Are your vendors using the EU - U.S. Data Privacy Framework?

Written by
August 17, 2023

We’re back with an update and an action point for you - all to make sure you are getting the best of your Privacy hub.

Are your vendors using the EU - U.S. Data Privacy Framework?

The new EU - U.S. Data Privacy Framework (the “DPF”) is a framework between the EU and the U.S. It makes it easier for EU companies to send data to their U.S. vendors.

We’ve now included the ability for you to filter & export your vendors who’ve certified for the DPF.

Just log in to your Openli account, go to “Vendors”, click on ‘Data Transfers’ on the right side table and select ‘DPF (Data Privacy Framework)’.

We’re right now reviewing the DPF list and updating the information in your Openli account. We have also updated our vendor outreach email to reference the new DPF.

If your vendor is on the list, it means that it's easier to send data to them.

Remember: You still need a valid data processing agreement in place and the vendor should be vetted in accordance with the GDPR.

ACTION REQUIRED: Tell us who you would like as a contact person

Some vendors ask for a contact person at your company to confirm Openli’s authorisation.

Trust is important and we therefore always attach the power of attorney in the vendor email. But still, a few vendors sometimes would like to check with you that we’re allowed to receive the information.

The vendor sometimes contacts various people in your organisation to get this verification. We know that’s not always ideal for you.

So we’d like to hear who you would like to have as your dedicated contact person. It can be a group email, e.g. legal@, or something similar.

We’ll share these details (name & email address) with your vendors who require confirmation (in addition to the Power of Attorney we have with you).