If your company transfers consumer data from the European Union to the U.S., you’ll want to know about the U.S.-EU Safe Harbor Program, a voluntary international privacy framework that lets companies transfer data from the EU to the U.S. in a way that complies with EU law.
To participate in the U.S.-EU Safe Harbor Program, a company has to self-certify that it abides by seven principles: notice, choice, onward transfer, security, data integrity, access, and enforcement. To help your customers in the EU understand the program, point them to Information for EU Residents Regarding the U.S.-EU Safe Harbor Program.
The Department of Commerce website has more information about the Safe Harbor program and a list of companies that currently participate. The FTC’s U.S.-EU Safe Harbor Framework page has guidance materials and details about the agency’s Safe Harbor law enforcement efforts.