Privacy Shield Statement

Privacy Shield Statement

   

Fishbowl, Inc. (“Fishbowl”) relies on and complies with the EU-U.S. Privacy Shield Framework, the Swiss-U.S. Privacy Shield Framework, and UK-US Privacy Shield Framework as set forth by the U.S. Department of Commerce in the collection, use, and retention of personal data transferred from the European Union, the United Kingdom, and Switzerland to the United States. We have certified to the U.S. Department of Commerce our commitment to following the Privacy Shield Principles with respect to such data.

If there is any conflict between the terms in this notice and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, please visit here or view our certification here. For purposes of enforcing compliance with the Privacy Shield, we are subject to the investigatory and enforcement authority of the U.S. Federal Trade Commission.

Data Processed & Purposes of Data Processing. Fishbowl provides online platforms and tools for general third-party marketing purposes, consumer data visualization, integration and analytics, and platforms for building websites and applications. Our clients instruct us as to purpose and means by which to process the data they have chosen to submit to our services, which may include information about our clients’ customers and users of online platforms or tools (e.g., contact information and billing information). Our access to their data is necessary to provide such services to our clients, including correcting and addressing technical or service problems, following their processing instructions, or otherwise fulfilling our contractual requirements. Our privacy policy available here provides a fuller description of the categories of data that we may receive in the United States, the purposes for which we use that data, and the measures we take to safeguard that personal data.

Third Parties Who May Receive Personal Data. We use certain third-party service providers to assist us in providing our services to our clients, such as performing database monitoring and other technical operations, assisting with the transmission of data, and providing data storage services. These third-party service providers may access, process, or store personal data as part of their work.

We take reasonable and appropriate steps to ensure that third-party service providers process personal data in accordance with our Privacy Shield obligations, including restricting their access, use, or disclosure of personal data. Under certain circumstances, we may be liable for the failure of our third-party service providers to meet their obligations in their handling of personal data, if it is determined we are responsible for the event giving rise to the damage.

Compelled Disclosures. Under certain circumstances, we may disclose your personal data in response to valid requests by public authorities, including to meet national security or law enforcement requirements. To the extent permitted, we will inform our client or prospective client before making such disclosure and provide it with a reasonable opportunity to object to such disclosure.

Access Rights. You may have the right to access the personal data that we hold about you and to request that we correct, amend, or delete it if it is inaccurate or processed in violation of the Privacy Shield. These access rights may not apply in some cases, including where providing access is unreasonably burdensome or expensive under the circumstances or where it would violate the rights of someone other than the individual requesting access. Because our personnel have limited ability to access data our clients submit to our services, if you wish to request access, to limit use, or to limit disclosure, please submit a written request to the contact information provided here including the name of the Fishbowl client who submitted your data to our services. We will refer your request to that client and will support them as needed in responding to your request.

Questions or Complaints. You can direct any questions or complaints about the use or disclosure of your personal data to us here. We will respond within 45 days of receiving your communication. If you are unsatisfied with the resolution of your complaint, you may contact the EU data protection authorities, the UK Information Commissioner, or the Swiss Federal Data Protection and Information Commissioner for further information and assistance.

Binding Arbitration. For any complaints that cannot be resolved with Fishbowl directly, Fishbowl has chosen the Privacy Trust Privacy Shield Program as an independent recourse mechanism to facilitate alternative dispute resolution (ADR) services including binding arbitration. You may have the option to select binding arbitration for the resolution of your complaint under certain circumstances, provided you have taken the following steps: (1) raised your compliant directly with Fishbowl and provided us the opportunity to resolve the issue and (2) raised the issue through the relevant data protection authority and allowed the U.S. Department of Commerce an opportunity to resolve the complaint at no cost to you.

Changes to This Statement. We reserve the right to amend this policy from time to time consistent with the Privacy Shield’s requirements.