MYLIO PRIVACY SHIELD
Mylio complies with the EU-U.S Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information received from the European Union. Mylio and its affiliates have certified that they adhere to the Privacy Shield principles of notice, choice, accountability for onward transfer, security, data integrity and purpose limitation, access, and recourse, enforcement and liability (“Principles”). If there is any conflict between the policies in this Statement and the Privacy Shield Principles, the Principles shall govern. To learn more about Privacy Shield, please visit the U.S. Department of Commerce Privacy Shield website: https://www.privacyshield.gov/. To review Mylio’s Privacy Shield certification, see the U.S. Department of Commerce’s list of Privacy Shield certified companies located at https://www.privacyshield.gov/list
This Statement applies to any personal information received by Mylio and its affiliates from the European Union in reliance on Privacy Shield.
MYLIO DATA PROCESSING ACTIVITIES
- Data Transfer to Third Parties. Third Party Agents or Service Providers. We may transfer EU and/or Swiss Personal Data to our third party agents or service providers that perform functions on our behalf. Where required by the Privacy Shield, we enter into written agreements with those third party agents and service providers requiring them to provide the same level of protection that the Privacy Shield requires and limiting their use of the data to the specified services provided on our behalf. We take reasonable and appropriate steps (i) to ensure that third party agents and service providers process EU and/or Swiss Personal Data in accordance with our Privacy Shield obligations and (ii) to stop and remediate any unauthorized processing. Under certain circumstances, we may remain liable for the acts of our third party agents or service providers that perform services on our behalf for their handling of EU and/or Swiss Personal Data that we transfer to them.
- Security. We take reasonable and appropriate measures to protect personal information from loss, misuse and unauthorized access, disclosure, alteration and destruction. We have implemented appropriate physical, electronic and managerial procedures to help safeguard and secure personal information from loss, misuse, unauthorized access or disclosure, alteration or destruction.
- Data Integrity and Purpose Limitation. We will process personal information in a manner that is compatible with and relevant to the purpose for which it was collected or authorized by individuals. Where we receive personal information from an Institution, it shall be the Institution that determines those purposes. To the extent necessary for those purposes, we will take reasonable steps to ensure that personal information is accurate, complete, current and reliable for its intended use.
- Access. You may have the right to access the EU and/or Swiss Personal Data that we hold about you and to request that we correct, amend, or delete it if it is inaccurate or processed in violation of the Privacy Shield. These access rights may not apply in some cases, including where providing access is unreasonably burdensome or expensive under the circumstances or where it would violate the rights of someone other than the individual requesting access. If you would like to request access to, correction, amendment, or deletion of your EU and/or Swiss Personal Data, you can submit a written request to the contact information provided below. We may request specific information from you to confirm your identity. In some circumstances we may charge a reasonable fee for access to your information.
- Jurisdiction and Enforcement. As part of our participation in Privacy Shield, we are subject to the investigatory and enforcement powers of the US Federal Trade Commission.
- Lawful Requests. Under certain circumstances, we may be required to disclose your EU and/or Swiss Personal Data in response to valid requests by public authorities, including to meet national security or law enforcement requirements.
- Contact Mylio and Recourse
If you have any questions about this Statement or the information that we collect from you in reliance on Privacy Shield, please contact us at firstname.lastname@example.org or write to:
10500 NE 8th Street, Suite 1050
Bellevue, WA 98004 USA
Phone: (425) 453-6704
In the event that you are concerned about how personal information you have provided to Mylio has been used, please address your inquiry or complaint first to us at the address listed above. Mylio takes all concerns about privacy and use of personal information very seriously, and shall endeavor to reply to you within 45 days of receiving a complaint.
If we fail to respond within that time, or if our response does not adequately address your concerns, you may submit your complaint free of charge to JAMS, Mylio’s designated Privacy Shield dispute resolution provider, using this link: https://www.jamsadr.com/file-an-eu-us-privacy-shield-or-safe-harbor-claim.
There may also be circumstances when disputes can be resolved through the Privacy Shield binding arbitration process. Please see the Privacy Shield website for further information: https://www.privacyshield.gov/article?id=C-Pre-Arbitration-Requirements.
CHANGES TO THIS POLICY
We reserve the right to amend this Policy from time to time consistent with the Privacy Shield’s requirements.
This statement is effective on May 25, 2018