EuroDM Ltd. pledges to conduct its business according to the EU Safe Harbor Principles and the Frequently Asked Questions (FAQ's) issued by the US Department of Commerce on July 21, 2000.
Personal information that is transferred to EuroDM Ltd. in the US from the EU falls under one of the following two situations:
- Processor on Behalf - EuroDM Ltd. provides customized computer services designed to help companies manage their customer information more effectively, increase profitability of their marketing and reduce the operational costs of processing customer transactions. In this capacity, EuroDM Ltd. does not own or control any of the information it processes on behalf of EuroDM Ltd.'s customer. All such information is owned and controlled by EuroDM Ltd.'s customer. In this capacity EuroDM Ltd. receives information transferred from the EU to the US merely as a processor on behalf.
- Data Controller - EuroDM Ltd. also provides business and consumer information products designed to help companies market more successfully, integrate and improve the accuracy of their customer information and reduce the operational costs of processing customer data. In this function, EuroDM Ltd. acts as a data controller of the personal information contained in these information products.
EuroDM Ltd. has appointed a Compliance Officer who is responsible for the internal supervision of EuroDM Ltd.'s privacy policies and data security. EuroDM Ltd. is committed to educating its customers and associates (employees) in the US and in the EU about the issues, guidelines and laws surrounding compliance with EU Safe Harbor.
The Compliance Officer and EuroDM Ltd.'s internal legal team is available to any associate (employee) who may have questions concerning EuroDM Ltd.'s EU Safe Harbor privacy policies or data security practices.
Since the requirements for compliance with EU Safe Harbor vary depending on whether EuroDM Ltd. is acting as a processor on behalf of EuroDM Ltd.'s customer or a data controller, EuroDM Ltd.'s policies and manner of compliance are described separately below.
(1) EuroDM Ltd. as a Processor on Behalf
When EuroDM Ltd. acts as a processor on behalf of its customer, the policies outlined below apply to all data processing operations concerning personal information that has been transferred from the EU to the US.
Processing Contracts:
Before starting any processing on behalf of EuroDM Ltd.'s customer, EuroDM Ltd. will enter into a processing contract with the EU data controller responsible for the personal information pursuant to the applicable EU Member State Data Protection law.
The processing contract ensures that the EU data controller will be in compliance with the Member State Data Protection law. Any data processed by EuroDM Ltd. will not be further disclosed to third parties except where permitted or required by the processing contract, EU Safe Harbor or the applicable Member State Data Protection law. Any information which EuroDM Ltd.'s customer (acting as the EU controller) identifies as sensitive will be treated accordingly.
The processing contract will also specify that the processing will be carried out with appropriate data security measures. EuroDM Ltd. has in place measures to protect personal information from loss, misuse, unauthorized access, disclosure, alteration and destruction.
As a processor on behalf of EuroDM Ltd.'s customer (who is the EU controller), EuroDM Ltd. is not required to apply other EU Safe Harbor Principles to the personal information received for processing from a customer.
(2) EuroDM Ltd. as a Data Controller
Should EuroDM Ltd. act as a data controller of personal information, the policies outlined below apply to all personal information that has been transferred from the EU to the US.
EuroDM Ltd. may develope and maintain databases containing personal information on European households and businesses from a number of EU Member States. EuroDM Ltd. does not collect any of this information directly from individuals in the EU. Instead, these databases are developed from public records and from information acquired through information providers.
None of these databases contain any information defined as sensitive by any national law of an EU Member State.
EuroDM Ltd.'s databases contain information which is provided to qualified businesses for marketing and customer data integration purposes. The information contained in these databases may also be used to enhance the understanding a company has about its customers, aid in accurate integration of a company's customer information, and be used as lists for direct marketing purposes.
As a data controller, EuroDM Ltd. is required to comply with all principles of the EU Safe Harbor.
Notice
Prior to the transfer of any non-public personal information from the EU to the US, EuroDM Ltd. requires contractual confirmation from the EU controller from whom EuroDM Ltd. acquired the information that the data subjects from whom the information was derived have been provided with proper Notice pursuant to the applicable EU Member State Data Protection law.
Choice
Prior to the transfer of any non-public personal information from the EU to the US, EuroDM Ltd. requires contractual confirmation from the EU controller from whom EuroDM Ltd. acquired the information that the data subjects from whom the information was derived have been provided with the Choice to determine how their information may be used pursuant to the applicable EU member State Data Protection law.
In addition to choice regarding the use of information, EuroDM Ltd. will remove an individual's name and related information from its direct marketing information products.
In order to have sufficient information to confirm the identity of an individual and have the necessary information to complete the opt-out request, EuroDM Ltd. provides a form which the consumer fills out, signs and mails to EuroDM Ltd.. Consumers may request an Opt-Out Form by either writing to EuroDM Ltd. at the address provided below, by calling our offices at 0207 432 0358 or sending an e-mail to us at safeharbor@eurodmltd.com
Written communication should be addresses as follows:
Consumer Advocate
EU Safe Harbor Opt-Out at
EuroDM Ltd. Ltd
212 Piccadilly
London
W1J9HG
Tel: 0207 432 0358
info@eurodmltd.com
Data Integrity
EuroDM Ltd. takes reasonable steps to assure the information which is transferred from the EU to the US is reliable, accurate and complete. The steps EuroDM Ltd. takes to assure data integrity are made in light of the purposes for which the personal information is used.
Onward Transfer
EuroDM Ltd. complies with the notice and choice principles as described above for all data which is disclosed or transferred to a third party.
EuroDM Ltd. occasionally uses agents to perform processing tasks on behalf and under the instruction of EuroDM Ltd.. EuroDM Ltd. requires that its agents either:
- Subscribe to the EU Safe Harbor Principles, the EU Data Protection Directive or another adequacy finding; or
- Enter into a written agreement with EuroDM Ltd. requiring them to provide the same level of protection as EuroDM Ltd..
Security
EuroDM Ltd. has in place an Information Security Policy to protect personal information from loss, misuse, unauthorized access, disclosure, alteration and destruction. EuroDM Ltd.'s Security Officer is responsible for conducting investigations into any alleged computer or network compromises, incidents or problems and ensuring the proper disciplinary action is taken against those who violate EuroDM Ltd.'s Information Security Policy.
Any security compromises or potential security compromises and any inquiries concerning security should be reported to the EuroDM Ltd. Consumer Advocate. Contact information is provided below.
Access
An individual may make a request to EuroDM Ltd. for access to the information EuroDM Ltd. maintains in its information products. The individual has the right to receive confirmation from EuroDM Ltd. as to whether or not data relating to him/her is found in EuroDM Ltd.'s information products and to correct, amend, or delete that information when it is inaccurate. This right only applies to personal information relating to the individual making the request and is subject to other limitations as defined by law.
Individuals who wish to make an access request should direct such a request to EuroDM Ltd.'s Consumer Advocate in EuroDM Ltd.'s Consumer Affairs Department. This individual can be contacted by telephone or mail at:
Consumer Advocate
EU Safe Harbor Opt-Out at
EuroDM Ltd. Ltd
212 Piccadilly
London
W1J9HG
Tel: 0207 432 0358
info@eurodmltd.com
EuroDM Ltd.'s Consumer Advocate will explain the process to be followed by any individual making an access request. In order to confirm the identity of the individual and have the necessary information to retrieve the individual's information, EuroDM Ltd. provides a form which the individual fills out, signs and mails to EuroDM Ltd.. The form must be accompanied by a personal check in the amount of U.S. $10.00. Filing a request in English will expedite the process.
EuroDM Ltd. agrees to process all reasonable requests for access within a reasonable time period, but reserves the right to deny access or limit access in cases where the burden or cost of providing access would be disproportionate to the risks to the individual's privacy or in the case of a vexatious or fraudulent request.
Enforcement
Individuals who wish to file a complaint or who take issue with EuroDM Ltd.'s EU Safe Harbor policies should direct such communication to EuroDM Ltd.'s Consumer Advocate at the address described above. EuroDM Ltd.'s Consumer Advocate will explain the process to be followed when filing a complaint. Filing a complaint in English will expedite the process.
EuroDM Ltd. is also subject to the jurisdiction of the US Federal Trade Commission. Should an individual be unable to resolve a complaint through the European Data Protection Authorities complaint process, they may contact the Federal Trade Commission at the following address:
Federal Trade Commission
Attn: Consumer Response Center
600 Pennsylvania Avenue NW
Washington, DC 20580
consumerline@ftc.gov
www.ftc.gov
|
