Introduction
Exponential Edge Inc. complies with the U.S.-EU Safe Harbor Framework and the U.S.-Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland. Exponential Edge, Inc. has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view Exponential Edge, Inc.’s certification, please visit http://www.export.gov/safeharbor/
Exponential Edge, Inc. (the "Company") is a management consulting services provider that offers market research that helps global companies, governments, and organizations to understand business, consumer and employee insights and market trends. Protecting
consumer privacy is important to the Company. The Company and its affiliated
United States subsidiaries (hereinafter collectively referred to as the
Company, we, us or our)
adhere to the Safe Harbor Agreement concerning the transfer of personal
data from the European Union (EU) to the United States of
America. Accordingly, we follow the Safe Harbor Principles published by
the U.S. Department of Commerce (the Principles) with respect
to all such data. If there is any conflict between the policies in this
privacy policy and the Principles, the Principles shall govern. This privacy
policy outlines our general policy and practices for implementing the
Principles, including the types of information we gather, how we use it
and the notice and choice affected individuals have regarding our use
of and their ability to correct that information. This privacy policy
applies to all personal information received by the Company whether in
electronic, paper or verbal format.
Definitions
Personal Information or Information
means information that (1) is transferred from the EU to the United States;
(2) is recorded in any form; (3) is about, or pertains to a specific individual;
and (4) can be linked to that individual.
Sensitive Personal Information means personal
information that reveals race, ethnic origin, sexual orientation, political
opinions, religious or philosophical beliefs, trade union membership or
that concerns an individuals health.
Principles
Notice
Company shall inform an individual of the purpose for which it collects
and uses the Personal Information and the types of non-agent third parties
to which the Company discloses or may disclose that Information. Company
shall provide the individual with the choice and means for limiting the
use and disclosure of their Personal Information. Notice will be provided
in clear and conspicuous language when individuals are first asked to
provide Personal Information to the Company, or as soon as practicable
thereafter, and in any event before the Company uses or discloses the
Information for a purpose other than for which it was originally collected.
Choice
The Company will offer individuals the opportunity to choose (opt out)
whether their Personal Information is (1) to be disclosed to a third party
or (2) to be used for a purpose other than the purpose for which it was
originally collected or subsequently authorized by the individual. For
Sensitive Personal Information, the Company will give individuals the
opportunity to affirmatively or explicitly (opt out) consent to the disclosure
of the information for a purpose other than the purpose for which it was
originally collected or subsequently authorized by the individual. Company
shall treat Sensitive Personal Information received from an individual
the same as the individual would treat and identify it as Sensitive Personal
Information.
Onward Transfers
Prior to disclosing Personal Information to a third party, Company shall
notify the individual of such disclosure and allow the individual the
choice (opt out) of such disclosure. Company shall ensure that any third
party for which Personal Information may be disclosed subscribes to the
Principles or are subject to law providing the same level of privacy protection
as is required by the Principles and agree in writing to provide an adequate
level of privacy protection.
Data Security
Company shall take reasonable steps to protect the Information from loss,
misuse and unauthorized access, disclosure, alteration and destruction.
Company has put in place appropriate physical, electronic and managerial
procedures to safeguard and secure the Information from loss, misuse,
unauthorized access or disclosure, alteration or destruction. Company
cannot guarantee the security of Information on or transmitted via the
Internet.
Data Integrity
Company shall only process Personal Information in a way that is compatible
with and relevant for the purpose for which it was collected or authorized
by the individual. To the extent necessary for those purposes, Company
shall take reasonable steps to ensure that Personal Information is accurate,
complete, current and reliable for its intended use.
Access
Company shall allow an individual access to their Personal Information
and allow the individual to correct, amend or delete inaccurate information,
except where the burden or expense of providing access would be disproportionate
to the risks to the privacy of the individual in the case in question
or where the rights of persons other than the individual would be violated.
Enforcement
Company uses a self-assessment approach to assure compliance with this
privacy policy and periodically verifies that the policy is accurate,
comprehensive for the information intended to be covered, prominently
displayed, completely implemented and accessible and in conformity with
the Principles. We encourage interested persons to raise any concerns
using the contact information provided and we will investigate and attempt
to resolve any complaints and disputes regarding use and disclosure of
Personal Information in accordance with the Principles.
If a complaint or dispute cannot be resolved through our internal process,
we agree to dispute resolution using (an independent resource mechanism)
as a third party resolution provider.
Amendments
This privacy policy may be amended from time to time consistent with the
requirements of the Safe Harbor. We will post any revised policy on this
website.
Information Subject to Other Policies
The Company is committed to following the Principles for all Personal
Information within the scope of the Safe Harbor Agreement. However, certain
information is subject to policies of the Company that may differ in some
respects from the general policies set forth in this privacy policy.
Contact Information
Questions, comments or complaints regarding the Companys
Safe Harbor Policy or data collection and processing practices can be
mailed to:
Exponential Edge, Inc.
Attn: Legal Department
228 Hamilton Avenue, Suite 300
Palo Alto, CA 94301
Effective date: November 1, 2009
|