What does Schrems II mean for you?

We can help you manage the legal changes in data transfers​

We help clients rapidly respond to the near-term problem of assessing international data transfers and transfer mechanisms, identifying and reviewing existing vendor contracts, and project managing the complex process of updating vendor contracts.


Our approach also helps organizations future-proof their vendor management process and applicable systems in anticipation of additional changes to privacy requirements. Clients will see the immediate impact of this methodology and our reliable project accelerators, as we free up your team to deliver core privacy outcomes.​

How Sentinel Can Help

If you haven’t already determined the impacts of the Schrems II decision you should be asking yourself the following questions:

  • Have you reviewed your privacy program documentation, including Privacy Notices, to assess impact and potential areas of change?​

  • Have you reviewed your service providers to understand which ones are receiving EU data and rely on Privacy Shield?

  •  Have you reviewed your Data Protection Agreements and vendor assessment process to see whether changes are needed?​

  • Have you performed a current assessment of your data flows from the EU to determine where your data currently flows, what data elements are included in the transfer and where the data resides in the US?​

  • Have you conducted a business impact assessment to determine potential impacts of reconfiguring or stopping data flows?​

  • Have you reviewed how your company receives and manages requests from law enforcement or national security agencies?​

  • Have you reviewed your security controls to ensure your sensitive data is encrypted across all transfers and at rest?

Let's talk about options.

Sentinel has a simplified and phased approach to helping clients address the fallout from the Schrems II decision.





Director of Client Services

Director of Client Services

  • Gabriel Scheer
  • Gabriel Scheer


The challenges:

  • What does the decision mean for our organization?​

  • What are our options?​

  • What are our risks?​

  • What are the impacts?

  • Top to bottom review of your privacy program and documentation​

  • Data identification and mapping from the EU to the US​

  • Privacy notice(s) review​

  • Vendor and third-party assessment review​

  • Business impact analysis to empower key stakeholders on decision making​

  • Security controls review to determine level of data protection


The challenges:

  • Implement Standard Contractual Clauses​

  • Implement Binding Corporate Rules​

  • Enhance privacy policies and procedures​

  • Enhance data protection controls

  • Develop and manage project plan and task​

  • Work alongside client stakeholders to complete the work​

  • Identify training requirements; develop and deliver training​

  • Document policies, procedures and processes in order to facilitate continued operations and effectiveness


The challenges:

  • How do we know the controls are effective?​

  • What additional enhancements are required?​

  • Who is responsible and accountable?

  • Provide ongoing staff to support operations (where necessary)​

  • Controls test to ensure program is operational and effective​

  • Set up metrics for ongoing program measurement


Contact Us
If you would like to talk to a member of Sentinel’s privacy team or hear more about how Sentinel can help your organization navigate the impacts from the Schrems II decision, please provide your information and someone from our team will contact you.