Privacy Shield Framework Policy
Last Updated: October 30, 2020
This Statement governs European Personal Data transferred from countries in the EU or Switzerland to the United States on behalf of QuessGTS or its customers. It applies to European Personal Data in electronic and off-line formats. “European Personal Data” means information that can directly or indirectly lead to the identification of a living person, such as an individual’s name, address, e-mail, telephone number, license number, social security number, medical identification number, photograph, or other identifying characteristic. The identification can occur by reference to one or more factors specific to the individual’s physical, physiological, mental, economic, cultural or social identity. European Personal Data does not include information that has been anonymized, encoded or otherwise stripped of its identifiers, or information that is publicly available, unless combined with other non-public personal information.
QuessGTS may receive European Personal Data from its customers for purposes of providing services to its customers. In connection with providing the services, QuessGTS may collect passwords, user names, and other data from customer networks, which may incidentally include European Personal Data for the exclusive purposes of performing the services on behalf of its customers. At all times with respect to European Personal data collected on behalf of its customers, and not for any other purpose under US federal or state law, QuessGTS acts as a mere “data processor” (as that term is defined under applicable EU or Swiss law or otherwise referred to under the Privacy Shield Framework as an “agent”).
You have the right to choose (opt out) whether your personal information is to be disclosed to a third party or be used for a purpose that is materially different from the purpose for which it was originally collected or subsequently authorized by you. If you wish to opt out or have questions, please contact QuessGTS at [email protected] or in writing at MFXchange US, Inc. Attention: Privacy Officer, 201 Littleton Road, Suite 220, Morris Plains, NJ 07950
You have a right to access any of your European Personal Data which QuessGTS may collect or process. You also have a right to request that this data be corrected or removed from our servers.
Resolution of Complaints
In compliance with the Privacy Shield Principles, Quess GTS commits to resolve complaints about our collection or use of your personal information. (EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact QuessGTS at MFXchange US, Inc. Attention: Privacy Officer, 201 Littleton Road, Suite 220, Morris Plains, NJ 07950)
QuessGTS commits to cooperate with the International Centre for Dispute Resolution /American Arbitration Association (ICDR/AAA), http://go.adr/org/privacyshield.html in the event you do not receive acknowledgement of your inquiry or your inquiry has not been satisfactorily addressed.
The Federal Trade Commission has jurisdiction over QuessGTS’s compliance with the Privacy Shield.
QuessGTS may also disclose European Personal Data as necessary in connection with the sale or transfer of all or part of its business. QuessGTS does not currently disclose our customers’ European Personal Data to third parties or use third parties for the purposes of processing European Personal Data. If such a situation were to occur in the future, and QuessGTS were to disclose European Personal Data to any third parties acting as “agents” on behalf of QuessGTS, QuessGTS will require the recipient to protect the European Personal Data in accordance with the relevant principles of the Privacy Shield Framework, or otherwise take steps to ensure that the European Personal Data is appropriately protected. In the context of such an onward transfer, QuessGTS has responsibility for the processing of European Personal Data it receives and subsequently transfers to a third party acting as an agent on its behalf. QuessGTS shall remain liable under the Principles if its agent processes such European Personal Data in a manner inconsistent with the Principles, unless QuessGTS proves that it is not responsible for the event giving rise to the damage. QuessGTS may disclose European Personal Data where required or permitted by law, where QuessGTS believes that such disclosures are appropriate in connection with a law enforcement request or otherwise permitted by the Privacy Shield Framework, or in order to investigate, prevent, or take action regarding illegal activities or suspected fraud, or enforce, administer or apply QuessGTS’s agreements.
An individual has the possibility, under certain conditions, to invoke binding arbitration for complaints regarding Privacy Shield compliance not resolved by any of the other Privacy Shield mechanisms. For additional information, see https://www.privacyshield.gov/article?id=ANNEX-I-introduction.
If you have any questions about this Policy, or if you would like to request access to European Personal Data that QuessGTS may maintain about you, please contact QuessGTS at [email protected] or in writing at: MFXchange US, Inc. Attention: Privacy Officer, 201 Littleton Road, Suite 220, Morris Plains, NJ 07950.