The United States Department of Commerce and the Federal Data Protection and Information Commissioner (FDPIC) of Switzerland have agreed on a set of principles and frequently asked questions to enable U.S. companies to satisfy the requirement under Swiss law that adequate protection be given to personal information transferred from Switzerland to the United States (the “U.S.-Swiss Safe Harbor”). Accordingly, we follow the principles set forth in the U.S.-Swiss Safe Harbor (the “Safe Harbor Principles”). To learn more about the Safe Harbor program, and to view Dynamo Software’s certification, please visit http://www.export.gov/safeharbor/.
With regard to transfers of personal information from the European Union (“EU”) of the European Economic Area (“EEA”) to the United States, Dynamo Software has been certified under the EU–U.S. Privacy Shield framework set forth by the U.S. Department of Commerce and the EU (which replaced the U.S.-EU Safe Harbor framework in 2016). The principles described in this Policy generally correspond to the Privacy Shield Principles that we comply with. The EU–U.S. Privacy Shield framework also requires us to adhere to certain additional principles known as the Privacy Shield Supplemental Principles. You can view a description of how we comply with the EU–U.S. Privacy Shield framework in our Privacy Shield Notice. For more information on the EU–U.S. Privacy Shield, please visit the U.S. Department of Commerce’s Privacy Shield website here.
In addition, our customers in the EU/EEA and Switzerland may request hosting of their data in the EU or the execution of Standard Contractual Clauses and an updated Master Service Subscription Agreement.
“Personal Information” is any information that be used to identify individual. Personal information does not include publically available information that has not been combined with non-public personal information.
“Sensitive Personal Information” means personal information that reveals race, ethnic origin, sexual orientation, political opinions, religious or philosophical beliefs, trade union membership or that concerns an individual’s health, information about social security benefits, or information on criminal or administrative proceedings and sanctions other than in the context of pending proceedings.
Dynamo Software shall inform an individual of the purpose for which it collects and uses the Personal Information and the types of non-agent third parties to which Dynamo Software discloses or may disclose that information, the choices and means for limiting the use and disclosure of their Personal Information. Notice will be provided in clear and conspicuous language when individuals are first asked to provide Personal Information to Dynamo Software, or as soon as practicable thereafter, and in any event before Dynamo Software uses or discloses the information for a purpose other than for which it was originally collected.
Where Dynamo Software receives personal information from its subsidiaries, affiliates or other entities in Switzerland, it will use and disclose such information in accordance with the notices provided by such entities and the choices made by the individuals to whom such personal information relates.
Dynamo Software will offer individuals the opportunity to choose (opt out) whether their Personal Information is (1) to be disclosed to a third party or (2) to be used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual.
For Sensitive Personal Information, Dynamo Software will give individuals the opportunity to affirmatively or explicitly (opt out) consent to the disclosure of the information for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual.
Dynamo Software will obtain assurances from its agents that they will safeguard personal information consistently with this Policy. Examples of appropriate assurances that may be provided by agents include: a contract obligating the agent to provide at least the same level of protection as is required by the relevant Safe Harbor Principles, being subject to Swiss Federal Act on Data Protection, U.S.-Swiss Safe Harbor certification by the agent, or being subject to another Swiss FDPIC adequacy finding (e.g., companies located in Canada). Where Dynamo Software has knowledge that an agent is using or disclosing personal information in a manner contrary to this Policy, Dynamo Software will take reasonable steps to prevent or stop the use or disclosure.
Dynamo Software shall take reasonable steps to protect the Information from loss, misuse and unauthorized access, disclosure, alteration and destruction. Dynamo Software has put in place appropriate physical, electronic and managerial procedures to safeguard and secure the Information from loss, misuse, unauthorized access or disclosure, alteration or destruction.
Dynamo Software will only process Personal Information in a way that is compatible with and relevant for the purpose for which it was originally collected or subsequently authorized by the individual.
Dynamo Software will allow an individual access to their Personal Information and allow the individual to correct, amend or delete inaccurate information, except where the burden or expense of providing access would be disproportionate to the risks to the privacy of the individual in the case in question or where the rights of persons other than the individual would be violated.
Dynamo Software will conduct compliance audits of its relevant privacy practices to verify adherence to this Policy and periodically verifies that the policy is accurate, comprehensive for the information intended to be covered, prominently displayed, completely implemented and accessible and in conformity with the Safe Harbor Principles.
We encourage interested persons to raise any concerns regarding the use or disclosure of personal information by contacting us in one of the ways listed in section “Contact Information” below and we will investigate and attempt to resolve any complaints and disputes regarding use and disclosure of Personal Information in accordance with the Safe Harbor Principles contained in this Policy.
For complaints and disputes that cannot be resolved between Dynamo Software and the complainant, Dynamo Software has agreed to cooperate and comply with the Federal Data Protection and Information Commissioner of Switzerland. The contact information for the Swiss FDPIC is available here.
480 Pleasant Street Suite B200 Watertown, MA 02472
63 Shipchenski Prohod Blvd.
1574 Sofia, Bulgaria
3 Church Street
Level 8 Samsung Hub
1 Fore Street, 6th Floor
London, UK EC2Y 5EJ
+44 (0) 207 193 3244