iGateway MS ("IGMS") respects individual privacy and values the confidence of its customers, vendors, business partners, and others. iGateway MS strives to use, disclose, and collect personal information consistent with the laws of the states, countries, and territories in which it conducts business and has a practice of upholding the absolute ethical standards in its business practices. iGateway MS accepts and acts by the Safe Harbor Principles maintained by the U.S. Department of Commerce, the European Commission and the Frequently Asked Questions (FAQs) issued by the Department of Commerce on July 21, 2000. This Safe Harbor Privacy Policy (the "Policy") sets forth the company doctrine that iGateway MS follows. This policy on transfers of personal information anywhere in the world, including transfers from the European Economic Area (EEA) (the EEA includes 28 member states of the European Union (EU)) to the United States.
Personal information that is transferred to iGateway MS in the United States from the EU falls under one of the following three situations:
iGateway MS has appointed a privacy officer who is responsible for the internal supervision of iGateway MS' privacy policies and data security. iGateway MS is committing to educating its associates (employees) and clients in the United States and the EU about the guidelines, issues, and laws surrounding compliance with EU Safe Harbor.
iGateway MS' privacy officer and its legal team are available to any associate (employee) who may have questions concerning iGateway MS' EU Safe Harbor privacy policies or data security practices.
Since the requirements for compliance with EU Safe Harbor vary depending on whether iGateway MS is acting as a processor on behalf of iGateway MS' customer or a data controller, iGateway MS' policies and manner of adherence are below.
iGateway MS as a Processor on Behalf - When iGateway MS conducts business as a central processing unit on behalf of its clients, the policies outlined below apply to all data processing operations relating to personal information that transfers from the EU to the United States.
Processing Contracts - Before starting any dispensation on behalf of iGateway MS' customer, iGateway MS enters into an agreement with the EU data controller accountable for the private information under the appropriate EU Member State Data Protection law.
The processing arrangement ensures that the EU data controller is in compliance with the Member State Data Protection law. Any data processed by iGateway MS is not disclosed to third parties except where allowable or obligatory by the processing contract, EU Safe Harbor or the applicable Member State Data Protection law. Any information which iGateway MS' Customer (acting as the EU controller) identifies as susceptible cares for accordingly.
The processing arrangement stipulates that processing carries on with suitable data security measures. iGateway MS has in place measures to protect personal information from unauthorized access, loss, misuse, disclosure, destruction, and alteration.
As a processor on behalf of iGateway MS' customer (who is the EU controller), iGateway MS is not required to relate other EU Safe Harbor Principles to the personal information received for processing from a customer.
iGateway MS as a Data Controller or Data Collector - When iGateway MS acts as a data collector or data controller of personal information, the policies outlined below apply to all personally identifiable information that transfers from the EU to the United States.
iGateway MS develops and maintains databases containing personal information on European contacts from some EU Member States. In instances where iGateway MS is a data controller, the data for these databases comes from public records and information acquired through information providers. In cases where iGateway MS is a data collector, the information for these databases develops by email, telephone, or other responses by contacts. These databases contain no information characteristic as sensitive by any nationalized law of an EU Member State (e.g., databases do not include information about race, color, creed, religion, sexual orientation, and so forth).
iGateway MS' databases contain information provided to qualified businesses for marketing and media relations purposes.
iGateway MS may also use network beacons or other distinctive identifiers to allow it to determine which messages or elements of a media promotion generate responses. These identifiers allow iGateway MS software to gauge the effectiveness of individual communications. iGateway MS will, as a service to its clients, provide data regarding the campaign efficiency; such information is designed to make more proficient the process of transmitting and receiving operation information.
As either a data controller or data collector, iGateway MS is required to observe all values of the EU Safe Harbor.
Notice - Before the transmission of any private personal information from the EU to the United States, iGateway MS requires proper verification from the EU controller from whom the data associated. Moreover, the data subjects from whom the information was derivative, provided with proper notice under the pertinent data protection laws of the EU member state.
The same as indicated above, iGateway MS may accumulate information to improve its services and products, maintain and update its database, and provide information to its clients.
Choice - Before the transfer of any private personal information from the EU to the United States, iGateway MS requires judicial confirmation from the EU controller from whom iGateway MS acquired the information. Adding together, the data subjects from whom the information derives is provided the choice to determine the utilization of their information under the data protection laws of the applicable EU member state.
What's more, iGateway MS will, upon request, remove an individual's name and related information from its information products.
To assert that iGateway MS does not use an individual's non-public personal information, such person should contact iGateway MS' consumer advocate at the Fax address provided below or by sending an email to us at safeharbor@igatewayms.com
Written/Fax communication should address as follows:
Download Consumer Advocate EU Safe Harbor Opt-Out Fax Cover word document: https://www.igatewayms.com/igms_resources/IGMS-Consumer_Advocate-EU-Safe-Harbor-Opt-Out-FAX-cover.docx
It is important for individuals to confirm their identity, before making any alterations in its information.
Data Integrity - iGateway MS takes reasonable steps to guarantee the information that transfers from the EU to the United States is complete, reliable, and accurate. The steps iGateway MS takes to ensure data integrity is in light of the purposes for which it utilizes the personal information.
Onward Transfer - iGateway MS complies with the notice and choice principle as noted above for all data that it discloses to a third party.
iGateway MS may from time to time use agents to perform processing tasks on behalf and under the instruction of iGateway MS. iGateway MS requires that its agents either:
-and/or-
Security - iGateway MS takes reasonable precautions to protect personal information in its possession from misuse, unauthorized access, loss, disclosure, alteration, and destruction. iGateway MS limits access to personal information and data to those persons in iGateway MS' organization, or agents of iGateway MS, that have a specific business purpose for maintaining and processing such information and data. Individuals to whom access granted to personal information are aware of their responsibilities to protect the confidentiality, security, and integrity of such information.
Any security compromises and potential security compromises and any inquiries concerning security should report to the iGateway MS, a consumer advocate. Contact information provided below.
Access - An individual may make requests to iGateway MS for access to the information iGateway MS maintains in its information products. The individual has the right to receive corroboration from iGateway MS as to whether or not data relating to them is found in iGateway MS' information products and to correct, amend, or delete that data when it is inaccurate. This right only applies to personal non-public information relating to the individual making the request and is subject to other restrictions as defined by law.
Persons who wish to make an access request should direct such a request to iGateway MS' Consumer Advocate in iGateway MS' consumer affairs department at the fax address provided below or by sending an email to us at safeharbor@igatewayms.com
Written/Fax communication should address as follows:
Download Consumer Advocate EU Safe Harbor Fax Cover word document: https://www.igatewayms.com/igms_resources/IGMS-Consumer_Advocate-FAX_cover.docx
iGateway MS' consumer advocates explain the process to follow for any individual making an access request. The individuals are to provide sufficient information to authenticate their identity, to substantiate character of persons applying for access requests,
iGateway MS agrees to process all reasonable requests for access within a reasonable period. iGateway MS reserves the right to deny access and limit access in cases where the burden or cost of providing access would be inconsistent to the risks to the individual's privacy or in the event of a vexatious or fraudulent request.
Enforcement - Persons who wish to file a grievance or who take issue with iGateway MS' EU Safe Harbor policies should express such communication to iGateway MS' consumer advocate via email or written communication as described above. iGateway MS' consumer advocates explain the process to follow when filing a complaint. Filing a complaint in English expedites the process.
iGateway MS investigates and attempts to resolve complaints and disputes regarding use and disclosure of personal information by the principles contained in this Policy. For complaints that cannot resolve between iGateway MS and the complainant, iGateway MS has agreed to take part in the dispute resolution measures of the panel established by the European data protection authorities to determine disputes under the Safe Harbor Principles.
iGateway MS is also subject to the jurisdiction of the U.S. Federal Trade Commission. Contact the FTC at the following address:
Federal Trade Commission
Attn: Consumer Response Center
600 Pennsylvania Avenue NW
Washington, DC 20580
HTTP: www.ftc.govEmail
consumerline@ftc.gov
The practice described in this policy are current personal data protection policies as of May 5, 2017. iGateway MS reserves the right to modify or amend this Policy at any time consistent with the requirements of the Safe Harbor Principles. The appropriate public notice posted concerning such amendments.
Revised: 05/19/2017