NEHANET Notice of Certification Under the EU-U.S. and the Swiss-US-Privacy Shield Frameworks

Scope of this Notice

NEHANET Corporation complies with the Swiss – U.S. Privacy Shield Framework and the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the retention, collection, and use of personal information transferred from the European Union and Switzerland to the United States.  NEHANET Corporation has certified to the Department of Commerce that it adheres to the principles of the Swiss-U.S. Privacy Shield Framework (“Principles”) and EU-U.S. Privacy Shield Framework with respect to personal data submitted by NEHANET`s customers to the NEHANET Product (”Customer Data”). NEHANET certifies compliance with the Security, Principles of Notice, Choice, Accountability for Onward Transfer, Enforcement and Liability, Data Integrity and Purpose Limitation, Access, and Recourse. The Privacy Shield Principles shall govern if there is any conflict between the Privacy Policy and the Privacy Shield Principles.  To view our certification page, and to learn more about the Privacy Shield program, please visit https://www.privacyshield.gov/participant?id=a2zt00000008URpAAM&status=Active.

This Notice does not apply to the data that we receive directly through NEHANET’s publicly accessible websites, or to NEHANET (and its subsidiary’s) employee data.

Purposes

Pursuant to our subscription agreement, NEHANET processes Customer Data. Customers may also engage us for professional services and customer support, and our products may be deployed On-Site or On-Demand. NEHANET may access Customer Data to fulfill our contractual obligations, provide services, correct and address technical or service problems, or follow instructions of the customer who submitted the data.

Compelled disclosure

In response to lawful requests by public authorities, and to meet national security or law enforcement requirements, NEHANET may be required to disclose personal information.

Third Parties who may receive personal data (Onward Transfer)

To assist us in providing our services to customers, NEHANET may engage a limited number of third-party service providers (Subprocessors). In the course of providing their services, these third parties may access, process, or store personal data.

NEHANET maintains contracts with these third parties restricting their access, use, and disclosure of personal data in compliance with our Privacy Shield obligations. If the third parties fail to meet their obligations, NEHANET may be liable.

Data access and correction, your choices for limiting use and disclosure

If our product holds your personal data, and if you are an individual based in the EU or in Switzerland, you may request access to your personal data. You may update, correct or delete your personal data. As per the Swiss-US Privacy Shield Framework and the EU-US Privacy Shield Framework requirements, NEHANET offers data subjects a choice to opt out of uses and disclosures of their data that are sufficiently different from the purposes for which that data was originally collected and authorized. NEHANET respects these rights.

NEHANET does not have any personal relationship with the individuals whose personal data it processes, and NEHANET personnel has limited ability to access data submitted by its customers to the NEHANET Product. If you wish to request access to, correct or delete, or limit the use or disclosure of your personnel data please provide us the name of the NEHANET customer who has submitted your data into the NEHANET Product. We will refer your request to that customer and will support our customer as needed in responding to your request.

Data processed (categories of data)

NEHANET, together with our subsidiaries (“We”), sells customer relationship management (CRM) solutions that our customers use to manage their customer relationships. NEHANET processes data our customers enter into our products or instruct us to process on their behalf to provide these tools. NEHANET`s customers decide what to enter, and NEHANET typically is not aware of the contents of what is being stored. Generally, the information includes business-related information about our customers’ sales leads, prospects, and/or customers (e.g. work e-mail addresses, names, work phone numbers, business addresses, etc.).

Data Integrity & Security

NEHANET has implemented procedural and technological measures to help protect personal information from unauthorized access, destruction, loss, alteration, disclosure. Among other measures, we have established technical safeguards such as security patches and firewalls, and have implemented physical security measures such as key cards.

Inquiries and complaints

Please direct inquiries or complaints concerning our Privacy Shield compliance to NEHANET Corporation, 5001 Great America Parkway Suite 250, Santa Clara, CA 95054, call us at 1-888-552-4470, or email us at info@nehanet.com. We will attempt to resolve complaints and disputes in a manner that complies with the principles described in this Notice. If our response does not address your concern, or if you have a concern that cannot be resolved with us directly within forty-five (45) days, please refer to JAMS, an independent third party dispute resolution body. JAMS responds to complaints and provides appropriate dispute resolution for free. To contact JAMS, learn more about the company’s dispute resolution services, and find instructions for submitting a complaint, please visit: https://www.jamsadr.com/eu-us-privacy-shield. You may pursue binding arbitration through the Privacy Shield Panel if neither NEHANET nor JAMS resolves your complaint.

U.S. Federal Trade Commission enforcement

NEHANET’s commitments under the Privacy Shield are subject to the investigatory and enforcement powers of the United States Federal Trade Commission.