The purpose of this Policy is to explain the type of information that the Company collects, what we do with that information, and with whom the Company shares this information. Anyone who provides personally identifiable information ("Personal Information") or any other information to the Company consents to the collection, use and disclosure of such information under the terms of this Policy.
Global Compliance Services abides with the European Union-United States Safe Harbor Privacy Principles as set forth by the United States Department of Commerce regarding the collection, use and retention of Personal Information collected from the European Union by the Company through the Site or the use of any of our services.
This Policy applies to both our clients to whom we provide services ("Clients") and to those individuals who browse and use our Site ("Visitors").
THE SERVICES WE PROVIDE
Global Compliance Services is committed to assisting Clients maintain effective corporate ethics and compliance programs. The Company collects information from our Clients' employees, vendors, agents, and stakeholders (collectively, our "Clients' Employees") which assists our Clients in investigating compliance with laws, regulations, policies and procedures. Clients' Employees may voluntarily report corporate compliance matters, through our Clients' telephone reporting hotlines, Web-based reporting services and other services maintained by the Company (collectively, the "Services"). The Company is committed to protecting the privacy and confidentiality of our Clients and Clients' Employees.
Clients enter into written contacts with the Company whereby, among other services, the Company collects information from our Clients' Employees. Our Clients' Employees may choose to remain anonymous or they may choose to provide Personal Information when using our Services. The collection of this information results in a report prepared by the Company. These reports are sent to our Clients via e-mail and are also available to our Clients through a password protected secure portal on the Company's Site. The Company's Clients are located and do business throughout the world, including some European Union (EU) countries.
THE INFORMATION COLLECTED BY US
The Company may collect any Personal Information that is provided to us by our Clients, our Clients' Employees or Visitors. This includes, without limitation, name, phone number, mailing address, e-mail address, or any other Personal Information that is provided to us in connection with the Site or the use of our Services, including our hotline reporting services.
Our Clients' Employees who use our various reporting services always have the option to remain anonymous and to not provide any Personal Information when raising corporate compliance issues. [See below: Your Choices With Respect to Personal Information.] In addition, Visitors can browse the Site anonymously without revealing Personal Information.
When our Clients use our Web-based services which include access to a Client's secure portal on the Company's Site, our servers use session cookies to help identify each Client and make using the service more efficient. Our session cookies do not collect any Personal Information and are removed when the session is concluded. We do not use any cookies when Visitors browse the Site.
HOW WE USE INFORMATION
Services Provided to Clients
Global Compliance Services only uses Personal Information obtained from our Clients' Employees via the Services, such as our Clients' telephone reporting hotlines, Web-based reporting services and other services. The Services are maintained by the Company to allow our Clients to investigate allegations of wrongdoing in the workplace or allegations that require investigations required by applicable laws, rules and regulations, such as the Sarbanes-Oxley Act.
Visitors' Use of Global Compliance's Site
Global Compliance Services' Site registration form requires Visitors who request contact to provide specific contact information such as name and e-mail address. The Company uses the contact information from the registration form to send the individual information about us. The Company also uses Personal Information obtained from Visitors to our Site to respond to questions, comments and other requests from these individuals, including responding to inquiries about employment opportunities.
SHARING PERSONAL INFORMATION WITH OTHERS
Global Compliance Services does not disclose, sell, share, trade or give away an individual's Personal Information to third parties, except under one or more of the following circumstances:
- Consent: If the individual has consented to the disclosure of his or her Personal Information, the Company may share such Personal Information with others, including without limitation, a Company Client. For example, if one of our Clients' Employees agrees to provide us with Personal Information when using the Company's reporting services, that individual consents to the sharing of such Personal Information with his employer so that his employer can investigate claims as required by applicable laws. Except as provided in this Policy, the Company does not share our Clients' Employees' Personal Information with any other party for any purpose.
- Protection of Global Compliance Services and Others: Global Compliance Services may disclose Personal Information about you to others: (i) if we have a good faith belief that we are required or permitted to do so by law or legal process; (ii) in connection with legal or administrative proceedings; (iii) to protect the rights, reputation, property or safety of the Company or others; (iv) to defend or enforce the Company's rights or our Clients' obligations; or (v) if the disclosure is required by mandatory professional standards.
- Business Transfers: In the event that the Company decides to sell all or part of its stock or assets or merge its Company, it reserves the right to include Personal Information among the assets transferred to the acquiring or surviving company. It is the Company's practice to seek appropriate protection for Personal Information in these types of transactions.
- Aggregate Anonymous Information: The Company may provide to others anonymous information in the aggregate for purposes of marketing, promotion or similar activities. None of this aggregated information will identify anyone personally.
YOUR CHOICES WITH RESPECT TO PERSONAL INFORMATION
The Company always provides notice and choice as to the collection and use of Personal Information from those individuals, such as Clients' Employees, who use the Company's reporting services. Before any individual gives Personal Information to the Company in connection with providing a compliance report, that individual is notified of their choice to remain anonymous or may consent to providing their Personal Information to the Company. The Company does not collect and use any Personal Information from these individuals, including Client's Employees, unless those individuals agree to provide their Personal Information to the Company.
The Site gives Visitors the opportunity to stop receiving communications from the Company if previously requested. The Site also gives Visitors options for changing and modifying information previously provided. To remove or change information in our database, or to not receive future communications from the Company,e-mail email@example.com with your request.
LINKED INTERNET Websites
As a service to our Clients and Visitors, the Company provides hyperlinks to valuable resources that are related to the products and services that we provide, such as reference documents published by industry experts and links to relevant laws and regulations. These hyperlinks, which are highlighted words or pictures within a hypertext document that may, when clicked, take you to another place within the document, to another document altogether, or to a third party Website not controlled by the Company. Such hyperlinked third party Websites may collect and disclose information in a manner that is different from this Site. The Company is not responsible for the collection, use, or disclosure of information collected through these third party Websites, and the Company expressly disclaims any and all liability related to such collection, use, or disclosure. The Company does not collect any Personal Information from any persons who click on these hyperlinks located on the Site.
Global Compliance Services does not sell products or services for purchase by children under the age of eighteen ("Minors"). The Company does not knowingly solicit or collect Personal Information from Minors, and we will not knowingly link to any third party Website that solicits or collects Personal Information from Minors. If you believe that a Minor has disclosed Personal Information to us or that we have linked to such a third party Website, please contact us at firstname.lastname@example.org so that the information and/or link can be removed.
SECURITY AND PROTECTION OF DATA COLLECTED BY US
The Company's Site and the Websites maintained for our Clients have security measures in place to protect the loss, misuse and alteration of the information under our control. The Company has implemented various physical, electronic, and managerial measures, including education and training of our personnel, to provide Personal Information with reasonable protection from accidental loss or destruction, improper use, alteration, or disclosure. The Company has invested and deployed a wide variety of technology and security features to ensure the privacy of Personal Information that is collected by the Company through its services and via the Site. In addition, the Company has implemented strict operational guidelines to safeguard privacy of data we collect at every level of our organization. The Company requires that all employees sign confidentiality agreements and we conduct background checks on new employees.
The Company will continue to revise policies and implement additional security features as new technologies become available. Unfortunately, no system is perfect; therefore, the Company makes no representations or warranties with regard to the sufficiency of these security measures. The Company shall not be responsible for any actual or consequential damages (or any other damages or liability of any kind whatsoever) that result from a lapse in compliance with this Policy because of a security breach or technical malfunction.
INTERNATIONAL TRANSFERS OF PERSONAL INFORMATION
Permitted transfers of information, including Personal Information, either to third parties or within the Company, include the transfer of data from one jurisdiction to another, such as transfers to and from the United States of America. Because privacy laws vary from one jurisdiction to another, personal information may be transferred to a jurisdiction where the laws provide less or different protection than the jurisdiction in which the information originated. We will always handle your Personal Information as described in this Policy. The Company abides by the safe harbor framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of data from the European Union.
ACCESS TO YOUR PERSONAL INFORMATION
If you wish to obtain a copy of particular information you provided to the Company, or if you become aware the information is incorrect and you would like us to correct or delete it, contact us at email@example.com. Before the Company is able to provide you with any information or correct any inaccuracies, however, we may ask you to verify your identity and to provide other details to help us to respond to your request. The Company affirms that it will correct, amend or delete any erroneous data if instructed to do so by you, subject to the EU Safe Harbor principles of proportionality and reasonableness. We always will endeavor to respond within an appropriate timeframe to any request under this section.
The Company will cooperate with the EU Data Protection Authorities and the Department of Commerce to resolve any complaints and disputes arising in connection with this Policy. All Company employees will be required to be familiar with and adhere to this Policy. The Company will investigate any reported complaints of violations of this Policy and will take prompt remedial action where violations are found. In order to inquire or complain about the Company's privacy policies or anything related to the privacy of Personal Information handled by us, contact us at the following e-mail address: firstname.lastname@example.org.
Amended and Effective: This Policy took effect on December 16, 2003 and was amended on February 6, 2006.