KIXEYE Inc. GENERAL EEA/CH SAFE HARBOR NOTICE
EFFECTIVE DATE: April 1, 2013
SCOPE OF SAFE HARBOR CERTIFICATION KIXEYE Inc. (“we”) recognize(s) that the European Community has established a data protection regime pursuant to Directive 95/46/EC (the “Directive”). The Directive applies to the European Economic Area (“EEA”). Switzerland has also established a data protection regime pursuant to the Federal Act on Data Protection (“FADP”). These regimes restrict companies in the EEA and Switzerland (collectively, “EEA/CH”) from transferring personal data about individuals in the EEA/CH to the United States, unless there is “adequate protection” for such personal data when it is received in the United States.
To create such “adequate protection” and allow its subsidiaries and business partners to overcome the restriction on international data transfers established by the Directive and the FADP, KIXEYE Inc. adheres to the Safe Harbor Privacy Principles published by US Department of Commerce (“Safe Harbor Principles”) with respect to personal data about individuals in the EEA/CH that subsidiaries, customers and other business partners in the EEA/CH send to KIXEYE Inc. (“EEA/CH Data”). More information on the Safe Harbor Principles and KIXEYE Inc.’s scope of participation is available at http://export.gov/safeharbor/.
SCOPE OF THIS NOTICE This Notice applies to EEA/CH Data relating to data subjects residing in the EEA/CH (“EEA/CH Persons”) KIXEYE Inc. receives from affiliated and unaffiliated companies, except personal data that we receive in the context of employment with KIXEYE Inc. or one of our subsidiaries. Separate notices address such excepted situations. KIXEYE Inc.’s Safe Harbor Certification does not extend to data that KIXEYE Inc. receives directly through www.kixeye.com.
Categories of EEA/CH Data
We receive certain information related to individual independent contractors, and employees and individual representatives of KIXEYE Inc.’s corporate business partners (including vendors and advertising customers). Such EEA/CH Data includes, without limitation, names, addresses, work phone numbers, work email addresses, and any other personal data that are affirmatively provided to KIXEYE Inc. in order to manage our business relationship.
We also provide data processing services to affiliated and unaffiliated entities, including KIXEYE B.V. We process any information that such entities instruct us to process, on their behalf and subject to their direction. When we receive EEA/CH Data from another company in the EEA/CH for processing, the categories of data sent and the purposes of processing depend on such other company (the data controller) and on the relationship the data controller has with the relevant data subjects.
Purposes We collect and use EEA/CH Data in order to manage business relationships with other companies or to process EEA/CH data on behalf of affiliated and unaffiliated entities.
DISCLOSURE We share EEA/CH Data with our subsidiaries, affiliates and contractors. We also share EEA/CH Data with other third parties as instructed by us and in order to comply with our binding contracts and as required or permitted by law.
With respect to marketing e-mails from KIXEYE Inc., EEA/CH Persons may opt-out by submitting an e-mail request to [please insert email address, e.g., firstname.lastname@example.org] with “Opt-Out” in the subject line, or by following opt-out instructions that are contained in each marketing email. EEA/CH Persons may also send an email to this address to ask to opt-out of disclosures to third parties, but such a limitation on data sharing may make it difficult or impossible for KIXEYE Inc. to provide services. We may also disclose EEA/CH Data if legally required or permitted by law and we have a legitimate business interest in such disclosure.
ACCESS AND REVIEW EEA/CH Persons whose EEA/CH Data KIXEYE Inc. holds as a data controller may request access to, and the opportunity to update, correct or delete some or all of the EEA/CH Data that KIXEYE Inc. holds about them. To submit such requests or raise any other questions, please contact the KIXEYE Inc. Safe Harbor Contact as described below. KIXEYE Inc. reserves the right to take appropriate steps to authenticate an applicant’s identity, charge an adequate fee before providing access and deny requests, except as required by the Safe Harbor Principles. EEA/CH Persons whose EEA/CH Data KIXEYE Inc. holds as a data processing service provider for affiliated or unaffiliated corporate business partners must direct access requests to the data controller to whom they originally provided consent and the relevant EEA/CH Data.
SAFE HARBOR CONTACT Please e-mail any comments or questions regarding our safe harbor compliance to email@example.com (Attn: Safe Harbor). If you have a comment or question that cannot be resolved with KIXEYE Inc. directly, you may contact the competent local data protection authority in your EEA/CH Member State if it falls within the scope of this Notice.