ReachForce Privacy Shield Notice
Effective Date: October 2017
ReachForce complies with the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks as set forth by the U.S. Department of Commerce, and the European Commission and Swiss Administration, respectively, regarding the collection, use, and retention of personally identifiable information from the European Union and Switzerland. Both Privacy Shield Frameworks are defined to provide companies on either side of the Atlantic with a mechanism to comply with data protection requirements when transferring personal data from the European Union and Switzerland to the United States in support of transatlantic commerce. The EU-U.S. Privacy Shield Framework is a component of the EU General Data Protection Regulation (GDPR) allowing U.S. companies, or EU companies working with U.S. companies, to meet the requirements of the GDPR. ReachForce has certified that it adheres to the Privacy Shield Frameworks principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. More information regarding the Privacy Shield program is located at https://www.privacyshield.gov/.
To view ReachForce Inc.’s certification, please visit https://www.privacyshield.gov/participant?id=a2zt0000000TNAqAAO.
Types of Personal Data Collected
ReachForce’s customers determine the types of data they submit to ReachForce to process on their behalf in the course of using ReachForce’s digital and services marketing data management products. Personal data provided by customers consists mostly of business-related information such as first and last name, company or account information, business role, professional title, business contact information, as well as, connection information (e.g., IP addresses).
Purposes of Collection and Use of Personal Data
ReachForce acts only as a data processor with respect to personal information from the EU and Switzerland that it receives from its customers. Accordingly, ReachForce has no direct relationship with the individuals whose information it receives from its customers or their business partners. ReachForce does not control such information. ReachForce only processes the data it receives from customers to verify quality and or improve the completeness of the business information for its customer’s marketing purposes. ReachForce does not determine the purpose for which it is processed.
Separately, ReachForce receives personal data from its customers, prospective customers and business partners for its own sales and marketing activities and internal business operations. ReachForce determines the purposes and means of processing such information and, in this context, acts as a data controller.
Disclosure of Personal Data to Third Parties
ReachForce may share personal data we collect with a limited number of third parties who process personal data on our behalf to provide ReachForce’s services, such as subcontractors, as well as to select business partners with whom our customers have independently contracted and authorized such disclosures in connection with our services. ReachForce may also disclose personal data to service providers contracted to provide services on our behalf.
Onward Transfer Liability
If a third party processes personal data on behalf of ReachForce in a manner inconsistent with the Privacy Shield Principles, ReachForce could be liable unless ReachForce can prove that it is not responsible for the event giving rise to any damage.
Choices and Means to Access, Limit Use and Limit Disclosure of Personal Data
EU and Swiss residents have the right to access personal data about them and to request the correction, amendment, removal and/or limitation of the use and disclosure of their personal data processed by ReachForce. Such requests should be sent by email to email@example.com or by regular mail to:
ATTN: Data Security and Privacy Officer
2711 W. Anderson Lane Suite 200
Austin, TX 78757
ReachForce has limited access to data we process on behalf of our customers in connection with our services. Therefore, requests to access, correct, amend, remove and/or limit the use and disclosure of personal data that ReachForce processes on behalf of its customers should include the name of the ReachForce customer who submitted your personal data to ReachForce. We will forward such requests to the identified customer to respond directly to you and we will provide any necessary assistance in that customer’s response to your request.
Dispute Resolution and Arbitration
If you reside within the EU or Switzerland, any inquiries or complaints regarding ReachForce’s compliance with the Privacy Shield program should be sent to the ReachForce email and postal addresses set forth above. ReachForce will respond within 45 days.
If you are not completely satisfied with the resolution of your data privacy concern in working with ReachForce directly, you may contact our dispute resolution provider, DMA, for assistance in resolving your privacy shield data privacy complaint. DMA may be reached at:
Data & Marketing Association
Attn: Privacy Shield Program
225 Reinekers Lane, Suite 325
Alexandria, VA 22314
Under certain conditions, individuals may be able to invoke binding arbitration before the Privacy Shield Panel jointly created by the U.S. Department of Commerce and the European Commission.
Federal Trade Commission Enforcement
ReachForce is subject to the investigatory and enforcement powers of the Federal Trade Commission with respect to its compliance with the EU-U.S. Privacy Shield Framework.
Disclosure Requests by Public Authorities
ReachForce may be required to disclose your personal data in response to a lawful request by public authorities, including to meet national security or law enforcement requests.