Effective June 20, 2018
Ezassi retains Innovation Data according to the terms of the Subscription Agreement and as long as necessary to satisfy our legal obligations. Other Personal Data may be retained for a period of time consistent with the original purpose of the collection. After expiry of the retention periods, your Personal Data will be deleted and/or properly anonymized.
We maintain appropriate technical, physical and organizational measures to protect Personal Data and Innovation Data, including assuring that third-party service providers who access or handle personal information on our behalf and affiliates maintain such safeguards. However, no method of Internet transmission or electronic storage is 100% secure or error-free, so it is not possible to guarantee absolute security.
You must protect against unauthorized access to your password and to your computer, and be sure to sign off when finished using a shared computer. If we have given you or you have chosen a password which enables you to access certain portions of our Site, you are responsible for keeping this password confidential. You should not share your password with anyone. If you have reason to believe that your interaction with us is no longer secure (e.g., if you feel that the security of any account you might have with us has been compromised), please notify us immediately (see “Contact Us” below).
You may be able to opt-out of certain processing. For example, if you would like to discontinue receiving our newsletter, you may update your email preferences by using the “Unsubscribe” link found in the emails we send. You may also configure your browser to reject cookies, web beacons, and other statistical analysis tools, though doing so may affect the performance or functionality of the Site. For additional help, please contact us in accordance with the “Contact Us” section below.
Our Site is not directed at children. We do not knowingly collect Personal Data from children under the age of 16. If you are a parent or guardian and believe your child has provided us with Personal Data without your consent, please contact us as described in the “Contact Us” section below and we will take steps to delete such Personal Data from our systems.
The European Union has taken a monumental step in protecting the fundamental right to privacy for every EU resident with the General Data Protection Regulation (GDPR) which is effective from May 25, 2018. This regulation enhances the data privacy protections for EU citizens and is a mandatory requirement for any company with access to personal data of EU citizens. As a data processor serving many multi-national companies with employees in the EU, Ezassi is committed to full compliance with GDPR regulations and the protection of our customers’ Personal Data and Innovation Data.
In the context of GDPR and with respect to Innovation Data, Ezassi is a data processor acting on behalf of and under the direction of our customers, who are the data controllers. Ezassi has worked extensively to ensure that our subscription and related agreements (“Subscription Agreements”) contain appropriate provisions for Personal Data we store, and balance the risks and responsibilities between us, our customers, and those individuals which our customers have authorized to use the Innovation Software (“Registered Users”). Ezassi’s legal basis for data processing of Innovation Data is based on the contractual obligations in the Subscription Agreements and in the employment contract or other such contracts as may exist between our customers and their Registered Users.
With respect to other Personal Data that Ezassi collects, Ezassi is the data controller. The legal basis for data processing in this case is consent and, accordingly, you have certain rights subject to local data protection laws:
When Ezassi processes Innovation Data received from a customer or Registered User, Ezassi does so pursuant only to the Subscription Agreement and the customer’s instructions and prior authorization. Ezassi processes other Personal Data only to the extent that the data subjects have given consent to such processing, or, in the case of anonymized, statistical data, according Ezassi’s legitimate interests.
To exercise your rights, please contact us in accordance with the “Contact Us” section below. We try to respond to all legitimate requests within one month and will contact you if we need additional information from you in order to honor your request. Occasionally it may take us longer than a month, taking into account the complexity and number of requests we receive.
Regarding Innovation Data, Ezassi processes only the data which our customers and their Registered Users have chosen to share. Ezassi’s right to access, process, modify or delete such data is governed by the Subscription Agreement and Ezassi has only limited means of directly satisfying requests to erase, rectify or port Innovation Data. To ensure that EU citizens are able to exercise those rights, Ezassi’s data protection officer coordinates heavily with our customers’ data protection officers and, where appropriate, their EU member representatives. EU citizens with privacy concerns about Innovation Data may contact our data protection officer in accordance with the “Contact Us” section below. Please provide the name of the Ezassi customer who submitted your data when you contact us. We will refer your request to that customer, and will support them as needed in responding to your request within a reasonable timeframe.
You may also have the right to make a GDPR complaint to the relevant Supervisory Authority. A list of Supervisory Authorities is available here: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm. If you need further assistance regarding your rights, please contact us using the contact information provided below and we will consider your request in accordance with applicable law. In some cases our ability to uphold these rights for you may depend upon our obligations to process personal information for security, safety, fraud prevention reasons, compliance with regulatory or legal requirements, or because processing is necessary to deliver the services you have requested. Where this is the case, we will inform you of specific details in response to your request.
Your Personal Data may be collected, transferred to and stored by us in the United States.
Pursuant to the Privacy Shield Frameworks, EU and Swiss individuals have the right to obtain our confirmation of whether we maintain personal information relating to you in the United States. Upon request, we will provide you with access to the personal information that we hold about you. You may also may correct, amend, or delete the personal information we hold about you. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the United States under Privacy Shield, should direct their query to email@example.com. If requested to remove data, we will respond within a reasonable timeframe.
We will provide an individual opt-out or opt-in choice before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your personal information, please submit a written request to firstname.lastname@example.org.
Ezassi is responsible for the processing of personal data it receives under the Privacy Shield Framework and subsequently transfers to a third party acting as an agent on its behalf. Ezassi complies with the Privacy Shield Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to the Privacy Shield Framework, Ezassi is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, Ezassi may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
In compliance with the Privacy Shield Principles, Ezassi commits to resolve complaints about our collection or use of your personal information. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Ezassi at: email@example.com. Written inquiries may be addressed to:
Attn: Privacy Officer
822 A1A North, Suite 104
Ponte Vedra Beach, FL 32082 USA
Ezassi has further committed to refer unresolved Privacy Shield complaints to BBB EU PRIVACY SHIELD, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact or visit https://www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information or to file a complaint.
If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction
The Data Protection Officer for Ezassi may be reached by email at firstname.lastname@example.org. You may also send correspondence to:
Data Protection Officer
822 A1A North
Ponte Vedra Beach, FL 32082 USA
Please be sure to include in your request:
First and last name
The name of the related Ezassi client
Details of your question, comment or request