Smart Communications Privacy Shield Notice

Smart Communications Privacy Shield Notice

Late Updated: May 05, 2018

SmartComms, LLC (“Smart Communications”) complies with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use and retention of Personal Data transferred from the European Union to the United States.

Smart Communications has certified to the Department of Commerce that it adheres to the Privacy Shield Principles of notice; choice; accountability for onward transfer; security; data integrity and purpose limitation; access; and recourse, enforcement, and liability. If there is any conflict between the terms of this Privacy Shield Notice and the Privacy Shield Principles, the Privacy Shield Principles shall govern.

To learn more about the Privacy Shield Program and to view our certification, please visit https://www.privacyshield.gov/

Definitions

In this Privacy Shield Notice the following words have defined meanings:

“Data Subject” means a natural person whose personal data is processed by controller or processor.

“Personal Data” means any information related to a Data Subject that can be used to directly or indirectly identify the person.

Personal Information

Smart Communications’ participation in the Privacy Shield applies to all personal data that we receive in reliance of the Privacy Shield. This Privacy Shield Notice supplements Smart Communication’s Privacy Policy where you will find details about the types of Personal Data we process and the purposes for which we collect and use personal information.

Data Transfers to Third Parties

In the event Smart Communications transfers Personal Data to a third party, we will do so consistent with any notice provided to Data Subject and any lawful bases for processing of such Personal Data, and only if the third party has given us contractual assurances that it will (i) process the Personal Data for limited and specified purposes consistent with any consent provided by the Data Subjects, (ii) provide at least the same level of protection as is required by the Privacy Shield Principles and notify us if it makes a determination that is cannot do so; and (iii) cease processing of the Personal Data or take other reasonable and appropriate steps to remediate if it makes such a determination. Smart Communications remains liable under the Privacy Shield Principles if a third party process Personal Data covered by this Privacy Shield Policy in a manner inconsistent with the Privacy Shield Principles, except where Smart Communications is not responsible for the event giving rise to the damages.

Access

Data Subjects whose Personal Data is covered by this Privacy Shield Notice have the right to access such Personal Data and to correct, amend or delete such Personal Data if it is inaccurate or has been processed in violation of the Privacy Shield Principles. These access rights may not apply in certain cases, including where the burden and expense of providing access, correction, amendment or deletion would be unreasonably burdensome or expensive under the circumstances or where it would violate the rights of someone other than the Data Subject.

If the EU Personal Data was provided to Smart Communications by one of our customers, Smart Communications may facilitate access to such Personal Data by directing the Data Subject to the customer that provided the Personal Data to Smart Communications.

Enforcement and Recourse

Smart Communications’ participation in the EU-U.S. Privacy Shield Framework is subject to investigation and enforcement by the Federal Trade Commission.

In compliance with the Privacy Shield Principles, Smart Communications commits to resolve complaints about our collection or use of a Data Subject’s Personal Data. Data Subjects with inquiries or complaints regarding this Privacy Shield Policy should first contact Smart Communications at: privacy@smartcommunications.com.

Smart Communications has further committed to cooperate with the panel established by the EU data protection authorities (“DPAs”) and comply with the advice given by the DPAs with regards to Personal Data transferred from the EU.

Under certain circumstances, a Data Subject may invoke binding arbitration. Please see the Privacy Shield Website for more information on conditions giving rise to binding arbitration.

Amendments to this Policy

This Privacy Shield Notice may be amended from time to time consistent with the requirements of the Privacy Shield.