Dynamo Software’s Notice of Certification

Under the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework


Effective as of October 5, 2016

Updated on April 04, 2018 with regard to the Swiss-U.S. Privacy Shield Framework

Updated on April 23, 2018 to add Q-Biz Solutions LLC

Updated on March 26, 2018 to add UK-specific provisions

Updated on August 31, 2020 to add Imagineer Technology Group, LLC

Dynamo Software and its affiliates comply with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework (Privacy Shield) as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union, the United Kingdom and/or Switzerland, as applicable, to the United States in reliance on Privacy Shield. If there is any conflict between the terms in this privacy policy statement and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/.

Scope: Dynamo Software, Inc. has certified to the Department of Commerce that it and its subsidiaries Q-Biz Solutions, LLC and Imagineer Technology Group, LLC  (all three companies together referred to as the “Dynamo US Companies” and each a “Dynamo US Company”) adhere to the Privacy Shield principles with respect to personal data submitted by their respective customers or customers of their affiliates with regard to the following services: (i) the web-based application Dynamo, Dynamo Investor/ Client Portal, DynamoAnalytics, DynamoExchange, Dynamo PMV, Dynamo accounting, the mobile application DynaMobile and the HoldingsInsight professional services; (ii) the PEView™ software and any outsourced fund administration services; (iii) Cilenteer and WebVision; (iv) other similar or related services provided by UK-based subsidiaries of Dynamo Software involving the transfer of personal data to the United States.

Data processed: The Dynamo US Companies provide software tools and services that customers use to operate certain aspects of their businesses. These include: (i) for Dynamo Software – tools for investor/client relationship management, fundraising and marketing, investment research management, deal management, portfolio management, data integration and analysis, fund manager due diligence and performance tracking, partnership accounting, reporting and compliance, among others; (ii) for Q-Biz Solutions – a software tool for data capture, reporting, and transactional processing; and (iii) for other affiliates of Dynamo Software – tools and services similar or related to those listed in (i) and (ii). In addition, Q-Biz Solutions uses its proprietary software to provide outsourced fund administration services. While all three companies are the providers of software tools and assist clients in the processing of data related to their investors, investments, and users of their software solutions (which may or may not include limited personal data, such as name, position and contact details), the clients of these companies (including also clients of their EU and UK – based affiliates) remain owners of the data stored via the software tools and services described above and are solely responsible for managing such data. This includes deciding what data will be stored, how it will be used, how it will be categorized, to whom it will be disclosed and for what purposes. For Q-Biz Solutions outsourced fund administration clients, Q-Biz Solutions receives and processes data on behalf of such clients and maintains the clients’ books and records on a Q-Biz Solutions managed IT platform. While such clients do not actively administer the data they have engaged Q-Biz Solutions to process, they are ultimately the ones who determine the scope, purposes and means of data processing.

Purposes of data processing: The Dynamo US Companies process data submitted by customers for the purpose of providing online services and certain professional services in accordance with the contracts these companies have with their respective customers. The Dynamo US Companies do that by accessing the provided data to perform specific technical or other professional tasks (within the scope of the agreed services and as requested by customers), to correct and address technical or service problems, or to follow other instructions of a customer who submitted the data, or in response to contractual requirements.

Inquiries and complaints: If you believe a Dynamo US Company maintains your personal data in one of the services within the scope of our Privacy Shield certification, you may direct any inquiries or complaints concerning our Privacy Shield compliance to privacy@dynamosoftware.com. We suggest that you put in the subject line “Privacy Policy” or “Privacy Complaint” and specify to which company and service your email relates. The relevant Dynamo US Company will respond within 30 days.

Dispute Resolution: If we fail to respond to your complaint in time, or if our response does not address your concern, before a claim is filed or any other dispute resolution option is sought, you should send us a written notification of dispute (via certified mail or personal delivery) arising out of or relating to your use of the Site or Dynamo or this privacy policy statement and both you and the relevant Dynamo US Company should attempt in good faith to negotiate a written resolution of the matter. If the matter remains unresolved for forty-five (45) days after the notification that a dispute exists, all parties shall join in mediation services in Boston, Massachusetts with a mutually agreed mediator in an attempt to resolve the dispute.

Our alternative dispute resolution provider JAMS is available to assist in resolving disputes under the Privacy Shield program, up to the point of any final arbitration invoked in accordance with the procedures and conditions set forth in the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework. You can find more information about opening a Privacy Shield case with JAMS here.

Should you file any arbitration claims, or any administrative or legal actions without first having attempted to resolve the matter by mediation, then you agree that to the maximum extent permitted by applicable law, you will not be entitled to recover attorneys’ fees, even if you would otherwise be entitled to them.

If, after attempting to resolve your complaint or dispute via mediation you still believe that your concerns have not been addressed and you need to continue the dispute, you can invoke binding arbitration as a last resort (if permitted with respect to your complaint), by providing notice to us in the manner indicated in the Annex, and following the procedures set forth in Annex I to the Privacy Shield Principles. The location of the arbitration will be the United States, and, although in-person participation will not be required, you may choose to do so or to participate remotely – you will be provided with an opportunity for video or telephone participation at no cost. However, you agree that to the maximum extent permitted by applicable law, you will not be entitled to recover attorneys’ or arbitration fees, even if you would otherwise be entitled to them.

Finally, EU, UK and Swiss individuals have the right to initiate a private cause of action. The Dynamo US Companies commit to follow up in the verification that the attestations and assertions made in the Privacy Policy are true, and to remedy problems that arise as a direct result of our failure to comply with the Privacy Shield Principles.

Third parties who may receive personal data: The Dynamo US Companies use affiliated companies from the same economic group, based in the European Union and the United Kingdom, to assist us in providing our services to customers. Authorized representatives of our affiliates may access or process personal data in the course of assisting us to provide our service to clients. In addition, we use third-party service providers to provide data storage services. The Dynamo US Companies maintain contracts with all third parties which assist us in providing our services, restricting their access, use and disclosure of personal data in compliance with our Privacy Shield obligations, and the Dynamo US Companies may be liable if they fail to meet those obligations and we are responsible for the event giving rise to the damage.

Your rights to access, to limit use, and to limit disclosure: EU individuals, Swiss individuals and UK individuals have rights to access personal data about them, and to limit use and disclosure of their personal data. With our Privacy Shield certification, the Dynamo US Companies have committed to respect those rights. Because the Dynamo US Companies personnel have limited ability to access data our customers submit to our services, if you wish to request access, to limit use, or to limit disclosure, please provide the name of the organization that submitted your data to our services. We will refer your request to that organization, and will support them as needed in responding to your request.

U.S. Federal Trade Commission enforcement: The commitments of the Dynamo US Companies under the Privacy Shield are subject to the investigatory and enforcement powers of the United States Federal Trade Commission.

Compelled disclosure: The Dynamo US Companies may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.