Privacy Policy Requirements

As part of the BBB EU Privacy Shield application process, a draft of your organization’s privacy policy must be made available for our review and approval before we can confirm your company's participation. The privacy policy must comply both with our program requirements and with the requirements of the U.S. Department of Commerce for participants in the EU-U.S. Privacy Shield and/or the Swiss-U.S. Privacy Shield. As part of our expanded IRM services Independent Recourse Mechanism model, we will provide hands-on assistance and step-by-step instructions for aligning your policy with these requirements after you apply.

Before applying, please closely review the below steps to ensure you are fully prepared for the self-certification process.