Prominic.NET, Inc. EU-US Privacy Shield
This EU-US Privacy Shield Policy (“Policy”) sets forth the privacy principles Prominic.NET, Inc. (“Prominic”) follows with respect to transfers of personal information from European Union countries to the United States. This policy covers only non-HR data.
“Personal data” and “personal information” are data about an identified or identifiable individual, received by Prominic from the European Union, and recorded in any form. “Sensitive personal data” and “Sensitive personal information” means personal information that reveals medical or health conditions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership or information specifying the sex life of the individual.
This Policy applies to all personal information received by Prominic in the United States from the EU, in any format including electronic, paper or verbal.
The privacy principles (“Principles”) in this Policy are based on the EU-US Privacy Shield Directive on Data Protection (“Directive”).
NOTICE: Prominic will notice EU individuals about the purposes for which it collects and uses information about them, the types of third parties to which it discloses the information, and the choices and means Prominic offers individuals for limiting its use and disclosure.
Notice will be provided in clear and conspicuous language when individuals are first asked to provide personal information to Prominic or as soon thereafter as is practicable, but in any event before Prominic uses such information for a purpose other than that for which it was originally collected or processed by Prominic or discloses it for the first time to a third party. Prominic does not disclose personal information to third parties for commercial purposes. Prominic only discloses personal information to law enforcement or other authorities when required to do so by law.
CHOICE: Prominic offers EU individuals the opportunity to choose (opt out) whether their personal information is:
(a) to be disclosed to a third party or
(b) to be used for a purpose that is incompatible with the purpose(s) for which it was originally collected or subsequently authorized by the individual.
Individuals will be provided with clear and conspicuous, readily available, and affordable mechanisms to exercise choice.
For sensitive information, Prominic will offer individuals an explicit (opt in) choice if the information is to be disclosed to a third party or used for a purpose other than those for which it was originally collected or subsequently authorized by the individual through the exercise of opt in choice. Prominic will treat as sensitive any information received from a third party where the third party treats and identifies it as sensitive.
ONWARD TRANSFER: To disclose information to a third party, Prominic will apply the Notice and Choice Principles above.
Prominic will only transfer information to a third party that is acting as an agent if it first either ascertains that the third party subscribes to this Policy. If Prominic has knowledge that an agent is using or disclosing personal information in a manner contrary to this Policy, Prominic will take reasonable steps to prevent or stop the use or disclosure. Prominic is liable in cases of onward transfers to third parties.
SECURITY: Prominic will take reasonable precautions to protect personal information from loss, misuse and unauthorized access, disclosure, alteration and destruction.
DATA INTEGRITY: Consistent with the Principles, personal information must be relevant for the purposes for which it is to be used. Prominic will not process personal information in a way that is incompatible with the purposes for which it has been collected or subsequently authorized by the individual. To the extent necessary for those purposes, Prominic will take reasonable steps to ensure that data is reliable for its intended use, accurate, complete, and current.
ACCESS: Prominic will ensure that individuals have access to personal information about them that Prominic holds and are able to correct, amend, or delete that information where it is inaccurate, except where the burden or expense of providing access would be disproportionate to the risks to the individual’s privacy in the case in question, or where the rights of persons other than the individual would be violated.
ENFORCEMENT: Prominic will conduct compliance audits of its relevant privacy practices to verify adherence to this Policy. Any employee that Prominic determines is in violation of this policy will be subject to disciplinary action up to and including termination of employment.
In compliance with the Privacy Shield Principles, Prominic.NET commits to resolve complaints about our collection or use of your personal information. EU individuals with inquiries or complaints regarding our Private Shield policy should first contact Prominic.NET at:
P.O. Box 7301
Champaign, IL 61826-7301 US Email: email@example.com
Prominic.NET has further committed to cooperate with EU data protection authorities (DPAs) with regard to unresolved Privacy Shield complaints concerning data transferred from the EU. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact the EU DPAs for more information or to file a complaint. The services of EU DPAs are provided at no cost to you.
Individuals may under certain conditions invoke binding arbitration. This arbitration option is available to an individual to determine, for residual claims, whether Prominic has violated its obligations under the Principles as to that individual, and whether any such violation remains fully or partially unremedied. This option is available only for these purposes.
Prominic.NET is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).
Prominic.NET is required to disclose personal information in response to lawful requests by publics authorities, including to meet national security or law enforcement requirements.
Changes to this Policy
Prominic.NET may occasionally change this Policy in accordance with the requirements of the Privacy Shield Principles. Prominic will provide appropriate public notice about any such changes.
Effective Date: 11/29/2016
To learn more about the EU-US Privacy Shield program, and to view Prominic.NET’s certification, please visit https://www.privacyshield.gov