EU-U.S. and Swiss-U.S. privacy shield notice

On July 16, 2020, the Court of Justice of the European Union issued a judgment declaring as “invalid” the European Commission’s Decision (EU) 2016/1250 of 12 July 2016 on the adequacy of the protection provided by the EU-U.S. Privacy Shield. As a result of that decision, the EU-U.S. Privacy Shield Framework is no longer a valid mechanism to comply with EU data protection requirements when transferring personal data from the European Union to the United States. That decision does not relieve participants in the EU-U.S. Privacy Shield of their obligations under the EU-U.S. Privacy Shield Framework

On September 8, 2020 the Federal Data Protection and Information Commissioner (FDPIC) of Switzerland issued an opinion concluding that the Swiss-U.S. Privacy Shield Framework does not provide an adequate level of protection for data transfers from Switzerland to the United States pursuant to Switzerland’s Federal Act on Data Protection (FADP). As a result of that opinion, organizations wishing to rely on the Swiss-U.S. Privacy Shield to transfer personal data from Switzerland to the United States should seek guidance from the FDPIC or legal counsel. That opinion does not relieve participants in the Swiss-U.S. Privacy Shield of their obligations under the Swiss-U.S. Privacy Shield Framework.

To the extent that Privacy Shield participation is no longer sufficient for meeting our on-going regulatory compliance needs, the company will rely on the SCC based agreements that we have in place, or will avail itself of the other mechanisms for compliance with data protection regulations which were previously fulfilled by participation in the Privacy Shield Program.

However, the commitments made to the Dept. of Commerce and to our employees and customers will continue to be part of the privacy and personal data protection program.

If your data has been transferred to the U.S. in the past under the Privacy Shield Framework and you would like to exercise your rights to access your personal data and to limit the use and disclosure of your personal data you can submit a request at:
(https://boeing.com/privacy/rightsexerciseportal).

Please use one of the following channels for any inquires or complaints:

Jeppesen maintains its membership to the Judicial Arbitration and Mediation Services (JAMS). Jeppesen’s Dispute Resolution provider under the EU-U.S. Privacy Shield or the Swiss-U.S. Privacy Shield Frameworks. JAMS is recourse mechanisms available to investigate unresolved complaints and is a system of ADR by an independent third party. JAMS. For additional information access the JAMS website at https://www.jamsadr.com/eu-us-privacy-shield.

Jeppesen is subject to the investigatory and enforcement powers of the FTC, the Department of Transportation or any other U.S. authorized statutory body.

Individuals have the possibility, under certain circumstances, to invoke binding arbitration for complaints not resolved by any of the above mechanisms.

Further information about the Privacy Shield Framework can be found at: www.privacyshield.com