Workforce Apps
Workforce Apps

Privacy at Knowmadics

Your data. Your digital experience. Controlled by you.

E.U.-U.S. Privacy Shield Policy

 

Introduction

Knowmadics, Inc. (“Knowmadics”, “we”, “our” or “us”) complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Frameworks; as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and its Member States, the European Economic Area, the United Kingdom and/or Switzerland to the United States. Knowmadics has certified to the Department of Commerce that it adheres to the Privacy Shield Principles (the “Principles”). If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view Knowmadics’ certification, please visit https://www.privacyshield.gov/.

Definitions

“Data Subject” – an identified or identifiable natural person whose personal data is being collected, held, or processed by Knowmadics for the purposes of the 360 Aware® application.

“Personal Data” – any information relating to an identified or identifiable natural person (Data Subject); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Scope

Knowmadics complies with the Principles with respect to the Personal Data the company receives from its Data Subjects in the European Union and its Member States, the European Economic Area, the United Kingdom and/or Switzerland in connection with the use of the Knowmadics’ application and service, 360 Aware®.

Privacy Shield Principles

Knowmadics will apply the following Privacy Shield Principles to Personal Data transferred from the European Union and its Member States, the European Economic Area, the United Kingdom and/or Switzerland to the United States.

Notice

Knowmadics notifies Data Subjects covered by this Privacy Shield Policy about its practices regarding Personal Data received by Knowmadics in the U.S. from the European Union and its Member States, the European Economic Area, the United Kingdom and/or Switzerland in reliance on the respective Privacy Shield framework, including the types of Personal Data it collects about them, the purposes for which it collects and processes Personal Data, the types of third parties to which it discloses Personal Data and the purposes for which it does so, the rights of Data Subjects to access their Personal Data, the means for limiting its use and disclosure of Personal Data, how Knowmadics’ obligations under the Privacy Shield are enforced, and how Data Subjects can contact Knowmadics with any inquiries or complaints.

Choice

In accordance with the Principles, Knowmadics will offer Data Subjects an opportunity to choose whether to have their Personal Data used or disclosed, if the Personal data is to be disclosed to a third party, or used for a new purpose that is materially different than the purpose which the Personal Data was originally collected for or was subsequently authorized by the Data Subject.

As required by the Principles, Knowmadics obtains opt-in consent for certain uses and disclosures of Sensitive Personal Data. If Sensitive Personal Data covered by this Privacy Shield Policy is to be used for a new purpose that is different from that for which the Personal Data was originally collected or subsequently authorized, or is to be disclosed to a third party, Knowmadics will obtain the Data Subject’s explicit consent prior to such use or disclosure.

Requests to opt out of such uses or disclosures of Personal Data should be sent to the Knowmadics Data Privacy office by email to data.privacy@knowmadics.com.

Accountability for Onward Transfer

Knowmadics may transfer Personal Data to a client/customer third party acting as a controller whom they have been contracted with for the purposes of processing a Data Subject’s Personal Data. Consistent with the Principles, when Knowmadics does transfer Personal Data covered by this Privacy Shield Policy to a third party controller, Knowmadics will do so consistent with any notice provided to Data Subjects and any consent they have given, and only if the third party has given us contractual assurances that it will:

  • process the Personal Data for limited and specified purposes consistent with any consent provided by the Data Subjects,
  • provide at least the same level of protection as is required by the Privacy Shield Principles and notify us if it makes a determination that it cannot do so; and
  • cease processing of the Personal Data or take other reasonable and appropriate steps to remediate if it makes such a determination.

If Knowmadics has knowledge that a third party acting as a controller is processing Personal Data covered by this Privacy Shield Policy in a way that is contrary to the Privacy Shield Principles, Knowmadics will take reasonable steps to prevent or stop such processing.

In the context of an onward transfer Knowmadics has responsibility for the processing of personal information it receives under the Privacy Shield and subsequently transfers to a third party acting as an agent on its behalf. Knowmadics shall remain liable under the Principles if its agent processes such personal information in a manner inconsistent with the Principles, unless the organization proves that it is not responsible for the event giving rise to the damage.

Security

Knowmadics takes reasonable and appropriate measures including administrative, technical, personnel, and physical measures to protect Personal Data covered by this Privacy Shield Policy from loss, misuse, and unauthorized access, disclosure, alteration, and destruction, taking into due account the risks involved in the processing and the nature of the Personal Data.

Data Integrity and Purpose Limitation

Knowmadics collects and processes Personal Data covered by this Privacy Shield Policy that is relevant, specific and legitimate for the purposes of processing for the 360 Aware®application. Knowmadics does not process such Personal Data in a way that is incompatible with the purposes for which it has been collected or subsequently authorized by the Data Subject.

Knowmadics takes reasonable steps to ensure that such Personal Data is accurate, complete, current, and reliable for its intended use. Knowmadics takes reasonable and appropriate measures to comply with the requirement under the Privacy Shield to retain Personal Data only for as long as it serves a purpose of processing, which includes Knowmadics’ obligations to comply with professional standards, Knowmadics’ business purposes and unless a longer retention period is permitted by law, and it adheres to the Privacy Shield Principles as stated above for as long as it retains such Personal Data.

Knowmadics may also disclose Personal Data as necessary to defend itself in any legal proceedings and/or to assist and comply with lawful requests by public authorities, including national security or law enforcement requirements.

Access

Knowmadics will cooperate with Data Subject’s reasonable requests to exercise their rights to access Personal data and to correct, amend, or delete Personal Data if it is inaccurate or has been processed in violation under the Privacy Shield Principles (except when the burden or expense of providing access, correction, amendment, or deletion would be disproportionate to the risks to the Data Subject’s privacy, or where the rights of persons other than the Data Subject would be violated). Requests for access, correction, amendment, or deletion should be sent to: data.privacy@knowmadics.com.

Recourse, Enforcement, Liability

In compliance with the Privacy Shield Principles, Knowmadics commits to resolve complaints about Data Subject’s privacy and the collection or processing of the Personal Data. Data Subjects with inquiries or complaints regarding this Privacy Shield Policy should first contact Knowmadics at: data.privacy@knowmadics.com. Knowmadics has a policy of responding to individuals within forty-five (45) days of an inquiry or complaint.

Knowmadics has further committed to refer unresolved privacy complaints under the EU-U.S. and Swiss-U.S. Privacy Shield Principles to an independent dispute resolution mechanism, JAMS which provides an independent third-party dispute resolution body based in the United States, providing investigation and assistance free of charge. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://www.jamsadr.com/eu-us-privacy-shield for more information and to file a complaint.

Under certain conditions detailed in the Privacy Shield, Data Subjects may be able to invoke binding arbitration before the Privacy Shield Panel to be created by the U.S. Department of Commerce and the European Commission. For more information about binding arbitration, please visit https://www.privacyshield.gov/

Knowmadics’ participation in the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework is subject to investigation and enforcement by the Federal Trade Commission.

Knowmadics agrees to periodically review and verify its compliance with the Privacy Shield Principles, and to remedy any issues arising out of failure to comply with the Privacy Shield Principles. Knowmadics acknowledges that its failure to provide an annual self-certification to the U.S. Department of Commerce will remove it from the Department’s list of Privacy Shield participants.

Changes to this Privacy Shield Policy

This Privacy Shield Policy may be amended from time to time consistent with the requirements of the Privacy Shield. Appropriate notice regarding such amendments will be given.