Knoetic, Inc. (“Knoetic”) complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Framework (the “Frameworks”) as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of Personal Information (as defined below) that is transferred from the European Economic Area (“EEA”), the United Kingdom and Switzerland to the United States pursuant to Privacy Shield. Knoetic has certified that it adheres to the Privacy Shield Principles (the “Principles”) with respect to such data. If there is any conflict between this Privacy Shield Policy (“Policy”) and the Principles, the Principles will govern. To learn more about the Frameworks, and to view our certification, please visit www.privacyshield.gov.
Knoetic notes that the Court of Justice of the European Union issued a judgment declaring as “invalid” the European Commission’s Decision (EU) 2016/1250 of 12 July 2016 on the adequacy of the protection provided by the EU-U.S. Privacy Shield. Knoetic will continue to abide by its Privacy Shield commitments, as further outlined below. In addition, where required by applicable EU law, Knoetic will rely on alternative mechanisms for transferring personal data from the EEA, the United Kingdom and Switzerland to the United States. This includes explicit consent, performance of our contract obligations, and standard contractual clauses.
Personal Information Received from the European Economic Area, the United Kingdom, and Switzerland
How We Obtain Personal Information
We obtain and process Personal Information in different capacities.
For all types of processing, Knoetic commits to the Principles of the Privacy Shield with respect to all Personal Information received from the EEA, the United Kingdom and Switzerland.
When we act as data processor, our commercial customers determine the categories of data we process on their behalf, and the purposes of the processing. Accordingly, our commercial customers are responsible for providing notice to individuals and you should review their privacy policies for more information regarding their data processing practices.
Data Integrity and Purpose Limitation
We use reasonable and appropriate measures to protect your Personal Information from loss, misuse, unauthorized access, disclosure, alteration, and destruction, taking into account the risks involved in the processing and the nature of the Personal Information.
We will give you an opportunity to choose whether your Personal Information may be used for a purpose that is materially different from the purposes for which it was originally collected or subsequently authorized by you, or if we intend to disclose it to a third party acting as a data controller that we have not previously disclosed to you. In such circumstances, we will notify you and offer you the opportunity to opt-out of such uses and/or disclosures where non-sensitive Personal Information is involved, and to opt-in where sensitive Personal Information is involved. To request to limit the use and disclosure of your personal information, please submit a written request to email@example.com .
Access to Personal Information
Pursuant to the Privacy Shield Frameworks, EU, United Kingdom and Swiss individuals have the right to obtain our confirmation of whether we maintain personal information relating to you in the United States. Where appropriate, Knoetic will provide you with access to the Personal Information that we maintain about you. Knoetic will also correct, amend or delete Personal Information that we maintain about you when it is inaccurate or has been processed in violation of the Principles and you send a written request to us using the information provided in the “Contact Information” section below. We will review your request in accordance with the Principles, and may limit or deny access to Personal Information where providing such access is unreasonably burdensome or expensive under the circumstances, or as otherwise permitted by the Principles.
When we act as data processor, our commercial customers control the type of information we process, how that information is used and disclosed, and how it can be modified. Accordingly, if you wish to request access, limit use or disclosure of your Personal Information, please contact the customer(s) that submitted your data to us. If you provide us with the name(s) of the customer(s), we will refer your request to those customer(s), and will support them as needed in responding to your request.
Recourse and Enforcement
We conduct an annual self-assessment of our Personal Information practices to verify that the attestations and assertions made in this Policy are true and have been implemented as represented.
If you have any questions or concerns, we encourage you to first write to us at the address listed below. We will investigate and attempt to resolve any complaints or disputes regarding our use and disclosure of Personal Information in accordance with the Principles.
If an issue cannot be resolved through our internal dispute resolution mechanism, Knoetic has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, JAMS Privacy Shield Dispute Resolution. Please visit https://www.jamsadr.com/eu-us-privacy-shield to file a claim. This service is provided free of charge to you.
If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction
If you have questions, concerns, or complaints about this Privacy Shield Policy or Knoetic’s privacy practices, or if you would like to exercise your rights and choices with regard to your Personal Information, please contact us by email at firstname.lastname@example.org .
Privacy Shield Policy Changes
This Policy may be changed from time to time, consistent with the requirements of the Frameworks. You can determine when this Policy was last revised by referring to the “Last Updated” legend at the bottom of this Policy. Any changes to this Policy will become effective when posted to our website.
Last Updated: October 12, 2021