announcements

Auth0 Statement on New Standard Contractual Clauses issued by European Commission

Auth0 is preparing new documentation for its customers with European users.

Jun 15, 20212 min read

At Auth0, our continuing mission is to secure the world’s identities so innovators can innovate. The core to delivering this mission is trust, including Auth0’s commitment to security and privacy.

Auth0 welcomes the new Standard Contractual Clauses (“new SCCs”) issued by the European Commission, and is happy to see that they reflect a broader set of transfer scenarios and the European Court of Justice’s (ECJ) decision in the Schrems II case last year.

As required by the European Commission’s decision, Auth0 will begin using the new SCCs for new customers on or before September 27, 2021 (with a goal of late July / early August). Once we have a generally available version of a new Data Processing Addendum (DPA) that incorporates the new SCCs, we will also be able to make this available to existing customers.

Once we have had an opportunity to consider final guidance on the new SCCs to be provided by the European Data Protection Board, we will update this post to summarize the transition program, including issues such as:

  • Whether we anticipate making changes to our form of Subscription Agreement
  • What changes we will be making to our DPA (“new DPA”)
  • How existing customers will be able to transition to the new DPA and new SCCs

During this transition period, we will continue to adhere to existing contractual obligations set out in the existing Standard Contractual Clauses (“old SCCs”) that are available here.

Lucy McGrath VP, Privacy, and Data Protection Officer Auth0, Inc