Privacy Shield Policy

Last Updated: October 31, 2018

TrustedSite, LLC, ("TrustedSite") has subscribed to and will comply with the EU-U.S. Privacy Shield Framework ("Framework") and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the processing of personal information that is transferred from the European Union and Switzerland to the United States. TrustedSite has certified to the Department of Commerce that it adheres to the Privacy Shield Principles (the "Principles"). If there is any conflict between this policy and the Principles, the Principles will govern. To learn more about the Framework, and to view our certification, please visit www.privacyshield.gov.

This Privacy Shield Policy supplements our Privacy Policy. This Privacy Shield Policy applies to TrustedSite, which is subject to the investigatory and enforcement powers of the Federal Trade Commission.

Personal Information Received from the European Economic Area and Switzerland

TrustedSite may receive from the EEA and Switzerland some or all of the information listed in our Privacy Policy. Some of that information may qualify as "personal information" or "personal data" (collectively, "personal information") as defined in the Principles. To the extent that TrustedSite receives personal information from the EEA and Switzerland in reliance on the Framework, TrustedSite will handle such personal information in accordance with the Principles.

Data Integrity and Purpose Limitation

TrustedSite may use the personal information it receives from the EEA and Switzerland for the purposes set forth in our Privacy Policy or as you may otherwise be notified. We take reasonable steps to ensure that the personal information we process is reliable for its intended use, accurate, complete, and current to the extent necessary for the purposes for which we use the personal information. We will not process personal information in a way that is incompatible with the purposes for which it has been collected or subsequently authorized by you. We will adhere to the Principles for as long as we retain the personal information collected under the Framework.

Onward Transfers

Our Privacy Policy the circumstances in which we may disclose your information to third parties. We remain responsible for the processing of personal information received under the Framework and subsequently transferred to a third party acting as an agent if the agent processes such personal information in a manner inconsistent with the Principles, unless we prove that we are not responsible for the event giving rise to the damage.

We may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Data Security

We use reasonable and appropriate measures to protect your personal information from loss, misuse, unauthorized access, disclosure, alteration, and destruction, taking into account the risks involved in the processing and the nature of the personal information.

Choice

We will give you an opportunity to choose whether your personal information may be used for a purpose that is materially different from the purposes for which it was originally collected or subsequently authorized by you, or if we intend to disclose it to a third party acting as a data controller that we have not previously disclosed to you. In such circumstances, we will notify you and offer you the opportunity to opt out of such uses and/or disclosures where non-sensitive personal information is involved, and to opt in where sensitive personal information is involved.

Access to personal information

Our Privacy Policy sets forth methods by which you may access and submit requests to review, correct, update, suppress, or delete information from or about you. TrustedSite will comply with the Principles in its handling of such requests with respect to personal information.

Recourse and Enforcement

In compliance with the Privacy Shield Principles, TrustedSite commits to resolve complaints about our collection or use of your personal information. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact TrustedSite at:

TrustedSite, LLC
Attn: TrustedSite Privacy Issues
16 Maiden Lane, 4th Floor
San Francisco, CA 94108

TrustedSite has further committed to cooperate with the panel established by the EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved Privacy Shield complaints concerning data transferred from the EU and Switzerland.

Privacy Shield Policy Changes

This Policy may be changed from time to time, consistent with the requirements of the Framework. You can determine when this Policy was last revised by referring to the "Last Updated" legend at the beginning of this Policy. Any changes to this Policy will become effective when posted to our website.