EU-U.S. Data Privacy Framework - New adequacy decision issued by the European Commission for the transfer of personal data from the EU to the US

EU-U.S. Data Privacy Framework - New adequacy decision issued by the European Commission for the transfer of personal data from the EU to the US

The transfer of personal data from the EU to the United States has always been a controversial issue.
On July 12, 2016, the European Commission issued an adequacy decision on the EU-U.S. Privacy Shield Framework, which replaced the previously existing Safe Harbor program.
On July 16, 2020, the European Union Court of Justice (CJEU) invalidated the EU-US Privacy Shield in its decision in Facebook Ireland v. Schrems (Schrems II). The court determined that the Privacy Shield transfer mechanism did not comply with the level of protection required under EU law, focusing on its inability to protect European Economic Area data subject's personal information from the U.S. Government's surveillance powers, as such powers were deriving from national surveillance laws.

After the invalidation of the above adequacy decision on the EU-US Privacy Shield by the Court of Justice of the EU, the European Commission and the US government entered into discussions on a new framework that addressed the issues raised by the Court, as provided in article 45(3) of the General Data Protection Regulation (GDPR), which grants the Commission the power to decide, by means of an implementing act, that a non-EU country ensures ‘an adequate level of protection' - a level of protection for personal data that is essentially equivalent to the level of protection within the EU. The effect of such adequacy decisions is that personal data can flow freely from the EU (and Norway, Liechtenstein and Iceland) to a third country without further obstacles.

Finally, on July 10, 2023, the European Commission adopted the new adequacy decision for the EU-U.S. Data Privacy Framework, which introduces significant improvements compared to the mechanism that existed under the Privacy Shield. The decision concludes that the United States ensures an adequate level of protection – comparable to that of the European Union – for personal data transferred from the EU to US companies under the new framework.

On the basis of the above new adequacy decision, personal data can flow safely from the EU to US companies participating in the Framework, without having to put in place additional data protection safeguards.

US companies will be able to join the EU-U.S. Data Privacy Framework by committing to comply with a detailed set of privacy obligations, for instance the requirement to delete personal data when it is no longer necessary for the purpose for which it was collected, and to ensure continuity of protection when personal data is shared with third parties At the same time, EU individuals will benefit from several redress avenues in case their data is wrongly handled by US companies, such as independent dispute resolution mechanisms and an arbitration panel, which will be available free of charge.

Further, the EU-U.S. Data Privacy Framework introduces new binding safeguards to address all the concerns raised by the European Court of Justice, including limiting access to EU data by US intelligence services to what is necessary and proportionate, and establishing a Data Protection Review Court (DPRC), which forms part of an independent and impartial redress mechanism regarding the collection and use of their data by US intelligence agencies.

EU individuals will have access to the DPRC, which will independently investigate and resolve complaints, including by adopting binding remedial measures.
For example, if the DPRC finds that data was collected in violation of the new safeguards, it will be able to order the deletion of the data. The new safeguards in the area of government access to data will complement the obligations that US companies importing data from EU will have to subscribe to.

Athens, July 12, 2023
Avramopoulos & Partners

For further information please contact:
Barbara Angelopoulou
Partner
E-mail: b.angelopoulou@avralaw.gr
Tel.: +30 210 691 2200
Fax: +30 210 691 1211

Cookies Policy

About our Cookies Policy

Our Cookies Policy describes what cookies are and how we use them on the website of United Maritime Corporation (the “Company”), www.unitedmaritime.gr. You are required to read this policy in order to be able to understand the type of cookies we use, the information we collect using cookies, and how this information is being used. By using our website, you provide us with your consent in the use of cookies as set out in this policy.

Cookies Policy

The Company has adopted a strict privacy policy regarding the visitors of our website. This note provides you with more information on how cookies are used in our website each time you are browsing therein.

What are Cookies

Cookies are small pieces of text that are sent to your browser when you are browsing in a website. They support the visited website to save information about your visit, such as your preferred language as well as certain other types of settings. As a result, your next visit becomes more user-friendly and the website becomes more useful to you. Cookies play an important role; without cookies, using any website would be a much more complicated experience.

Our website uses cookies for a variety of reasons. We use them, for instance, to store your preferences with regard to browsing safety features, to calculate the number of visitors of our page, or to help you sign up for our services and protect your personal data.

There are two types of cookies:

Technical cookies:
these are necessary for the proper functioning of a website and for the visitor’s navigation therein. Without technical cookies, visitors may not be able to view properly a website’s pages or use certain services.

Profile creation cookies:
these are used to create visitor profiles in order to send customized advertising messages according to the preferences of each visitor while browsing.

“Technical” or “profile creation” cookies, can also be classified as:

“Session” cookies, which are deleted immediately after the browser is terminated,

“Permanent” cookies, which remain in the browser for a certain period of time. These cookies are used, for example, to identify the device connected to a website, facilitating visitor authentication / user ID procedures,

“Proprietary” cookies, which are created and controlled directly by the website administrator,

"Third party" cookies, which are created and controlled by third parties other than the website administrator.

Do we use Cookies?

Yes, we use certain Cookies for the purpose of making our website www.unitedmaritime.gr more functional and appealing to our visitors.

Our website employs “technical” cookies and more specifically the following types:

“Proprietary” cookies, “Session” cookies or “Permanent” cookies, which are essential for browsing through our website for internal security and system administration purposes;

“Third party” cookies, “Permanent” cookies, used by our website to provide statistical information to Google Analytics, through which the Company can perform a statistical analysis of its website access / visits. These cookies are used only for statistical purposes and collect / gather information in an aggregated manner. By using permanent cookies and session cookies Google Analytics creates a timelog register concerning the frequency of visits and browsing duration of each user in our website. Visitors give their consent directly to the owner of these cookies, from whom the Company simply collects data. The majority of third-party cookies in our website are disabled and visitors’ consent is required in order to proceed with their activation. In any event, we are notifying you that non-activation of cookies may affect your ability to fully use our website and / or make the most out of all available features and services offered therein.

On the right bottom side of our homepage, as shown below, you may select which cookies you prefer to have activated or deactivated during your visit in our website.

In case you do not wish your information to be collected through the use of cookies, there is a simple procedure in most browsers that allows you to refuse the use of cookies. To find out more about how you can manage cookies, please visit http://www.allaboutcookies.org/manage-cookies/. Some features of our website may not function properly if you decline the use of cookies.