Privacy Shield Compliance Tip #1: Navigating Your Annual Re-Certification

May 20, 2020, 09:00 AM by BBB National Programs

In our Privacy Shield Compliance Tips series, the BBB EU Privacy Shield team shares insights into the ins and outs of complying with the Privacy Shield Frameworks—adequate mechanisms for transferring personal data from the European Union or Switzerland to the United States. Each tip is focused on an issue that we often encounter in our work with hundreds of companies that have self-certified under Privacy Shield.

One perennially complex issue for businesses that participate in Privacy Shield is the annual re-certification process. There are two separate steps that participating Privacy Shield businesses must take every year to maintain an active certification in the Privacy Shield Frameworks:

  1. Re-certify your Privacy Shield self-certification with the U.S. Department of Commerce (DOC).
  2. Renew your participation agreement with your Independent Recourse Mechanism (BBB EU Privacy Shield), ensuring that you continue to receive dispute resolution services—a core requirement of Privacy Shield. 

It is important to note that re-certification and IRM renewal are two separate and distinct steps. Depending on your history in Privacy Shield, the due date of your re-certification with DOC may differ from the due date of your renewal with BBB EUPS.

  • What is re-certification? Re-certification is the process by which you annually re-affirm to DOC your Privacy Shield self-certification. Your annual Privacy Shield re-certification is essentially a process of re-approval, much the same as the initial process of becoming approved under Privacy Shield. The required steps are almost identical to those you went through to secure initial approval of your Privacy Shield self-certification, including verifying that DOC has copies of your most up-to-date disclosures and policies. After submission, your account receives a thorough review by a Privacy Shield team member. Securing approval for your annual re-certification may take time, so we recommend that you file within 5 days of your due date.

    If you allow your account to lapse, this could trigger a series of processes that make regaining compliance extremely difficult! The Privacy Shield site has full instructions for completing your re-certification.
  • What is IRM renewal? Renewal is the process of re-registering with BBB EU Privacy Shield, renewing your contract so that we may continue to serve as your IRM. When you renew with BBB EUPS, you pay your annual dues and our staff reviews your Privacy Shield disclosures to ensure ongoing compliance with our program.

In addition to our compliance tracking services provided throughout the year, BBB EUPS notifies each of our participating businesses when its DOC re-certification date is coming up, as well as when it is time to renew enrollment in our program. If you are a BBB EU Privacy Shield participant, please look out for these messages and follow the instructions in themIf you are interested in our services, click here to learn more about signing up for Privacy Shield

Other Blog Articles


Behind the seal: What does it mean to be a CARU Safe Harbor company?

When the Children’s Privacy Protection Act (COPPA) passed in 1998, the Federal Trade Commission (FTC) began to approve industry groups to administer an independent, self-regulatory program that implements protections for children as outlined in the COPPA Rule. The Children’s Advertising Review Unit (CARU) was the first such group in the U.S. to receive FTC approval. Learn more about what's behind the CARU Safe Harbor seal.
Read more

Protecting Consumers Against False Advertising: Lessons from the National Advertising Division

During this year’s National Consumer Protection Week it's worth taking a closer look at how advertising fits into the consumer protection puzzle. Consumer protection is core to our mission at the National Advertising Division (NAD) and critical to a robust and competitive marketplace. When faced with false or misleading claims, companies have a variety of options, including filing an NAD challenge. Here we outline seven distinct advantages of filing an NAD challenge.
Read more

Harmful Stereotyping in Advertising Must Not Be a “Forever Problem”

Though the annual celebration of Black History Month is drawing to a close, the plethora of issues raised by the study of Black history must always remain top of mind. For those of us who work in truth in advertising at BBB National Programs’ National Advertising Division (NAD), we are paying very close attention to the issues of diversity and stereotyping, as presented in various forms of advertising. Developing a mechanism to addressing representation in advertisements would not be simple, but the time is now to start the conversation. Harmful stereotypes in advertising must not be a forever problem.
Read more

5 Tips for Truthful and Transparent Influencer Marketing and Product Reviews

BBB National Programs’ National Advertising Division is dedicated to truth-in-advertising. To help you ensure that influencer marketing and the use of product reviews in your advertising is both transparent and truthful, we offer the following five tips.
Read more