Introduction
SERVICE 800, Inc. and its affiliated U.S. entities (“the company,” “we,” “us,” or “our”) adhere to the Safe Harbor Agreement concerning the transfer of personal data from the European Union to the United States of America. Accordingly, we followthe Safe Harbor Principles published by the U.S. Department of Commerce (“Principles”) with respect to all such data. This statement outlines our general policy and practices for implementing the Principles, including the types of information the company gathers or is supplied, how we use it, and the choices affected individuals have regarding our use of, and their ability to correct, that information. If there is any conflict between the policies in this statement and the Principles, the Principles will govern.
This statement applies to all personal information we handle, including on-line, off-line, human resources and manually processed data. For purposes of this statement, “personal information” means information that:
- is transferred from the European Union to the United States;
- is recorded in any form;
- is about, or pertains to, a specific individual;
- can be linked to that individual.
It does not include information that pertains to a specific individual, but from which that individual could not reasonably be identified.
In this policy, SERVICE 800, Inc. and its international affiliates are referred to together as “SERVICE 800.”
Principles Protecting Individuals’ Privacy
Notice and Choice
Our policy is to notify individuals about the personal information we collect from them, how we use it, and how to contact us with privacy concerns. We collect personal information from individuals only as permitted by the Principles or with the consent of the individual affected. Consent for personal information to be collected, used, and/or disclosed in certain ways may be required in order for an individual to obtain or use our services. To the extent permitted by the Safe Harbor Agreement, we reserve the right to process personal information in the course of providing services to our clients without the specific knowledge of the individuals involved.
Disclosures and Transfers
We do not disclose an individual’s personal information to third parties, except when one or more of the following conditions are true:
- We have the individual’s permission to make the disclosure;
- The disclosure is required by law or regulation;
- The disclosure is reasonably related to the sale or other disposition of all or part of our business;
- The information in question is publicly available;
- The disclosure is reasonably necessary for the establishment of legal claims; or
- The disclosure is to another SERVICE 800 entity or to persons or entities providing services on our or the individual’s behalf (each a “transferee”), consistent with the purpose for which the information was obtained, if the transferee, with respect to the information in question:
- is subject to law providing an adequate level of privacy protection;
- has agreed in writing to provide an adequate level of privacy protection; or subscribes to the Principles.
Permitted transfers of information, either to third parties or within SERVICE 800, include the transfer of data from one jurisdiction to another, including transfers to and from the United States of America. Because privacy laws vary from one jurisdiction to another, personal information may be transferred to a jurisdiction where the laws provide less or different protection than the jurisdiction in which the information originated.
Data Security, Integrity, and Access
SERVICE 800 employs various physical, electronic, and managerial measures, including education and training of our personnel, designed to provide personal information with reasonable protection from accidental loss or destruction, improper use, alteration, or disclosure. Personal information collected or displayed through a Web site is protected in transit by standard encryption processes. However, we cannot guarantee the security of information on or transmitted via the Internet.
We process personal information only in ways compatible with the purpose for which it was collected or authorized by the individual. To the extent necessary for such purposes, we take reasonable steps to make sure that personal information is accurate, complete, current, and otherwise reliable with regard to its intended use.
If an individual becomes aware that information we maintain about that individual is inaccurate, or if an individual would like to update or review his or her information, the individual may contact us using the contact information below. The individual will need to provide sufficient identifying information, such as name, phone number, address, birth date, and parts of social security or identity number. We may request additional identifying information as a security precaution. In addition, we may limit or deny access to personal information where providing such access would be unreasonably burdensome or expensive in the circumstances, or as otherwise permitted by the Safe Harbor Agreement. In some circumstances, we may charge a reasonable fee, where warranted, for access to personal information.
Accountability and Enforcement
We have established a process to monitor our adherence to the Principles and to address questions and concerns regarding our adherence. This process will include a statement, at least once a year, signed by an authorized representative of us, verifying that this policy is accurate, comprehensive for the information intended to be covered, prominently displayed, completely implemented, and accessible. We encourage interested persons to raise any concerns with us using the contact information below.
With respect to any dispute relating to this policy that cannot be resolved through our internal processes, we will cooperate with competent EU data protection authorities and comply with the advice of such authorities. In the event that we or such authorities determine that we did not comply with this policy, we will take appropriate steps to address any adverse effects and to promote future compliance. Personnel who violate our privacy policies will be subject to disciplinary processes.
Amendment
We may amend this policy from time to time by posting a revised policy on this Web site, or a similar Web site that replaces this Web site. If we amend the policy, the new policy will apply to personal information previously collected only insofar as the rights of the individual affected are not reduced. So long as we adhere to the Safe Harbor Agreement, we will not amend our policy in a manner inconsistent with the Principles.
Information Subject to Other Policies
We are committed to following the Principles for all personal information within the scope of the Safe Harbor Agreement. However, certain information is subject to policies of the Company that may differ in some respects from the general policies set forth in this statement.
- Information relating to present or former SERVICE 800 personnel is subject to our policies concerning personnel data privacy, which are available to present SERVICE 800 personnel on the SERVICE 800 intranet and former SERVICE 800 personnel upon request.
- Information obtained from or relating to clients or former clients is further subject to the terms of any privacy notice to the client, any engagement letter or letters with the client, and applicable laws and regulations.
Contact Information
For further information, please contact:
David Welch
SERVICE 800
2190 West Wayzata Blvd.
P.O. Box 800
Long Lake, Minnesota 55356-0800 USA