Last updated: September 28, 2016
When Adobe transfers personal information from customers across national borders, we do so in compliance with applicable law.
How does Adobe transfer your EU personal data?
For our individual users and customers whose use of Adobe websites and apps results in the transfer of personal information from the European Economic Area (EEA) to non-EEA countries, we rely on one or more of the following legal mechanisms: the EU-U.S. Privacy Shield, Standard Contractual Clauses, and consent of the individual.
Additional information about Adobe’s privacy practices relating to our individual users and customers is available in the section of the Adobe Privacy Center titled “What does Adobe do with your personal information?”
How does Adobe transfer EU personal data on behalf of our business customers?
For our business customers whose use of Adobe solutions results in the transfer of personal information from the EEA to non-EEA countries, Adobe relies on one or both of the following legal mechanisms: the EU-U.S. Privacy Shield, and Standard Contractual Clauses. More information about our certification to the Privacy Shield is provided below. Regarding the Standard Contractual Clauses, Adobe has prepared a Data Processing Agreement (DPA) that includes the Standard Contractual Clauses (SCCs). If you are an Adobe business customer and want to enter into a DPA and SCCs with Adobe, please request those documents from us.
Additional information about Adobe’s privacy practices in relation to our business customers is available in the section of the Adobe Privacy Center titled “What do Adobe’s business customers do with your information?”
Adobe Privacy Shield certification
Adobe Systems Incorporated (our U.S. company) has certified to the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the transfer of personal information from the European Union and European Economic Area (EEA) to the United States. Our certification does not apply to personal information collected in connection with Fotolia and Livefyre websites and apps. To learn more about the Privacy Shield program, or to view the certification for Adobe Systems Incorporated, please see https://www.privacyshield.gov/. Adobe Systems Incorporated also maintains an affirmative commitment to the U.S.-Swiss Safe Harbor Framework and its principles.
With respect to personal information processed on behalf of our EEA business customers, under EU privacy laws, Adobe Systems Software Ireland Limited (Adobe Ireland) is generally considered a “data processor.” For example, an EEA business customer may use Adobe Sign to process documents containing names, email addresses, and other personal information about its consumers. As part of Adobe providing services to the business customer, this personal information of consumers may be transferred by Adobe Ireland to Adobe U.S. under our Privacy Shield certification or Standard Contractual Clauses, as described above.
- The types of personal information collected
- The purposes for which personal information is collected and used
- An individual’s right to access his or her personal information
- The choices we offer individuals for limiting the use and disclosure of personal information
- The types of third parties to which personal information may be disclosed (including when Adobe is required to disclose personal information to lawful requests by public authorities, including to meet national security or law enforcement requirements). Please note that when Adobe U.S. uses service providers to process personal information received in reliance on Privacy Shield, it is responsible if that service provider processes the information in violation of the Privacy Shield Principles (unless Adobe U.S. can prove that it’s not responsible for the service provider’s action that violated the Principles).
Adobe U.S. complies with the Privacy Shield Principles whenever it receives personal information from the EEA in reliance on the Privacy Shield.
If you have a question or complaint about our compliance with the Privacy Shield Principles, please email us at email@example.com. If we do not resolve your complaint, Adobe has chosen to cooperate with a panel established by the EU Data Protection Authorities who will hear such complaints. You may also have a right to invoke binding arbitration for unresolved complaints (more information). Adobe U.S. is subject to the investigatory and enforcement powers of the FTC.