Privacy Shield and GDPR Notice
Data Safeguarding Measures
Data Safeguarding Measures
Effective: May 25th, 2018
Customer shall make available to TeleMessage and Customer authorizes TeleMessage to process information including personal data for the provision of the Services under the Agreement. The parties have agreed to enter into a Data Protection Agreement to confirm the data protection provisions relating to their relationship and so as to meet the requirements of applicable Privacy Laws..
Effective: November 14th, 2016
TeleMessage (“We” or “Our”) has certified with the EU-U.S. Privacy Shield with respect to the personal data we receive and process on behalf of our customers through our messaging tools and platform (the “Services”). TeleMessage certifies that it adheres to the Privacy Shield Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement for personal data submitted by our customers in participating European countries through the Services, and our Privacy Shield certification will be available here. We may also process personal data our customers submit relating to individuals in the EU via other compliance mechanisms, including data processing agreements based on the EU Standard Contractual Clauses.
TeleMessage commits to cooperate with EU data protection authorities (DPAs) and comply with the advice given by such authorities with regard to human resources data transferred from the EU in the context of the employment relationship. In compliance with the Privacy Shield Principles, TeleMessage commits to resolve complaints about our collection or use of your personal information. Individuals in the European Union with inquiries or complaints regarding our Private Shield policy should first contact TeleMessage at firstname.lastname@example.org. TeleMessage has further committed to refer unresolved Privacy Shield complaints to JAMS, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact or visit https://www.jamsadr.com/eu-us-privacy-shield for more information or to file a complaint. The services of JAMS are provided at no cost to you.
We provide the Services so that our customers can communicate and operate aspects of their businesses. In providing these Services, we process data our customers submit to the Services or instruct us to process on their behalves in connection with the Services (“Customer Data”). While our customers decide what data to submit, Customer Data typically includes profile information and communications between users or among groups of users (e.g., channels), including message text, files, comments, and links.
Purposes of Data Processing
We process Customer Data submitted by customers for the purpose of providing the Services to customers. To fulfill these purposes, we may access data to provide the Services, to prevent or address service or technical problems, to respond to customer support matters, to follow the instructions of our customer who submitted the data, or in response to contractual requirements with our customers.
Third Parties With Whom We May Share Customer Data
We use a limited number of third party providers to assist us in providing the Services to our customers. As of the date hereof, these third party providers perform technical operations such as database monitoring, data storage and hosting services and customer support software tools. These third parties may access, process or store personal data in the course of providing these services, but based on our instructions only.
If we receive personal data subject to our certification under the Privacy Shield and then transfer it to a third-party service provider acting as an agent on our behalf, we have certain liability under the Privacy Shield if both (i) the agent processes the personal data in a manner inconsistent with the Privacy Shield and (ii) we are responsible for the event giving rise to the damage.
Questions or Complaints:
If you are a resident of a European country participating in the Privacy Shield and you believe we maintain your personal data within the scope of this Privacy Shield certification, you may direct any questions or complaints concerning our Privacy Shield compliance to email@example.com or at our mailing address:
468 Great Road, Ste 2
Acton, MA 01720
We will work with you to resolve your issue.
If you are a resident of a European country participating in the Privacy Shield and you have not received timely response to your concern, or we have not addressed your concern to your satisfaction, you may seek further assistance, at no cost to you, from JAMS mediators and arbitrators, which is an independent dispute resolution body in the United States.
We also commit to cooperate with competent EU data protection authorities (DPAs) with regard to our customers end users’ human resources data transferred from a European country participating in the Privacy Shield in the context of the employment relationship.
You may also be able to invoke binding arbitration for unresolved complaints but prior to initiating such arbitration, a resident of a European country participating in the Privacy Shield must first: (1) contact us and afford us the opportunity to resolve the issue; (2) seek assistance from JAMS; and (3) contact the U.S. Department of Commerce (either directly or through a European Data Protection Authority) and afford the Department of Commerce time to attempt to resolve the issue. If such a resident invokes binding arbitration, each party shall be responsible for its own attorney’s fees. Please be advised that, pursuant to the Privacy Shield, the arbitrator(s) may only impose individual-specific, non-monetary, equitable relief necessary to remedy any violation of the Privacy Shield Principles with respect to the resident.
U.S. Federal Trade Commission Enforcement
Our Privacy Shield compliance is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).
Right of Access
Requirement to Disclose
We may disclose personal data when we have a good faith belief that such action is necessary to: conform to legal requirements or to respond to lawful requests by public authorities, including to meet national security or law enforcement requirements; or to enforce our contractual obligations.