EU- U.S. Data Privacy Framework (DPF) & International Data Transfers

As of October 12, 2023, New Relic's certification under the EU-U.S. Data Privacy Framework has been approved, simplifying data transfers from the EU, UK, and Switzerland to the U.S. by eliminating the need for additional mechanisms like Standard Contractual Clauses (SCCs). This certification reflects an adaptation to the Schrems II decision, which had invalidated the Privacy Shield as a compliant data transfer mechanism. The updated Data Privacy Framework introduces binding safeguards, such as limiting U.S. intelligence access and establishing a Data Protection Review Court, thereby addressing previous concerns. New Relic ensures data security and compliance with GDPR through robust technical and organizational measures, independent certifications, and customizable settings that allow customers to control personal data transmission. While New Relic predominantly processes telemetry data relevant to system performance rather than personal data, it provides options for customers to manage and reduce the risk of transmitting sensitive information.