Intellisist, Inc. dba Spoken Communications Safe Harbor Compliance Document

Similar documents
CPA Global North America LLC SAFE HARBOR PRIVACY POLICY. Introduction

AlixPartners, LLP. General Data Protection Statement

RPM INTERNATIONAL INC. AND ITS SUBSIDIARIES AND OPERATING COMPANIES SAFE HARBOR PRIVACY NOTICE. EFFECTIVE AS OF: August 12, 2015

LATISYS SAFE HARBOR POLICY

SAFE HARBOR PRIVACY NOTICE EFFECTIVE: July 1, 2005 AMENDED: July 15, 2014

Data Processing Agreement for Oracle Cloud Services

Privacy Policy documents for

Privacy Policy for Data Collected by Blue State Digital s Clients

DASSAULT SYSTEMES GROUP HUMAN RESOURCES DATA PRIVACY POLICY

University of Liverpool Online Programmes - Privacy Policy for Visitors and Students

HIPAA BUSINESS ASSOCIATE AGREEMENT

HIPAA BUSINESS ASSOCIATE AGREEMENT

This form may not be modified without prior approval from the Department of Justice.

Office 365 Data Processing Agreement with Model Clauses

FirstCarolinaCare Insurance Company Business Associate Agreement

This Applicant Privacy Notice Continental Europe is dated: July 2012 WILLIS.COM: PRIVACY NOTICE

The U.S.-EU Safe Harbor Guide to Self-Certification

Business Associate Agreement

PRIVACY POLICY. What Information Is Collected

CW Government Travel Inc. Data Protection and Privacy Policy

Disclaimer: Template Business Associate Agreement (45 C.F.R )

BUSINESS ASSOCIATE ADDENDUM

BUSINESS ASSOCIATE AGREEMENT

Privacy & Data Security: The Future of the US-EU Safe Harbor

Privacy Policy for Data Collected by Blue State Digital

privacy Requirements of Lanyon Services

BUSINESS ASSOCIATE AGREEMENT ( BAA )

HIPAA BUSINESS ASSOCIATE AGREEMENT

Sample Business Associate Agreement (4. Other Bus. Assoc., Version )

Privacy Policy. February, 2015 Page: 1

HIPAA BUSINESS ASSOCIATE AGREEMENT

Business Associate Agreement

<Choose> Addendum Windows Azure Data Processing Agreement Amendment ID M129

Privacy Policy & Terms of Use Effective: 12/13/2011. Terms and Conditions. Changes in this Privacy Policy. Internet Privacy & Security

Membership of the US Safe Harbor Program by Data Processors

HSHS BUSINESS ASSOCIATE AGREEMENT BACKGROUND AND RECITALS

BUSINESS ASSOCIATE AGREEMENT

HIPAA INFORMATION FOR METLIFE GROUP DENTAL and/or VISION INSURANCE CUSTOMERS

Business Associates Agreement

EU Data Protection Directive and U.S. Safe Harbor Framework: An Employer Update. By Stephen H. LaCount, Esq.

Model Business Associate Agreement

CATHOLIC SOCIAL SERVICES BUSINESS ASSOCIATE AGREEMENT

Privacy Rules for Customer, Supplier and Business Partner Data. Directive 7.08 Protection of Personal Data

Privacy Policy Last Modified: April 3,

ADDENDUM TO ADMINISTRATIVE SERVICES AGREEMENT FOR HIPAA PRIVACY/SECURITY RULES

BUSINESS ASSOCIATE AGREEMENT

Johnson Controls Privacy Notice

BUSINESS ASSOCIATE AGREEMENT

Business Associate and Data Use Agreement

BUSINESS ASSOCIATE AGREEMENT

SaaS. Business Associate Agreement

U. S. EU SAFE HARBOR FRAMEWORK GUIDE TO SELF-CERTIFICATION MARCH 2009

Data Protection. Processing and Transfer of Personal Data in Kvaerner. Binding Corporate Rules Public Document

AMWELL SERVICE PROVIDER SUBSCRIPTION AGREEMENT

BUSINESS ASSOCIATE AND DATA USE AGREEMENT NAME OF COVERED ENTITY: COVERED ENTITY FEIN/TAX ID: COVERED ENTITY ADDRESS:

Privacy Statement. What Personal Information We Collect. Australia

GUESTBOOK REWARDS, INC. Privacy Policy

PROTECTION OF PERSONAL INFORMATION

HIPAA BUSINESS ASSOCIATE AGREEMENT

HIPAA BUSINESS ASSOCIATE AGREEMENT

Preferred Professional Insurance Company Subcontractor Business Associate Agreement

Professional Solutions Insurance Company. Business Associate Agreement re HIPAA Rules

LCD SOLUTIONS and CLICKTATE.COM BUSINESS ASSOCIATE AGREEMENT and DISCLOSURE of RIGHTS to COVERED ENTITIES

BUSINESS ASSOCIATE AGREEMENT

HIPAA Business Associate Contract. Definitions

Please print the attached document, sign and return to or contact Erica Van Treese, Account Manager, Provider Relations &

ADDENDUM 5 - BUSINESS ASSOCIATE AGREEMENT

UNIVERSITY OF ROCHESTER INFORMATION TECHNOLOGY POLICY

HIPAA BUSINESS ASSOCIATE AGREEMENT

HIPAA BUSINESS ASSOCIATE ADDENDUM

Data Protection Standard

Business Associate Contract

TJ RAI, M.D. THERAPY MEDICATION WELLNESS PRIVACY POLICY STATEMENT

Appendix : Business Associate Agreement

1. TYPES OF INFORMATION WE COLLECT.

Enrollment for Education Solutions Addendum Microsoft Online Services Agreement Amendment 10 EES

Business Associate Agreement

EXHIBIT C BUSINESS ASSOCIATE AGREEMENT

2. A Note about Children. We do not intentionally gather Personal Data from visitors who are under the age of 13.

Microsoft Online Subscription Agreement/Open Program License Amendment Microsoft Online Services Security Amendment Amendment ID MOS10

GENERAL ELECTRIC COMPANY EMPLOYMENT DATA PROTECTION STANDARDS

BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT

FORM OF HIPAA BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT

Credit Union Code for the Protection of Personal Information

Louisiana State University System

BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT

Business Associate Agreement

SAMPLE BUSINESS ASSOCIATE AGREEMENT

APPENDIX I: STANDARD FORM BUSINESS ASSOCIATE CONTRACT AND DATA USE AGREEMENT (2012 Version)

HIPAA BUSINESS ASSOCIATE AGREEMENT

HIPAA Employee Training Guide. Revision Date: April 11, 2015

BUSINESS ASSOCIATE ADDENDUM

STANDARD FORM BUSINESS ASSOCIATE CONTRACT AND DATA USE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT

Snake River School District No. 52 HIPAA BUSINESS ASSOCIATE AGREEMENT (See also Policy No. 7436, HIPAA Privacy Rule)

BUSINESS ASSOCIATE AGREEMENT

Transcription:

Intellisist, Inc. dba Spoken Communications Safe Harbor Compliance Document Safe Harbor Privacy Policy Intellisist, Inc. dba Spoken Communications ("Spoken") complies with the U.S.- EU Safe Harbor Framework and the U.S.- Swiss Safe Harbor Framework developed by the United States Department of Commerce and the European Commission and Switzerland, and has self- certified its adherence to the U.S.- EU Safe Harbor Principles and the U.S.- Swiss Safe Harbor Principles published by the United States Department of Commerce. This Safe Harbor Privacy Policy (the "Policy") sets forth the privacy principles that Spoken follows when processing Personal Data (as defined below) received from the European Union (EU), the European Economic Area (EEA) or Switzerland. The privacy principles in this Policy are based on the Safe Harbor Principles and the frequently asked questions (FAQs) that comprise the Safe Harbor Frameworks referenced above. To learn more about the Safe Harbor program and to view our certification, please visit http://www.export.gov/safeharbor/. Spoken s Role as a Service Provider to its Enterprise Customers Spoken is an innovative technology and managed services company that provides a cloud- based hosted software and services platform ( Spoken Platform ) to its enterprise customers (each, an Enterprise Customer ). The Spoken Platform offers a scalable and flexible infrastructure solution to business enterprises to support contact center operations. Spoken provides the Spoken Platform to Enterprise Customers located in the EU, the EEA and/or Switzerland by hosting these solutions in Spoken s data centers located in the EU. Spoken also provides professional technical services and technical support services to its Enterprise Customers in the EU, the EEA and/or Switzerland through employees and/or contractors who may be located in the U.S. or in the EU, the EEA, and/or Switzerland, or who may be present at an Enterprise Customer's site in the U.S. or in the EU, the EEA, and/or Switzerland. Enterprise Customers using the Spoken Platform are responsible for managing the data that they store at Spoken s data centers and on the Spoken Platform. These responsibilities include determining the types of information that are stored, how that information will be used, to whom it will be disclosed, and for what purposes. Similarly, Spoken s Enterprise Customers who share data with Spoken in connection with any of its services are responsible for deciding which categories of data will be shared and for what purposes. When Spoken processes data received from an Enterprise Customer ("Customer Data"), whether for its hosted solutions or in connection with its provision Safe Harbor Policy Page 1

of services, Spoken does so only pursuant to the Enterprise Customer's instructions and prior authorization, as described herein. Enterprise Customers' Responsibilities with Respect to Personal Data Spoken s Enterprise Customers may elect to include Personal Data among the Customer Data stored on the Spoken Platform or shared with Spoken in connection with its provision of services. For purposes of this Policy, Personal Data means any individually identifiable information about a natural person or any information from which a natural person reasonably could be identified. Before processing any information on behalf of its Enterprise Customers located in the EU, the EEA or Switzerland, Spoken will enter into an agreement with the Enterprise Customer responsible for the Personal Data pursuant to which the Enterprise Customer agrees to comply with all applicable data protection laws. Spoken processes only the Personal Data that its Enterprise Customers have chosen to share with the Company. Spoken has no direct or contractual relationship with the subject of this Personal Data (the "Data Subject"). As a result, when Customer Data includes Personal Data, the Enterprise Customer is solely responsible for satisfying all legal obligations owed directly to the Data Subject under applicable data protection laws, including but not limited to providing notice and choice as required under data protection laws. It is the Enterprise Customer's responsibility to ensure that Personal Data it collects can be legally collected in the country of origin. The Enterprise Customer is also responsible for providing to the Data Subject any notices required by applicable law and for responding appropriately to the Data Subject's request to exercise his or her rights with respect to Personal Data. In addition, the Enterprise Customer is responsible for ensuring that its use of the Spoken Platform or Spoken s services is consistent with any privacy policy the Enterprise Customer has established and any notices it has provided to Data Subjects. Spoken is not responsible for its Enterprise Customer's privacy policies or practices or for the Enterprise Customer's compliance with them. Spoken does not review, comment upon, or monitor its Enterprise Customer's privacy policies or the Enterprise Customer's compliance with such policies. Spoken also does not review instructions or authorizations to Spoken to determine whether the instructions or authorizations are in compliance with, or conflict with, the terms of an Enterprise Customer's published privacy policy or of any notice provided to Data Subjects. Spoken s Compliance with the Safe Harbor Principles Safe Harbor Policy Page 2

While any Spoken employee(s) located in the EU, the EEA, and/or Switzerland may have responsibilities for maintaining and supporting the Spoken Platform for Enterprise Customers located in the EU, the EEA and/or Switzerland, Spoken employees located at the Company's headquarters and elsewhere in the U.S. also provide such services. In order to provide such services, under certain circumstances, Spoken may find it necessary to transfer Customer Data, including Personal Data, to the United States. Without the Enterprise Customer's prior authorization, transfers will consist exclusively of remote access by Spoken employees located in the U.S. to Personal Data located in the EU, EEA, or Switzerland (either at Spoken s data centers in the EU or at the Enterprise Customer's own data center). Spoken will not physically transfer any Personal Data stored in the EU, the EEA or Switzerland to the U.S. without the Enterprise Customer's prior authorization. Spoken will apply the following Safe Harbor Principles to Personal Data transferred to the U.S., whether physically or by remote access: Onward Transfer Spoken will not disclose Personal Data to a third party, except for subcontractors and third- party agents who assist Spoken in providing the Spoken Platform or other services to Enterprise Customers. Before transferring Personal Data to a subcontractor or third- party agent, Spoken will ascertain that the recipient subscribes to the U.S.- EU Safe Harbor Principles and/or the U.S.- Swiss Safe Harbor Principles, or is subject to the EU Data Directive or another finding of adequacy under relevant EU or Swiss law, or will obtain assurances from the recipient that it will safeguard Personal Data in a manner consistent with this Policy. If Spoken learns that a recipient is using or disclosing Personal Data in a manner contrary to this Policy, Spoken will take reasonable steps to prevent such use or disclosure. Spoken also may, notwithstanding anything to the contrary in this Policy, disclose Personal Data as required by law, for example, in response to a court order or subpoena. Before making any such disclosure, Spoken will promptly inform the Enterprise Customer, so it may take such actions as it deems necessary to protect the rights of Data Subjects. Security for Personal Data Spoken has implemented measures designed to help safeguard the Personal Data that it receives from the EU, the EEA and Switzerland. While Spoken cannot guarantee the security of Personal Data, Spoken takes reasonable precautions to protect Personal Data in its possession from loss, misappropriation and unauthorized access, disclosure and destruction. Spoken utilizes a combination of online and offline security technologies, procedures and organizational measures to help safeguard Personal Data. Safe Harbor Policy Page 3

Data Integrity Spoken s Enterprise Customers are responsible for ensuring that they collect only that Personal Data needed to accomplish the purposes disclosed to the Data Subject. They also are responsible for providing Spoken with instructions for the processing of Personal Data consistent with the purposes stated in the notice, and in accordance with any opt- outs or other choice exercised by the Data Subject. Spoken will process Personal Data only in accordance with the Enterprise Customer's instructions, which are deemed to include, without limitation, processing Personal Data in all manners contemplated by our agreement with the Enterprise Customer. Spoken s Enterprise Customers also are responsible for ensuring that (a) the Personal Data they collect is accurate, complete, current and reliable for its intended uses; and (b) Personal Data is retained only for as long as is necessary to accomplish the Enterprise Customer's legitimate business purposes or for as long as may be permitted or required by applicable law. Spoken will cooperate with Enterprise Customers' reasonable requests for assistance in meeting these obligations. Access/Correction When Spoken receives Personal Data, it does so on its Enterprise Customer's behalf. To request access to, correction, amendment or deletion of Personal Data, Data Subjects should contact the Enterprise Customer that collected their Personal Data. Spoken will cooperate with its Enterprise Customers' reasonable requests for assistance in permitting Data Subjects to exercise their rights under applicable data protection laws. Enforcement Spoken will conduct periodic self- assessments of its relevant practices to verify adherence to this Policy and the Safe Harbor Principles. Any employee who intentionally violates this Policy will be subject to disciplinary action up to and including termination of employment. Any Data Subject who has a complaint concerning Spoken s processing of Personal Data should first contact the Enterprise Customer that collected the Data Subject's Personal Data. Data Subjects may also contact Spoken s Legal Department by emailing safeharbor@spoken.com. For complaints that cannot be resolved after following the above steps, Spoken agrees to participate in the dispute resolution procedures of the panel established by the European Data Protection Authorities (DPAs) to resolve disputes pursuant to the Safe Harbor Principles. For More Information Data Subjects with questions about Spoken s processing of Personal Data should first contact the Spoken Enterprise Customer that collected the Personal Data. Spoken s Legal Department may be contacted by emailing safeharbor@spoken.com. Safe Harbor Policy Page 4

Changes to this Privacy Policy Spoken may revise this Policy at any time consistent with the requirements of the U.S.- EU and U.S.- Swiss Safe Harbor Frameworks. In the event of any revision, Spoken will post the revised Policy at this location and update the Effective Date below. Effective Date: May 15, 2013 Safe Harbor Policy Page 5

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information