Many companies have to provide an internal and external dispute resolution process for individuals who think that their data are not collected, processed or used in compliance with the applicable privacy principles.
Internal dispute resolution
The individual first submits his or her complaint in the internal dispute resolution procedure. It includes an investigation based on the individual’s complaint and the evaluation of whether the company has collected, processed or used personal data of the individual without complying with one or more of the EU-US Privacy Shield Privacy Principles. The investigation as well as the evaluation is conducted by an internal working group or department of the company. The company must provide a summary of the results to the complainant.
External dispute resolution
Only if this procedure fails, the individual may use the external dispute resolution procedure. In this case 2B Advice will investigate and evaluate the facts based on the complaint filed by the individual. 2B Advice will take into account the facts the individual has provided as well as the facts the company has provided. The company has agreed to cooperate with 2B Advice in the course of such an investigation and to provide all necessary information for the dispute resolution process. The investigation and evaluation will be conducted by experienced data protection experts of 2B Advice.
Contact details for the internal and external dispute resolution
Companies which have certified under the EU-US Privacy Shield program have to provide a publicly available Privacy Statement, preferably on their Website. The Privacy Statement must include contact details for the internal and the external dispute resolution process. If you want to file a complaint in the internal dispute resolution procedure, you will find the necessary contact information in the Privacy Statement. The U.S. Department of Commerce maintains on its EU-US Privacy Shield website: www.privacyshield.gov a public list of those companies that have certified their compliance with the EU-US Privacy Shield Framework. A company’s EU-US Privacy Shield certification record includes contact details relevant to the internal dispute resolution process and identifies the external dispute resolution provider(s).
How to File a Complaint
Filing a Complaint & Dispute Resolution Process
You can file your complaint in the external dispute resolution process by using our standard complaint form. We will only open a new case if the complaint refers to a company that has entered our external dispute resolution agreement.
Privacy
We will not disclose your name or your email address to the company unless you explicitly allowed us to do so. You will find the respective option in our standard complaint form. If you want to learn more about our data protection standards when collecting, processing or using your personal data, please refer to our Privacy Notice.
Your complaint
It is very important to understand the essence of your complaint. Therefore we like you to provide as much precise information as possible on what happened. This includes data types concerned, the kind of processing procedure and the Principle(s) that you think have been violated.
How we act
If we have all necessary information from you, we will ask the company to provide all necessary information, too. After the evaluation has been completed we will provide a written advice to the company if there should be a violation of the Privacy Principles. You will receive a summary of the results. Companies taking part in our dispute resolution program have agreed to fully participate in any inquiry or investigation by us, and agreed to accept our advice as final.
Since 2003
We are one of the providers with the longest experience in the market.
International Team
Our data protection expertise is transnational and we work internationally.
Privacy Impact Assessment
Our data protection expertise is transnational and we work internationally.
Top 5 % Employer
Received the prestigious award from kununu, one of the leading European platforms for employer evaluation.
ISO 19011
Certified Auditor
Gold Member
IAPP Gold Member
ISO Certified
2B Advice is ISO/IEC 27001:2017 Certified
CIPP
Certified Information Privacy Professionals
Our Clients (Selection)
Further Information
Learn more about how data protection compliance software can help you with GDPR compliance.
7 reasons why to get started on the journey to privacy compliance. Download the whitepaper!
Interested in an unlimited single seat license for comprehensive data privacy software? Register here now.
Latest Blog Posts
This blog delves into the intricate requirements of GDPR consent, guided by the European Data Protection Board's (EDPB) clarifications and the amendments to the initial guidelines set by the Article 29 Working Party.
This blog will delve into the nuances of New Jersey's Senate Bill 332 and New Hampshire's Senate Bill 255, exploring their key features and the potential impacts on privacy norms.
The European Commission's recent confirmation of the continuity of data flows to 11 third countries and territories marks a significant milestone in international data protection.