Reltio Safe Harbor Policy

Reltio complies with the U.S.-EU Safe Harbor Framework and U.S.-Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland.  Reltio only collects and uses personal information in a manner consistent with the laws of the countries in which it does business.  This Safe Harbor Privacy Policy Statement (the “Privacy Statement”) sets forth the privacy principles Reltio follows with respect to transfers of personal information from the European Economic Area (EEA) and from Switzerland to the United States, including  personal information  (1) collected from  Reltio’s corporate customers, and other business partners located in the EEA and Switzerland, which is then transferred to Reltio in the United States; and (2) received from companies that use one of Reltio’s hosted services or applications who operate in the EEA and Switzerland and is processed by Reltio the United States on behalf of those companies.

SAFE HARBOR PRIVACY POLICY STATEMENT

The United States Department of Commerce and the European Commission have agreed on a set of data protection principles to enable U.S. companies to satisfy the requirement under European Union law that adequate protection be given to personal information transferred from the EEA to the United States (the "U.S.-EU Safe Harbor"). The EEA also has recognized the U.S.-EU Safe Harbor as providing adequate data protection (OJ L 45, 15.2.2001, p.47). The United States Department of Commerce and the Federal Data Protection and Information Commissioner (FDPIC) of Switzerland have agreed on a similar set of principles and frequently asked questions to enable U.S. companies to satisfy the requirement under Swiss law that adequate protection be given to personal information transferred from Switzerland to the United States (the “U.S.-Swiss Safe Harbor”). Consistent with its commitment to protect personal privacy, Reltio adheres to the principles set forth in the U.S.-EU Safe Harbor and the U.S.-Swiss Safe Harbor (the “Safe Harbor Principles”).

SCOPE

This Safe Harbor Privacy Policy Statement (the “Privacy Statement”) governs all personal information received by Reltio in the United States from the EEA and from Switzerland in connection with Reltio business activities.  

DEFINITIONS

For purposes of this Policy, the following definitions shall apply:

“Reltio” means Reltio Inc. and its predecessors, successors, subsidiaries, divisions and groups in the United States.

“Personal information” means any information or collection of information that identifies or could be used to identify an individual. Personal information does not include information that is anonymous, encrypted, stripped of identifying details, or aggregated.  In addition, publicly available information is not personal information except where it has been combined with non-public personal information.

“Sensitive personal information” means personal information that could including the following:

  1. Education, financial transactions, medical history, and criminal or employment history.
  2. Information that can be used to distinguish or trace the individual's identity, including name, social security number, date and place of birth, mother's maiden name, or biometric records.

In addition, Reltio will treat as sensitive personal information any information received from a third party where that third party treats and identifies the information as sensitive.

PRIVACY PRINCIPLES

The privacy principles in this Policy rely on the Safe Harbor Principles.

NOTICE:  Where Reltio collects non-public personal information directly from EEA data subjects, Reltio provides those persons with an explanation about the types of information collected or maintained, how such information is maintained and protected, and how to contact Reltio to request review, correction or deletion of such information.  Where Reltio receives personal information of EEA data subjects collected by third party companies for transfer to the United States, Reltio requires those companies to confirm that the personal information has been provided to Reltio in accordance with the applicable EU Member State data protection law to ensure the individuals have been provided with appropriate notice regarding how their information will be used (for more information, see the section entitled “Information Processed on Behalf of Third Parties”). Personal information is never disclosed to a third party without consent of the affected individual(s).

In certain limited cases and only where authorized by Safe Harbor principles, Reltio may be unable to provide notice of disclosure of personal information to affected person(s). For example, Safe Harbor principles do not require notice where disclosure of personal information is required to comply with a court or other valid governmental order or inquiry, where applicable laws or regulations waive notice requirements, or where protection of legitimate Reltio legal interests would be compromised by notice.

CHOICE: Reltio only uses data for its intended purpose and for the purpose authorized by the individual.  Voluntary provision of personal information including first name, last name, e-mail address and company name will constitute authorization to use it for its intended purpose.

Individuals may contact Reltio to inquire about personal information, request changes to that data or have the data deleted or removed.  

DATA INTEGRITY: Reltio will take reasonable steps to ensure that personal information is complete, accurate and reliable for the purposes for which the information was obtained or authorized.

INFORMATION PROCESSED ON BEHALF OF THIRD PARTIES: Reltio provides hosted services and applications to third party companies. As part of providing these hosted services or applications, Reltio may receive and process your personal information if you are a customer, client or employees of one of these companies.  When Reltio provides these services, we are referred to as a data processor. As a data processor, Reltio acts on the instructions of these companies and uses reasonable physical, electronic, and administrative safeguards to protect this personal information from loss; misuse; or unauthorized access, disclosure, alteration, or destruction. Companies that use a Reltio service or application are responsible for complying with all other obligations in relation to the personal information they may collect from you and transfer to Reltio, including providing notice and obtain consent to the extent required.

TRANSFERS TO THIRD PARTIES: Reltio uses third party companies and individuals (“Third Parties”) to perform functions or services on Reltio’s behalf. Such Third Parties may have access to personal information needed to perform their functions, but are restricted from using the personal information for purposes other than providing services for Reltio or to Reltio.  Reltio will obtain assurances from its Third Parties that they subscribe to the Safe Harbor Privacy Principles, be subject to the EU Privacy Directive or another adequacy finding, or enter into a written agreement that requires them to provide at least the same level of privacy protection as is required by  this Privacy Statement. Where Reltio has knowledge that an Third Party is using or disclosing personal information in a manner contrary to this Privacy Statement, Reltio will take reasonable steps to prevent or stop the use or disclosure.

ACCESS AND CORRECTION: If an individual in the EEA from whom Reltio has directly collected personal information requests access, Reltio will grant that individual access to his or her personal information.  Reltio will permit such individuals to correct demonstrably inaccurate information.  Reltio will grant access and permission to correct data in a way that does not jeopardize the privacy of other stakeholders or the integrity of the data.  

SECURITY: Reltio has taken commercially reasonable precautions to protect personal information in its possession.  Reltio has reasonable physical and information technology security in place to protect the data.  Reltio further supplements these measures through operational procedures and staff training.  

ENFORCEMENT: Reltio has established internal processes and governance to support Safe Harbor Principles.  Any employee that Reltio determines is in violation of this  Privacy Statement will be subject to disciplinary action up to and including termination of employment.

DISPUTE RESOLUTION: Any questions or concerns regarding the use or disclosure of personal information should be directed to the Reltio Support at the address given below. Reltio will investigate and attempt to resolve complaints and disputes regarding use and disclosure of personal information by reference to the principles contained in this  Privacy Statement.  Complaints that cannot be resolved between Reltio and the complainant can be referred to an independent dispute resolution mechanism.  Reltio uses the BBB EU Safe Harbor Program, which is operated by the Council of Better Business Bureaus. If you feel that Reltio has not satisfactorily addressed your complaint, you can visit the BBB EU Safe Harbor Program web site at www.bbb.org/us/safe-harbor-complaints for more information on how to file a complaint.

LIMITATION ON APPLICATION OF PRINCIPLES

Adherence by Reltio to these Safe Harbor Principles may be limited (a) to the extent required to respond to a legal or ethical obligation; (b) to the extent necessary to meet national security, public interest or law enforcement obligations; and (c) to the extent expressly permitted by an applicable law, rule or regulation.

INTERNET PRIVACY

Reltio has developed a Privacy Policy to govern the treatment of personal information collected from its websites and in its various hosted applications.  With respect to personal information that is transferred from the European Economic Area or Switzerland to the U.S., this Privacy Policy is subordinate to this Safe Harbor Privacy Policy Statement.

http://www.reltio.com/privacystatement

CONTACT INFORMATION

Questions or comments regarding this Safe Harbor Privacy Statement should be submitted to the Reltio Support by mail to:

Reltio, Inc.

Attn:  Customer Care

100 Marine Parkway Suite 275

Redwood Shores, CA 94065

Or by e-mail to the privacy@reltio.com

CHANGES TO THIS SAFE HARBOR PRIVACY POLICY STATEMENT

This Privacy Statement may be amended from time to time, consistent with the requirements of the Safe Harbor Principles. A notice will be posted on the Reltio web page (www.reltio.com) for 60 calendar days whenever this Privacy Statement is changed in a material way.

EFFECTIVE DATE: 23 September 2015