Last updated: 18 June 2020
When Adobe transfers personal information from customers across national borders, we do so in compliance with applicable law.
How does Adobe transfer your EU personal data?
For our individual users and customers whose use of Adobe websites and apps results in the transfer of personal information from the European Economic Area (EEA) or Switzerland to non-EEA countries, we rely on one or more of the following legal mechanisms: the EU-US Privacy Shield, the Swiss-US Privacy Shield, Standard Contractual Clauses and consent of the individual.
Additional information about Adobe’s privacy practices relating to our individual users and customers is available in the section of the Adobe Privacy Centre titled “What does Adobe do with your personal information?”
How does Adobe transfer EU personal data on behalf of our business customers?
For our business customers whose use of Adobe solutions results in the transfer of personal information from the EEA or Switzerland to non-EEA countries, Adobe relies on the following legal mechanisms: the EU-US Privacy Shield, the Swiss-US Privacy Shield and Standard Contractual Clauses. More information about our certification to the Privacy Shield is provided below. Regarding the Standard Contractual Clauses, Adobe has prepared a Data Processing Agreement (DPA) that includes the Standard Contractual Clauses (SCCs). If you are an Adobe business customer and want to enter into a DPA and SCCs with Adobe, please request those documents from us.
Additional information about Adobe’s privacy practices in relation to our business customers is available in the section of the Adobe Privacy Centre titled “What do Adobe’s business customers do with your information?”
Adobe Privacy Shield certification
Adobe Inc. (our US company) has certified to the EU-US and Swiss-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the transfer of personal information from the European Economic Area (EEA) and Switzerland to the United States. To learn more about the Privacy Shield programme or to view the certification for Adobe Inc., please see https://www.privacyshield.gov/.
With respect to personal information processed on behalf of our EEA and Swiss business customers, under EU privacy laws, Adobe Systems Software Ireland Limited (Adobe Ireland) is generally considered a “data processor.” For example, an EEA business customer may use Adobe Sign to process documents containing names, email addresses and other personal information about its consumers. As part of Adobe providing services to the business customer, this personal information of consumers may be transferred by Adobe Ireland to Adobe US under our Privacy Shield certification or Standard Contractual Clauses, as described above.
Adobe US complies with the Privacy Shield Principles whenever it receives personal information from the EEA and Switzerland in reliance on the Privacy Shield.
If you have a question or complaint about our compliance with the Privacy Shield Principles, please contact us. If we do not resolve your complaint, Adobe has chosen to cooperate with a dispute resolution provider established by the Association of National Advertisers (ANA), who will hear such complaints (more information). You may also have a right to invoke binding arbitration for unresolved complaints (more information). Adobe US is subject to the investigatory and enforcement powers of the FTC.
For information regarding our security measures, please visit the Adobe Security Centre.