The United States Department of Commerce and the European Commission have agreed on a set of data protection principles to enable U.S. companies to satisfy the requirement under European Union law that adequate protection be given to personal information transferred from the EEA to the United States (the "U.S.-EU Safe Harbor"). The EEA also has recognized the U.S.-EU Safe Harbor as providing adequate data protection (OJ L 45, 15.2.2001, p.47). The United States Department of Commerce and the Federal Data Protection and Information Commissioner (FDPIC) of Switzerland have agreed on a similar set of principles and frequently asked questions to enable U.S. companies to satisfy the requirement under Swiss law that adequate protection be given to personal information transferred from Switzerland to the United States (the “U.S.-Swiss Safe Harbor”). Consistent with its commitment to protect personal privacy, Reltio adheres to the principles set forth in the U.S.-EU Safe Harbor and the U.S.-Swiss Safe Harbor (the “Safe Harbor Principles”).
For purposes of this Policy, the following definitions shall apply:
“Reltio” means Reltio Inc. and its predecessors, successors, subsidiaries, divisions and groups in the United States.
“Personal information” means any information or collection of information that identifies or could be used to identify an individual. Personal information does not include information that is anonymous, encrypted, stripped of identifying details, or aggregated. In addition, publicly available information is not personal information except where it has been combined with non-public personal information.
“Sensitive personal information” means personal information that could including the following:
In addition, Reltio will treat as sensitive personal information any information received from a third party where that third party treats and identifies the information as sensitive.
The privacy principles in this Policy rely on the Safe Harbor Principles.
NOTICE: Where Reltio collects non-public personal information directly from EEA data subjects, Reltio provides those persons with an explanation about the types of information collected or maintained, how such information is maintained and protected, and how to contact Reltio to request review, correction or deletion of such information. Where Reltio receives personal information of EEA data subjects collected by third party companies for transfer to the United States, Reltio requires those companies to confirm that the personal information has been provided to Reltio in accordance with the applicable EU Member State data protection law to ensure the individuals have been provided with appropriate notice regarding how their information will be used (for more information, see the section entitled “Information Processed on Behalf of Third Parties”). Personal information is never disclosed to a third party without consent of the affected individual(s).
In certain limited cases and only where authorized by Safe Harbor principles, Reltio may be unable to provide notice of disclosure of personal information to affected person(s). For example, Safe Harbor principles do not require notice where disclosure of personal information is required to comply with a court or other valid governmental order or inquiry, where applicable laws or regulations waive notice requirements, or where protection of legitimate Reltio legal interests would be compromised by notice.
CHOICE: Reltio only uses data for its intended purpose and for the purpose authorized by the individual. Voluntary provision of personal information including first name, last name, e-mail address and company name will constitute authorization to use it for its intended purpose.
Individuals may contact Reltio to inquire about personal information, request changes to that data or have the data deleted or removed.
DATA INTEGRITY: Reltio will take reasonable steps to ensure that personal information is complete, accurate and reliable for the purposes for which the information was obtained or authorized.
INFORMATION PROCESSED ON BEHALF OF THIRD PARTIES: Reltio provides hosted services and applications to third party companies. As part of providing these hosted services or applications, Reltio may receive and process your personal information if you are a customer, client or employees of one of these companies. When Reltio provides these services, we are referred to as a data processor. As a data processor, Reltio acts on the instructions of these companies and uses reasonable physical, electronic, and administrative safeguards to protect this personal information from loss; misuse; or unauthorized access, disclosure, alteration, or destruction. Companies that use a Reltio service or application are responsible for complying with all other obligations in relation to the personal information they may collect from you and transfer to Reltio, including providing notice and obtain consent to the extent required.
TRANSFERS TO THIRD PARTIES: Reltio uses third party companies and individuals (“Third Parties”) to perform functions or services on Reltio’s behalf. Such Third Parties may have access to personal information needed to perform their functions, but are restricted from using the personal information for purposes other than providing services for Reltio or to Reltio. Reltio will obtain assurances from its Third Parties that they subscribe to the Safe Harbor Privacy Principles, be subject to the EU Privacy Directive or another adequacy finding, or enter into a written agreement that requires them to provide at least the same level of privacy protection as is required by this Privacy Statement. Where Reltio has knowledge that an Third Party is using or disclosing personal information in a manner contrary to this Privacy Statement, Reltio will take reasonable steps to prevent or stop the use or disclosure.
ACCESS AND CORRECTION: If an individual in the EEA from whom Reltio has directly collected personal information requests access, Reltio will grant that individual access to his or her personal information. Reltio will permit such individuals to correct demonstrably inaccurate information. Reltio will grant access and permission to correct data in a way that does not jeopardize the privacy of other stakeholders or the integrity of the data.
SECURITY: Reltio has taken commercially reasonable precautions to protect personal information in its possession. Reltio has reasonable physical and information technology security in place to protect the data. Reltio further supplements these measures through operational procedures and staff training.
ENFORCEMENT: Reltio has established internal processes and governance to support Safe Harbor Principles. Any employee that Reltio determines is in violation of this Privacy Statement will be subject to disciplinary action up to and including termination of employment.
DISPUTE RESOLUTION: Any questions or concerns regarding the use or disclosure of personal information should be directed to the Reltio Support at the address given below. Reltio will investigate and attempt to resolve complaints and disputes regarding use and disclosure of personal information by reference to the principles contained in this Privacy Statement. Complaints that cannot be resolved between Reltio and the complainant can be referred to an independent dispute resolution mechanism. Reltio uses the BBB EU Safe Harbor Program, which is operated by the Council of Better Business Bureaus. If you feel that Reltio has not satisfactorily addressed your complaint, you can visit the BBB EU Safe Harbor Program web site at www.bbb.org/us/safe-harbor-complaints for more information on how to file a complaint.
Adherence by Reltio to these Safe Harbor Principles may be limited (a) to the extent required to respond to a legal or ethical obligation; (b) to the extent necessary to meet national security, public interest or law enforcement obligations; and (c) to the extent expressly permitted by an applicable law, rule or regulation.
Questions or comments regarding this Safe Harbor Privacy Statement should be submitted to the Reltio Support by mail to:
Attn: Customer Care
100 Marine Parkway Suite 275
Redwood Shores, CA 94065
Or by e-mail to the firstname.lastname@example.org
This Privacy Statement may be amended from time to time, consistent with the requirements of the Safe Harbor Principles. A notice will be posted on the Reltio web page (www.reltio.com) for 60 calendar days whenever this Privacy Statement is changed in a material way.