Duravant LLC (“Duravant” or “Company”) complies with the EU-US Privacy Shield Framework and the Swiss – US Privacy Shield Framework set forth by the US Department of Commerce regarding the collection, use, and retention of Personal Data, as defined under the European Union’s General Data Protection Regulation, from European Union member countries and Switzerland, respectively.  Duravant has certified to the Department of Commerce that it adheres to the Privacy Shield Principle (the Principles”).  If there is any conflict between the policies in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/

Scope

This Privacy Shield Privacy Policy (the “Policy”) sets forth the privacy principles that Duravant follows when it receives and processes Personal Data from Data Subjects located in the European Economic Area (“EEA”) and Switzerland. For purposes of this Policy, “Personal Data” means information about an identified or identifiable individual that is received by Duravant in the U.S. from the EEA or Switzerland and recorded in any form. The types of Personal Data we may obtain includes the following:

  • Contact information (such as name, postal or e-mail address, and phone or fax number)
  • Business contact information (such as job title, department and name of organization, business address, e-mail address, mobile telephone number)
  • Country of origin information (from which country you are accessing the Web Site)
  • Usernames and passwords used to access Duravant resources
  • Financial information (such as financial account information used for payment purposed and/or information that may be contained in a consumer report)
  • Contact information for referrals or other individuals you would like us to contact
  • Content you provide (such as photographs, articles and comments)
  • Employment information (such as employment history, employee number, performance appraisals, salary and benefits)
  • Mobile device unique identifier
  • Social Media identifier (such as Facebook, LinkedIn or Twitter Identification)
  • Geo-location data
  • Other information (such as language preference)

Duravant’s Compliance with the Privacy Shield Principles

Duravant employees located in the U.S. may process Personal Data for Duravant customers, prospective customers, third party service providers and Duravant’s and its direct and indirect subsidiaries’ employees and prospective employees located in the EEA or Switzerland. Duravant may process Personal Data in the course of business operations and as more fully described above and in Duravant’s Privacy Policy. Duravant will apply the following Privacy Shield Principles to Personal Data physically or remotely transferred from the EEA or Switzerland to the U.S. 

ACCESS

Data Subjects have the right to access the Personal Data an organization holds about them. If such Personal Data is inaccurate or processed in violation of the Privacy Shield Principles, a Data Subject may also request that Personal Data be corrected, amended, or deleted.  

When Duravant receives Personal Data, it does so on behalf of the individual submitting such Personal Data.  To request access to, or correction, amendment or deletion of, Personal Data, Data Subjects should contact Duravant’s Data Protection Officer.  Duravant will cooperate with all reasonable requests to assist Data Subjects to exercise their rights under the Privacy Shield.

CHOICE

Data Subjects have the right to opt out of (a) disclosures of their Personal Data to third parties not identified at the time of collection or subsequently authorized, and (b) uses of Personal Data for purposes materially different from those disclosed at the time of collection or subsequently authorized.  Data Subjects who wish to limit the use or disclosure of their Personal Data should submit that request to Duravant’s Data Protection Officer.  Duravant will cooperate with the Data Subjects’ instructions regarding Data Subjects’ choices.

SECURITY

Duravant maintains reasonable and appropriate measures to protect Data Subjects from loss, misuse and unauthorized access, disclosures, alterations and destruction taking in to account the risk involved in the processing and the nature of Personal Data. Unfortunately, no site, server or database is completely secure or "hacker proof." We therefore cannot guarantee that information about you will not be disclosed, misused or lost by accident or by the unauthorized acts of others.

PURPOSE LIMITATION AND DATA INTEGRITY

Duravant limits collection of Personal Data to that which is necessary to accomplish the purposes disclosed to Data Subjects and compatible purposes. Duravant is responsible for the processing of Personal Data consistent with such purposes.  Duravant will process Personal Data only in compliance with applicable law and, to the extent consistent therewith, in accordance with the Data Subjects’ instructions.

Duravant will ensure that [(a) Personal Data maintained by Duravant is accurate, complete, current and reliable for its intended uses; and (b) Personal Data is retained only for as long as is necessary to accomplish the legitimate business purposes disclosed to the Data Subject and for any compatible purposes. Duravant will cooperate with reasonable requests for assistance in meeting these obligations.

Duravant will request only the minimum amount of information required to perform the applicable services and will retain such information only for as long as necessary to provide the services or for compatible purposes, such as to provide additional services, to comply with legal requirements, or to preserve or defend Duravant’s legal rights.

ONWARD TRANSFER

Duravant will not disclose Personal Data to a third party, except as stated below:

Duravant may disclose Personal Data to subcontractors and third-party agents. Before disclosing Personal Data to a subcontractor or third-party agent, Duravant will obtain assurances by contractual agreement from the recipient that it will: (i) transfer such data only for limited and specified purposes; (ii) ascertain that the subcontractor or third-party agent is obligated to provide at least the same level of privacy protection as is required by the Principles; (iii) take reasonable and appropriate steps to ensure that subcontractors and third-party agents effectively processes the personal information transferred in a manner consistent with the organization’s obligations under the Principles; (iv) require subcontractors and third-party agents to notify the organization if it makes a determination that it can no longer meet its obligation to provide the same level of protection as is required by the Principles; (v) upon notice, including under (iv), take reasonable and appropriate steps to stop and remediate unauthorized processing; and (vi) provide a summary or a representative copy of the relevant privacy provisions of its contract with subcontractors and third-party agents to the Department of Commerce upon request.

Duravant may also be required to disclose, and may disclose, Personal Data in response to lawful requests by public authorities, including for the purpose of meeting national security or law enforcement requirements or in the event of a merger or acquisition. To the extent permitted, Duravant will inform Data Subjects before making such disclosure and provide it with a reasonable opportunity to object to such disclosure.

RECOURSE, ENFORCEMENT & LIABILITY 

In compliance with the EU-US and Swiss-US Privacy Shield Principles, Duravant commits to resolve complaints concerning its processing of Personal Data in accordance with the Privacy Shield Principles. 

Any Data Subject who has a complaint about Duravant’s processing of his/her Personal Data should first contact Duravant’s Data Protection Officer by emailing data.protection@duravant.com or by calling 630.635.3910.
Duravant has further committed to refer unresolved privacy complaints under the EU-US Privacy Shield Principles and Swiss-US Privacy Shield Principles to an independent recourse mechanism, BBB EU PRIVACY SHIELD, operated by the Council of Better Business Bureaus (“BBB”). If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed by Duravant, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information and to file a complaint at no cost to you.
In addition to the above dispute resolution mechanisms, Data Subjects may invoke binding arbitration if their complaint is not resolved by the BBB or by the Department of Commerce after referral from the relevant data protection authority in the EEA or Switzerland. For more information about binding arbitration, visit https://www.privacyshield.gov.
Duravant is subject to the investigatory and enforcement powers of the Federal Trade Commission.

For More Information

Data Subjects with questions about how Duravant processes Personal Data should contact Duravant’s Data Protection Officer can be contacted email at data.protection@duravant.com or by calling 630.365.3910.

This policy is executed in English and has been translated into other languages. In the event of any conflict or discrepancy between the English language version and a translated version, the English language version of this policy shall control.

Changes to this Privacy Policy

Duravant may revise this Policy at any time.  If Duravant decides to materially change this Policy, Duravant will post the revised Policy at this location.

Effective Date:   May 21, 2018.