Privacy

Cross-border Data Transfers

On July 16, 2020, the European Union Court of Justice issued a long awaited ruling regarding two recognized mechanisms used by entities to transfer personal data from the European Economic Area (EEA) to other countries under the General Data Protection Regulation (GDPR). In particular, the Court invalidated the EU-U.S. Privacy Shield Framework for transfers of personal data from the EEA to the U.S., while reconfirming the validity of the European Standard Contractual Clauses.

Rest assured, Nutanix customer data can continue to move from the EEA to the U.S. in compliance with the Court’s recent decision and the GDPR. Nutanix relies on the European Standard Contractual Clauses (SCCs), in addition to the Privacy Shield, to transfer customer data from the EEA to the U.S. Nutanix also considers additional safeguards to supplement the SCCs as necessary. The ruling, therefore, does not limit Nutanix’s ability to continue safeguarding customer data (via European Standard Contractual Clauses) while transferring it to the U.S., and it does not require any changes to our customer agreements or the manner in which our customers engage with our products and services.