Global Policies

Gartner Safe Harbor Update 2016

Data Privacy Update as of March, 2016
Gartner takes data privacy very seriously and is dedicated to safeguarding the personal data our clients have entrusted to our care. Since the decision by the European Court of Justice in October 2015 to invalidate the Safe Harbor Framework, we have been closely monitoring developments as the EU and US work together to come to agreement on a new legal structure to safeguard EU to US personal data transfers. Over the past few months, the EU has enacted the General Data Protection Regulation (GDPR) and the EU and US have agreed to an updated framework agreement called the EU-US Privacy Shield (EUPS). Until there is definitive guidance for the almost 5000 US companies impacted by this decision, Gartner is taking the following steps: (i) we are updating our intra-company data transfer agreements to align with the EU Intra-Company Model Clauses; (ii) where necessary, we are relying on alternate data transfer mechanisms approved by the European Commission; and (iii) until such time as we are permitted to certify to the new EU-US Privacy Shield, we will continue to certify our compliance to Safe Harbor -- as part of our company-wide data privacy compliance program. For additional guidance, please see our Global Privacy Policy.

EU and Swiss Safe Harbor Privacy Certification
Gartner complies with the U.S.-EU Safe Harbor Framework and the U.S-Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland. While Gartner relies on alternate data transfer mechanisms approved by the European Commission to ensure the lawful transfer of EU personal data to the US, we continue to certify our adherence to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access and enforcement. To learn more about the Safe Harbor Program, and to view Gartner’s certification, please visit http://www.export.gov/safeharbor/.

We self-certify compliance with Safe Harbor.

Global Data Transfer
To ensure that all Gartner entities around the globe adhere to the same data privacy standards and safeguards, Gartner has arranged for those Gartner legal entities not covered by the Safe Harbor Framework to enter into Global Data Transfer Agreements that require them to implement similar policies and protocols. This arrangement allows Gartner to transfer personal data in its care freely and safely across the company, as necessary to administer the Gartner products and services.

If you have any questions, please do not hesitate to contact one of our Regional Privacy Contacts located on the home page of the Gartner Global Privacy Center.

Last Updated: March, 2016