This Policy provides privacy principles that Retarus (the “Company”) follows with respect to transfers of personal information from the European Economic Area (EEA) to the United States.
The privacy principles in this Policy are based on the Safe Harbor Principles. More information regarding the U.S.-EU Safe Harbor Framework is available at http://export.gov/safeharbor/.
For purposes of this Policy, the following definitions shall apply:
“Agent” means any third party that collects or uses personal information under the instructions of, and solely for, the Company or to which the Company discloses personal information for use on its behalf.
“Personal information” means any information or set of information that identifies or could be used by or on behalf of the Company to identify an individual. Personal information does not include information that is encoded or anonymized or publicly available information that has not been combined with non-public personal information.
“Sensitive personal information” is a subset of Personal Information, and includes information pertaining to an individual’s health or sex life, racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership.
Where the Company collects personal information directly from individuals within the EEA, it will inform them about the purposes for which it collects and uses personal information about them, the types of non-agent third parties to which the Company discloses such information and the choices and means, if any, it offers individuals for limiting the use and disclosure of personal information about them. Notice will be provided in clear and conspicuous language when individuals are first asked to provide personal information to the Company, or as soon as practicable thereafter, and in any event before the Company uses or discloses the information for a purpose other than that for which it was originally collected.
Where the Company receives personal information from its subsidiaries, affiliates or other entities in the EEA, it will use and disclose such information in accordance with the notices provided by such entities and the choices made by the individuals to whom such personal information relates.
The Company will provide individuals with reasonable mechanisms to exercise their choices regarding personal information about them.
The Company will offer individuals the opportunity to opt-out (i.e., choose) whether personal information about them is to be (1) disclosed to a non-agent third party, or (2) used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual.
For sensitive personal information, the Company will provide individuals the opportunity to affirmatively or explicitly consent (opt-in) to the disclosure of the information to a non-agent third party or the use of the information for a purpose other than that for which it was originally collected or subsequently authorized by the individual.
Onward Transfer (Transfers to Agents)
The Company will obtain assurances from its agents that they will safeguard personal information consistent with this Policy. Such appropriate assurances may include the agent’s executing a contract obligating it to subscribe to the relevant Safe Harbor Principles or its being subject to EU Directive 95/46/EC (the EU Data Protection Directive). If the Company learns that an agent is using or disclosing personal information in a manner that is inconsistent with this Policy, the Company will take reasonable steps to prevent or stop such actions.
The Company will take reasonable steps to protect personal information from loss, misuse, unauthorized access, disclosure, alteration and destruction.
The Company will use personal information on file only for purposes that are consistent with those for which it was collected or subsequently authorized by the individual. The Company will take reasonable steps to ensure that the personal information it holds is reliable for its intended use and is accurate, complete, and current.
Access (including Correction)
The Company will offer individuals reasonable access to the personal information about them that it holds in the U.S. under the Safe Harbor. Further, the Company will provide individuals with a reasonable way to correct, amend or delete personal information about them that is demonstrably inaccurate or incomplete.
The Company may set reasonable limits on access and may also charge a reasonable fee to cover the cost of such access.
The Company has implemented mechanisms to verify its adherence to this Policy, including appropriate sanctions for any employees that are determined to be in violation of this Policy (i.e., disciplinary actions up to and including termination of employment).
Questions or concerns regarding the use or disclosure of personal information should be directed to the Retarus Privacy Office at the contact information below. The Company is committed to investigating and attempting to resolve complaints and disputes that may arise regarding this Policy and the use or disclosure of personal information. Should we be unable to resolve any such disputes, the Company will facilitate further resolution, including the submission of such disputes to an independent third party.
Limitation on Application of these Principles
Adherence by the Company to these Safe Harbor Principles may be limited as necessary to meet regulatory, national security, public interest, law enforcement or other legal requirements.
Changes and Amendments
This Policy may be changed from time-to-time, consistent with the requirements of the Safe Harbor Principles.
Broad Street Center
80 Broad Street, 5th floor
New York, NY 10004
Phone: +1 201 268 5950
Fax: +1 201 205 1064
Effective Date: 03/30/2012
messaging services since 1992