As part of our goal of leading with privacy and security, Boomi has achieved certification under the EU-US Data Privacy Framework.
Boomi’s certification under the Data Privacy Framework applies to personal information that we collect and process in the course of business, as described in our Privacy Statement. It also applies to Customer Personal Data (as defined in the Data Processing Agreement) processed through our Services from the European Union and European Economic Area member states, the United Kingdom, and Switzerland. The types of personal information that our customers process through our Services is at their discretion, which the Boomi services process as instructed.
The Data Privacy Framework
The Data Privacy Framework restores an important mechanism for the cross-border transfer of personal data, while introducing limitations on US surveillance agencies’ access to EU data together with an independent dispute resolution mechanism.
Certification under the Data Privacy Framework reaffirms Boomi’s public commitment to handling your (and your customers’) personal data in accordance with GDPR and reflects our goals of leading with privacy and security in mind, further building and enhancing customer trust. We are committed to maintaining a high level of transparency through the Transfer Impact Assessment and Transparency Report.
Currently, Boomi uses multiple mechanisms to provide our customers with cross-border transfer security and greater customer protection:
- An inter-company data sharing agreement applicable to all Boomi affiliates
- Standard Contractual Clauses (SCCs), which are included in our MSA by default
- The relevant Data Privacy Framework
Leading With Privacy and Security
At Boomi, we take data sovereignty very seriously. Our unique Enterprise Platform solution enables our customers to be compliant within the laws of the country in which their data is processed. Our patented, dynamic runtimes can be deployed on-premises, to help you retain sensitive information keeping the Processed Documents within your IT Infrastructure, providing additional flexibility for customers subject to restrictive data sovereignty type rules or policies. Our runtime can run autonomously, even when connection to the cloud is down giving you further peace of mind that your data will continue to be processed securely.
This certification further validates Boomi’s goal to lead with privacy and security and ends a great year of enhanced third-party audits to ensure our security and compliance controls meet the requirements set out by international standards and frameworks. Today, Boomi has the most certifications of any vendor in the integration and automation space, with third-party independent certifications across 13 international frameworks including SOC, ISO, FedRAMP (US), Cyber Essentials Plus (UK), and IRAP (Australia).
As part of these compliance controls, Boomi delivers end-to-end data security (aligned to GDPR / NIST principles), following best of breed practices for the controls and processes securing your data. Our security practices continue to evolve including the release of Boomi’s key management service, data obfuscation for data hub, Boomi’s data detective AI Agent.
Learn more about Boomi’s compliance efforts across security, privacy, and AI on our compliance page.