- Contact information (such as name, postal or e-mail address, and phone or fax number)
- Business contact information (such as job title, department and name of organization, business address, e-mail address, mobile telephone number)
- Country of origin information (from which country you are accessing the Web Site)
- Usernames and passwords used to access Duravant resources
- Financial information (such as financial account information used for payment purposed and/or information that may be contained in a consumer report)
- Contact information for referrals or other individuals you would like us to contact
- Content you provide (such as photographs, articles and comments)
- Employment information (such as employment history, employee number, performance appraisals, salary and benefits)
- Mobile device unique identifier
- Social Media identifier (such as Facebook, LinkedIn or Twitter Identification)
- Geo-location data
- Other information (such as language preference)
Duravant’s Compliance with the Privacy Shield Principles
Data Subjects have the right to opt out of (a) disclosures of their Personal Data to third parties not identified at the time of collection or subsequently authorized, and (b) uses of Personal Data for purposes materially different from those disclosed at the time of collection or subsequently authorized. Data Subjects who wish to limit the use or disclosure of their Personal Data should submit that request to Duravant’s Data Protection Officer using the contact information listed below. Duravant will cooperate with the Data Subjects’ instructions regarding Data Subjects’ choices.
Data Subjects have the right to opt out of (a) disclosures of their Personal Data to third parties not identified at the time of collection or subsequently authorized, and (b) uses of Personal Data for purposes materially different from those disclosed at the time of collection or subsequently authorized. Data Subjects who wish to limit the use or disclosure of their Personal Data should submit that request to Duravant’s Data Protection Officer. Duravant will cooperate with the Data Subjects’ instructions regarding Data Subjects’ choices.
Duravant maintains reasonable and appropriate measures to protect Data Subjects from loss, misuse and unauthorized access, disclosures, alterations and destruction taking in to account the risk involved in the processing and the nature of Personal Data. Unfortunately, no site, server or database is completely secure or "hacker proof." We therefore cannot guarantee that information about you will not be disclosed, misused or lost by accident or by the unauthorized acts of others.
PURPOSE LIMITATION AND DATA INTEGRITY
Duravant limits collection of Personal Data to that which is necessary to accomplish the purposes disclosed to Data Subjects and compatible purposes. Duravant is responsible for the processing of Personal Data consistent with such purposes. Duravant will process Personal Data only in compliance with applicable law and, to the extent consistent therewith, in accordance with the Data Subjects’ instructions.
Duravant will ensure that [(a) Personal Data maintained by Duravant is accurate, complete, current and reliable for its intended uses; and (b) Personal Data is retained only for as long as is necessary to accomplish the legitimate business purposes disclosed to the Data Subject and for any compatible purposes. Duravant will cooperate with reasonable requests for assistance in meeting these obligations.
Duravant will request only the minimum amount of information required to perform the applicable services and will retain such information only for as long as necessary to provide the services or for compatible purposes, such as to provide additional services, to comply with legal requirements, or to preserve or defend Duravant’s legal rights.
Duravant will not disclose Personal Data to a third party, except as stated below:
Duravant may disclose Personal Data to subcontractors and third-parties such as business partners, vendors and marketing agencies in connection with the use of our products and services or potential business or employment relationship with us. Before disclosing Personal Data to a subcontractor or third-party agent, Duravant will obtain assurances by contractual agreement from the recipient that it will: (i) transfer such data only for limited and specified purposes; (ii) ascertain that the subcontractor or third-party agent is obligated to provide at least the same level of privacy protection as is set forth in this policy; (iii) take reasonable and appropriate steps to ensure that subcontractors and third-party agents effectively processes the personal information transferred in a manner consistent with the organization’s obligations under the Principles; (iv) require subcontractors and third-party agents to notify the organization if it makes a determination that it can no longer meet its obligation to provide the same level of protection as is set forth in this policy; (v) upon notice, including under (iv), take reasonable and appropriate steps to stop and remediate unauthorized processing; and (vi) provide a summary or a representative copy of the relevant privacy provisions of its contract with subcontractors and third-party agents to the Department of Commerce upon request.
Duravant may also be required to disclose, and may disclose, Personal Data in response to lawful requests by public authorities, including for the purpose of meeting national security or law enforcement requirements or in the event of a merger or acquisition. To the extent permitted, Duravant will inform Data Subjects before making such disclosure and provide it with a reasonable opportunity to object to such disclosure.
Durvant’s accountability for personal data that it receives in the United States under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, Duravant remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process the personal data on its behalf do so in a manner inconsistent with the Principles, unless Duravant proves that it is not responsible for the event giving rise to the damage.
RECOURSE, ENFORCEMENT & LIABILITY
With respect to personal data received or transferred pursuant to the Privacy Shield Frameworks, Duravant is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission.
In compliance with the Privacy Shield Principles, Duravant commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to Privacy Shield. European Union and Swiss individuals with Privacy Shield inquiries or complaints should first contact Duravant’s Data Protection Officer by emailing firstname.lastname@example.org or by calling 630.635.3910.
Duravant has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers for more information and to file a complaint. This service is provided free of charge to you.
If your complaint involves human resources data transferred to the United States from the EU and/or Switzerland in the context of the employment relationship, and Duravant does not address it satisfactorily, Duravant commits to cooperate with the panel established by the EU data protection authorities (DPA Panel) and/or the Swiss Federal Data Protection and Information Commissioner, as applicable and to comply with the advice given by the DPA panel and/or Commissioner, as applicable with regard to such human resources data. To pursue an unresolved human resources complaint, you should contact the state or national data protection or labor authority in the appropriate jurisdiction. Complaints related to human resources data should not be addressed to the BBB EU PRIVACY SHIELD.
Contact details for the EU data protection authorities can be found at http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm
If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/.
For More Information
Data Subjects with questions about how Duravant processes Personal Data should contact Duravant’s Data Protection Officer can be contacted email at email@example.com or by calling 630.365.3910.
This policy is executed in English and has been translated into other languages. In the event of any conflict or discrepancy between the English language version and a translated version, the English language version of this policy shall control.
Duravant may revise this Policy at any time. If Duravant decides to materially change this Policy, Duravant will post the revised Policy at this location.
Effective Date: June 7, 2018.