Unbounce Convertables & EU-US Privacy Shield


#1

I’ve been using unbounce convertables for a month on a EU hosted website that promotes an EU business.
Unbounce stores cookies and other information about visitors and its privacy page says that datas can be transfered to US data centers. Visitors are informed about cookies and data collection.
Will I have privacy issues as unbounce is not listed among the companies that comply to the EU-US Privacy Shield?
It should be different with landing pages as the page itself (where data is collected) is hosted by a canadian based company. Convertables on the other hand are just a layer upon a EU website…
Is there any european user that can help me?


#2

Hey there!

Sorry it took me a bit to respond to this, I had to go through the departments to make sure I had the most up to date information surrounding this topic.

We are not privacy shield certified, and any lead data collected by a Convertable (or Unbounce page for that matter) will be stored in the US.

If you have any further questions regarding security, send me a DM and I’ll put you in touch with the right team here :wave::relaxed:

Happy Monday!


#3

Thank you Jess for the information. It doesn’t solve EU privacy issues though…

Can you tell me if Unbounce is going to/planning to certify for the EU-US Privacy Shield in the next future?

Thanks

Carlotta


#4

Hello,

i can’t find unbounce in the Privacy Shield List (www.privacyshield.gov/list). Could you please send me proof of certification (Llink)?

Thanks.
Mathias


#5

Hi guys, since Unbounce is not Privacy Shield certified, can Unbounce give guarantees that personal data is only processed in the EU? With that I mean lead data as well as IP addresses and cookies. Thanks, Tim


#6

Hi Tim,

As Unbounce isn’t a US company under FTC regulation, it isn’t possible for us to self-certify under Privacy Shield. However, as part of our GDPR compliance efforts, we moved our leads database to the EU, meaning all past, present, and future lead data collected are stored in Europe. Unbounce first party cookies are anonymous – they associate a conversion event (not a person) with a specific page or variant, and are not used to collect, store, or transmit personal data – and are therefore not in scope for GDPR.

Unbounce customer account data (i.e. the name, email address, etc. that are used when signing up for an Unbounce account) are stored in the United States. Any Unbounce customer can enter into a Data Protection Agreement with us, wherein the legal basis for any such data transfer is the EU’s Standard Contractual Clauses, included as Annex III.

I hope this helps provide clarification.

All the best,
Bethany Singer-Baefsky
Unbounce Data Protection Officer and Compliance Specialist