s sole cost and expense, with JAMS Privacy Shield Program. Under certain conditions, more fully described on the Privacy Shield website, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.
  3. Liability for onward transfers. Coveo uses third-party service providers to perform services on our behalf as described here. These third party providers assist with the transmission of data, and provide data storage services. These third parties may access, process, or store personal information in the course of providing their services. Coveo maintains contracts with these third parties restricting their access, use and disclosure of personal information in compliance with our Privacy Shield obligations, and Coveo may be liable if they fail to meet those obligations and we are responsible for the event giving rise to the damage.
  4. Investigatory and legally required disclosure.. Coveo will promptly inform every concerned individual subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC) or any other U.S. authorized statutory body. It may be necessary − by law, legal process, litigation and/or requests from public and governmental authorities within or outside your country of residence, including to meet national security or law enforcement requirements − for Coveo to disclose your personal information. Coveo will inform concerned individuals about the requirements of such disclosure.
drift close

Hey 👋! Any questions? I can have a teammate jump in on chat right now!

drift bot