POLICY STATEMENT & SCOPE
SAFE HARBOR PRINCIPLES
Company has adopted the seven safe harbor principles of notice, choice, onward transfer, access, security, data integrity and enforcement with respect to data that is collected in and transferred from countries in the eu to company in the united states.
2. choice. before company uses personal data or eu employee data for a purpose that is incompatible with the purposes for which the personal data or eu employee data was originally collected or subsequently authorized, or transfers personal data or eu employee data to a non-agent third party for the purpose of allowing the non-agent third party to exercise independent control over the personal data or eu employee data, the affected individuals will be given an opportunity to decline (opt out) having their personal data or eu employee data so used or transferred. the same choice principle shall apply to sensitive personal data, but in the event that the data is sensitive personal data, the affected individual's explicit consent (opt in) will be obtained prior to such use or transfer.
3. onward transfer. company may transfer data to its agents once it obtains assurances that the relevant agents will adequately safeguard the data that is transferred to them. such assurances may take the form of a contract obligating the agent to provide at least the same level of protection as is required by the relevant safe harbor principles, safe harbor certification by the agent, or the agent being subject to an eu data protection directive or adequacy finding. if company learns that an agent is using or sharing data in a way that is contrary to the assurances obtained, we will take reasonable steps to prevent or stop such activity. company may transfer personal data to a non-agent third party where such transfer is consistent with the notice and choice principles detailed above or as otherwise set forth in this policy.
4. access. for those individuals who duly request it, company will provide such individuals with reasonable access to data that it holds about them, except in those circumstances that are set forth in the safe harbor principles, such as when the burden or expense of providing access would be disproportionate to the risks to the individual's privacy or when the rights of persons other than the data subject's would be violated and except in those instances where the access being requested relates to employee data and the person making the request is not otherwise entitled to such access under the local labor or employment laws governing such person's employment. for those individuals who receive access, company will take reasonable steps to permit such individuals to correct, amend or delete information that is demonstrated to be inaccurate or incomplete.
5. security. company will take reasonable administrative, technical and physical precautions to protect data in its possession from loss, misuse and unauthorized access, disclosure, alteration and destruction.
6. data integrity. company will take reasonable steps to ensure that data that is stored on its servers is used, processed and maintained in a condition that is compatible with the purposes for which it has been collected or subsequently authorized, subject to any deficiencies in the condition of the data that existed at the time company received such data.
HOW TO CONTACT US
3 Farnam Road
PO Box 1929
Lakeville, CT 06039
Tel: (860) 435-9810
LIMITATION ON SCOPE OF PRINCIPLES
Company may disclose data as necessary in connection with the sale or transfer of all or part of its company to meet its legal, governmental, national security or public interest obligations or as otherwise permitted under the safe harbor principles.