The Privacy Pact is a voluntary legally binding mechanism for entities located outside of the European Union to voluntarily contractually commit to respect and conform to European Data Protection Law (i.e. Regulation 679/2016 – “GDPR”, Directive 2002/58/EC – “E-Privacy Directive”).

It provides organizations located in Japan, Korea, China and US with a respected and trustworthy label that shows a commitment to comply with European privacy and data protection law. As such, it provides a potential way of building trust in an organisation’s data privacy practices when developing business activities in one of the largest markets in the world, the European Union.

Privacy PACT has been developed by the European research project Privacy Flag, and is run as an open service, with oversight by legal experts.

The PACT is provided upon payment of a small application fee intended to support the service. For further information, visit the website

Companies adhering to the PACT will have to re-sign the PACT Voluntary Compliance Tool (Voluntary Compliance Commitment Tool -VCCT) annually, in order to demonstrate stable commitment to privacy compliance.

Once the contract has been signed (or resigned), PRIVACY PACT will provide a certified label in order to allow companies to demonstrate their compliance with European data protection standards.

Additionally, the Privacy Flag website will contain a publicly disclosed list of the names of privacy compliant companies signed up to the PRIVACY PACT.