At Auth0, our continuing mission is to secure the world’s identities so innovators can innovate. The core to delivering this mission is trust, including Auth0’s commitment to security and privacy.
Auth0 welcomes the new Standard Contractual Clauses (“new SCCs”) issued by the European Commission, and is happy to see that they reflect a broader set of transfer scenarios and the European Court of Justice’s (ECJ) decision in the Schrems II case last year.
As required by the European Commission’s decision, Auth0 will begin using the new SCCs for new customers on or before September 27, 2021 (with a goal of late July / early August). Once we have a generally available version of a new Data Processing Addendum (DPA) that incorporates the new SCCs, we will also be able to make this available to existing customers.
Once we have had an opportunity to consider final guidance on the new SCCs to be provided by the European Data Protection Board, we will update this post to summarize the transition program, including issues such as:
- Whether we anticipate making changes to our form of Subscription Agreement
- What changes we will be making to our DPA (“new DPA”)
- How existing customers will be able to transition to the new DPA and new SCCs
During this transition period, we will continue to adhere to existing contractual obligations set out in the existing Standard Contractual Clauses (“old SCCs”) that are available here.
Lucy McGrath VP, Privacy, and Data Protection Officer Auth0, Inc