EU Safe Harbor Privacy Assessment

Comply with the US-EU and US-Swiss Safe Harbor Framework

The TRUSTe US-EU and US-Swiss Safe Harbor Privacy Assessment helps verify your compliance with the Safe Harbor Framework, includes alternative dispute resolution, and helps your organization get ready for self-certification with the U.S. Department of Commerce. Displaying the DOC seal signals to consumers around the globe that you take their privacy seriously.

If you do business in the EU and Switzerland, TRUSTe can help you certify your compliance with the EUs 1995 Directive on Data Protection. The Directive prohibits the transfer of personal data from Europe to non-European Union nations that do not meet the EUs “adequacy” standard for privacy protection.

The U.S. Department of Commerce, in concert with the European Commission, developed the “Safe Harbor Framework” to allow U.S. organization to comply with the Directive by agreeing to abide by the Safe Harbor Privacy Principles. Companies certify their compliance with these Principles on the U. S. Department of Commerce website. The Framework was approved by the EU in 2000, and gives companies who abide by the Principles assurance that the EU will consider their practices “adequate” for data transfers between the EU and/ Switzerland, and the US.


  • Get verification for streamlined legal compliance with the U.S.-EU Safe Harbor Framework.
  • Resolve disputes with localized dispute resolution of consumer complaints about online data collection, as required for Safe Harbor status.
  • Build confidence as your company prepares for US-EU Safe Harbor self-certification with the U.S. Department of Commerce.
  • Gain recognition as EU Safe Harbor Compliant for your organization and websites.

Key Features

TRUSTe US-EU and US-Swiss Safe Harbor Privacy Assessments follow a comprehensive and proven multi-step process to prepare your privacy practices to meet applicable regulatory and industry standards.

Data Collection & Discovery

TRUSTe EU Safe Harbor Privacy Assessments begin with a review of your data privacy management practices for each website you want to review. We work with you to identify a range of information including what data you collect, how you use it, who you share it with, third party agreements, use of trackers, privacy disclosures, opt-outs, and much more. We also review your stated privacy practices and policies. The TRUSTe team uses a combination of methodologies including a manual evaluation of your privacy practices by our team of privacy analysts, company interviews and on-site engagements, and digital property scanning tools.

Digital Property Scanning Tools

TRUSTe will apply our proprietary scanning technology to the applicable websites and mobile apps, providing comprehensive insight into the variety of data collection activities happening throughout your site and apps. The scan will uncover what could take dozens to hundreds of hours to accomplish manually with internal resources. You’ll find the first and third party trackers with detailed information about them including identity, location, type of tracker and URL. The scan will also shed light into the tracking technologies used, and the entire chain of tracker source (“daisy chain”). You will also get a scoring and evaluation of third party tracker severity, using a proprietary algorithm that calculates its Privacy Sensitivity Index (PSI). It will also provide insights into personally identifiable information (PII) data collection.

Privacy Findings Report & Gap Analysis

We present you with a Privacy Findings Report summarizing a gap analysis between your privacy practices and EU Safe Harbor Certification Standards along with the changes you should make to your data privacy management practices and privacy policies to apply for certification with the Department of Commerce. TRUSTe Privacy Certification Standards are built upon the core principles of transparency, choice and accountability and they provide a comprehensive set of requirements based on applicable privacy regulations, industry self-regulatory requirements, and industry best practices.

Privacy Dispute Resolution Service

You also get access to our third-party dispute resolution service, which helps you efficiently manage privacy inquiries from customers. It also addresses the dispute handling requirements the US-EU Safe Harbor Framework.

Ongoing Privacy Guidance

US-EU and US-Swiss Safe Harbor Privacy Assessments also provides you with access to ongoing privacy guidance as it relates to your TRUSTed Assessment, including new regulations, product plans, geographic expansion, and acquisitions. You’ll get access to TRUSTe Privacy Solutions experts along with Educational Webinars, Seminars, White Papers, and Research Reports.

TRUSTe Privacy Professionals

TRUSTe Privacy Services are delivered by our Privacy Consultants and Privacy Services Managers, a team of recognized data privacy experts with significant experience conducting privacy assessments. Our team has a unique hybrid background of privacy, technology, business process, and project management experience. All are CIPP trained or certified, many have law degrees, and have hands-on experience working for a wide range of companies including Adobe, American Express, Citrix, Comcast, HSBC Bank, IBM, Kimberly-Clark, Microsoft, Pfizer, and many more.

Our privacy team leverages nearly 20 years experience delivering data privacy management solutions for thousands of global brands along with our comprehensive technology platform. We also have key regulatory relationships and are a leading provider of privacy services supporting regulatory and self-regulatory compliance programs for a wide range of agencies including APEC, DOC, DAA, EDAA, and FTC.

TRUSTe Technology Platform

Our Data Privacy Management Services leverage the TRUSTe Platform, a comprehensive, SaaS technology solution that provides state of the art assessment management, compliance control, and website scanning / monitoring capabilities.

Data privacy management platform from TRUSTe offering web, cloud, mobile and ad privacy solutions.

Be in Good Company


  1. Comprehensive Suite
  2. Global Presence
  3. Regulatory Experience
  4. Robust Platform
  5. Flexible Support
  6. Cost Effective
  7. Cross-Industry Experience
  8. Trusted Brand
  9. Learn More »