Data Protection
following the
ECJ ruling

What companies must now consider
when handling data and software

Is your data transmission suddenly legal?

A data transfer based on the European-American data protection agreement (privacy shield) is not compatible with data protection in the EU. This was decided by the European Court of Justice (ECJ) on 16 June 2020.

So if your company stores personal data with providers from third countries, such as the USA, this could be illegal with immediate effect. Because by tilting these privacy shields you are obliged, so to speak, "overnight" to make your data streams secure and legally compliant. Otherwise, you could face severe fines.

The question is how? Because many software products are still not on the legally compliant side - and may never be.

Secure your data protection now – Protect yourself against penalties

What challenges are you facing? We analyze your software architecture for potential problems and give recommendations for action. We help you with solutions, data migration, software migration and reorganization of your processes.We are happy to advise you - free of charge and without obligation.



privacy shield-USA-Europe
Clean & Elegant
Fully Responsive

Privacy Shield invalid -
what does that actually mean?

The "Privacy Shield" is the informal data protection agreement negotiated between the European Union and the USA from 2015 to 2016. The already controversial agreement was used by companies to transfer personal data of European citizens to the United States. The problem here was that, according to American law, the US government could access the information at will.

The ECJ therefore declared the Privacy Shield invalid. The requirements for data protection were not guaranteed by European standards. As a result, data transfers are now illegal if the data transfer is based solely on the Privacy Shield.

Personal data may only be transferred from Europe to the USA if it is protected there more effectively than before against access by the American security authorities. The supervisory authorities are now called upon to control the processes more strictly. Violations of these regulations could result in severe fines.

Data Protection
The elimination of the US-EU Privacy Shield

Major challenges for the use of personal data in marketing, sales and customer service

  • How to identify risks in your software landscape and data management
  • How to avoid costly breaches of the European General Data Protection Regulation (GDPR)
  • What your company must now consider when handling data and software

Download now

Not all software tools are legally compliant

Do your software applications comply with the new data protection regulations? Will your personal data be protected beyond the previous Privacy Shield level when transferred to the USA - whether it is your marketing automation, CRM software, service hubs or a customer data platform? If not, then you run the risk of facing fines and injunctions.

The problem: Unfortunately, not all software vendors from third countries, such as the USA, for example, offer the same legal standards:


Some software vendors make no effort whatsoever to make data transfer and data storage legally secure.

Others are at least trying to fix the problem.

A small number managed to react in advance and have aligned data transfer and data storage with European law.

Are your software products EU-DSGVO compliant?

If your cloud systems that work with personal data (such as marketing automation, CRM, e-commerce, etc.) come from a US provider, the tilting of the privacy shield could now be a violation of the European Data Protection Regulation (EU-DSGVO). This is the case when:

Your data is stored completely in the USA.
Your data is stored in the EU but mirrored to the USA.
Your data is stored in the EU, but administrators in the USA have access to it.

If you are not sure whether your data transfer and the storage of the information complies with the legal basis of the EU-DSGVO - contact us. Our experts from Thought Leader Systems will be happy to advise you!

Be on the legally correct side with Thought Leader Systems

Our experts help you to carry out a comprehensive inventory of your existing software landscape. We take a close look at which digital services your company actually uses and which companies are behind these services: Are they European providers or providers from third countries like the USA?

If this is the case, we will carry out a detailed examination of compliance with data protection standards.

If it turns out in the future that your tools will not be compliant with DSGVO, Thought Leader Systems will give you recommendations on how best to switch to a secure product. No matter whether it is data migration, your processes or the interfaces to other systems - we are at your side as an experienced partner in all questions and concerns. Using a roadmap, we help your team to familiarize itself with new, legally compliant software and to find new, effective business objectives. With our full service, which you can take advantage of either on an interim or permanent basis, you are therefore not only always on the safe side in terms of data protection, but will also work even more successfully in the future.