Our security policy is in compliance with European Union (EU) General Data Protection Regulation (GDPR) requirements.
Alignment with EU-US Privacy Shield Framework
More details on the EU-US Privacy Shield are available at: https://www.privacyshield.gov/
Types of Personal Data
We collect PII such as Name, Physical Address, Email Address, and Phone Number, to provide customer support and account management services. We do not ever share this PII outside of our organization, and we do not ever sell our customers’ PII under any circumstances. We are committed to abiding by the seven Principles of the Privacy Shield framework:
Purposes for Collecting and Using Personal Data
We collect PII for the purposes of providing customer support and account management. We only use the PII that we collect to remain in contact with our customers, understand their needs, and respond to their requests. Again, we do not share our customers’ PII outside the organization.
The Right of Individuals to Access Their Personal Data
Individuals from whom we have collected PII have the right to request that we divulge any personal data related to them that we store and use in the conduct of our operations. Our customers can request that we correct, amend, or delete that PII where it is inaccurate, or has been processed in violation of the Principles established in the EU-US Privacy Shield Framework, except where the burden or expense of providing access would be disproportionate to the risks to the individual’s privacy in the case in question, or where the rights of persons other than the individual would be violated.
Limiting the Use of Your Personal Data
Our customers have the right to request that we share with them exactly how we use their PII and who has access to that PII. We will comply with requests from our customers to restrict access to their PII. Such restrictions can include deletion of the PII in question from our systems and records.
How to Contact Us with Inquiries or Complaints
If you have a question or concern about your PII stored on our systems, you can reach out to us by emailing firstname.lastname@example.org. You can also call us at 703-860-1111.
We will respond to must respond to a customer inquiry within 45 days of receiving a question or complaint.
Third Party Disclosure of Personal Information
We do not disclose our customers’ PII to third parties.
Independent Dispute Resolution
Customers are encouraged to raise any complaints they may have before proceeding to independent recourse mechanisms. In the event that an independent dispute resolution is required, the burden of all fees fall on us, per the guidelines set forth in the US Privacy Shield system.
We will use JAMS International as our provider for Independent Dispute Resolution. The website for JAMS Privacy Shield dispute resolution is:
The Privacy Shield Panel (consisting of one or three arbitrators, as agreed by the parties) has the authority to impose individual-specific, non-monetary equitable relief (such as access, correction, deletion, or return of the individual’s data in question) necessary to remedy the violation of the Principles only with respect to the individual. These are the only powers of the arbitration panel with respect to remedies. In considering remedies, the arbitration panel is required to consider other remedies that already have been imposed by other mechanisms under the Privacy Shield. No damages, costs, fees, or other remedies are available. Each party bears its own attorney’s fees.
Lawful Disclosure to Public Authorities
We may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Liability for Transfer of Personal Data to Third Parties
We do not share PII with third parties; but, if we were to do so for any reason, we would be liable to ensure that all appropriate measures were being taken to secure and properly handle all PII, according the Principles set forth in the US Privacy Shield program.