Effective: December 13, 2014
“Personal Information” means information that (1) is transferred from the EU to the United States; (2) is recorded in any form; (3) is about, or pertains to a specific individual; and (4) can be linked to that individual.
“Sensitive Personal Information” means personal information that reveals race, ethnic origin, sexual orientation, political opinions, religious or philosophical beliefs, trade union membership or that concerns an individual’s health.
The Company shall inform an individual of the purpose for which it collects and uses the Personal Information and the types of non-agent third parties to which the Company discloses or may disclose that Information. The Company shall provide the individual with the choice and means for limiting the use and disclosure of their Personal Information. Notice will be provided in clear and conspicuous language when individuals are first asked to provide Personal Information to the Company, or as soon as practicable thereafter, and in any event before the Company uses or discloses the Personal Information for a purpose other than for which it was originally collected. The Company has developed notice and accompanying opt-in policy that requires the individual whose Personal Information the Company will receive to specifically opt-in or, alternatively, refuse to consent to the collection of such data.
The Company will offer individuals the opportunity to choose whether their Personal Information is (1) to be disclosed to a third party or (2) to be used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual. For Sensitive Personal Information, the Company will give individuals the opportunity to affirmatively or explicitly consent to the disclosure of the information for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual. The Company shall treat Sensitive Personal Information received from an individual with a similar level of care as the individual would treat it.
Prior to disclosing Personal Information to a third party, the Company shall notify the individual of such disclosure and allow the individual the choice of such disclosure. The Company shall ensure that any third party for which Personal Information may be disclosed subscribes to the Principles or are subject to law providing the same level of privacy protection as is required by the Principles and agree in writing to provide an adequate level of privacy protection. As part of the Company’s opt-in policy, the individual will be asked to consent to the transfer of certain Personal Information to the Company’s client.
The Company shall take reasonable steps to protect the Personal Information from loss, misuse and unauthorized access, disclosure, alteration and destruction. The Company has put in place appropriate physical, electronic and managerial/administrative procedures to safeguard and secure the Personal Information from loss, misuse, unauthorized access or disclosure, alteration or destruction. Though the Company will take reasonable steps to ensure the privacy and security of the Personal Information, it cannot guarantee the security of Personal Information on or transmitted via the Internet. The Company shall make individuals aware of this limitation and to the extent data is transmitted via the Internet, the individuals will be asked to consent to such transmission.
The Company shall only process Personal Information in a way that is compatible with and relevant for the purpose for which it was collected or authorized by the individual. To the extent necessary for those purposes, the Company shall take reasonable steps to ensure that Personal Information is accurate, complete, current and reliable for its intended use. The Company will take reasonable steps to correct any inaccurate or incomplete data it may find while processing the Personal Information and may ask the individual to update and/or supplement the Personal Information held by the Company.
The Company shall allow an individual access to their Personal Information and allow the individual to correct, amend or delete inaccurate information, except where the burden or expense of providing access would be disproportionate to the risks to the privacy of the individual in the case in question or where the rights of persons other than the individual would be violated. The individual may not be granted access to work product of the Company, but will be given access to the Personal Information upon which the work product is based. An individual may submit Personal Information to the Company from time to time for certain specific purposes. The individual may not be able to access such Personal Information once it is submitted to the Company.
If a complaint or dispute cannot be resolved through our internal process, we agree to dispute resolution using BBB EU Safe Harbor as a third party resolution provider. You may contact the BBB EU Safe Harbor program via the following web address: www.bbb.org/us/safe-harbor-complaints
Information Subject to Other Policies