Privacy Shield Policy

EnterpriseDB Privacy Shield Policy

EnterpriseDB Corporation (“EnterpriseDB”) complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Economic Area (“EEA”) and Switzerland to the United States.  EnterpriseDB has certified to the Department of Commerce that it adheres to the Privacy Shield Principles.  If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.  To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/ and https://www.privacyshield.gov/list.

Definitions:

“Consumer” means any natural person located in the EEA or Switzerland who is a prospective or actual user of EnterpriseDB’s Website, Products or Services or whose Personal Data is submitted to or may be stored by EnterpriseDB.
“Personal Data” means any information, including Sensitive Data, that (i) is transferred to EnterpriseDB in the U.S. from the EEA or Switzerland, (ii) is recorded in any form, (iii) relates to an identified or identifiable Consumer, and (iv) can be linked to that individual.
“Sensitive Data” means Personal Data specifying medical or health conditions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, sex life, the commission or alleged commission of any offense, any proceedings for any offense committed or alleged to have been committed by the individual or the disposal of such proceedings, or the sentence of any court in such proceedings; for individuals in Switzerland, Sensitive Data also includes ideological or trade union-related views or activities, or information on social security measures or administrative or criminal proceedings and sanctions, which are treated outside pending proceedings.

How EnterpriseDB Obtains Personal Data:

EnterpriseDB collects several types of information from Consumers, including:

  • when a Consumer visits EnterpriseDB’s website (the “Website”) and provides Personal Data to EnterpriseDB on or through the Website (e.g., via Contact Us forms; Website Registration forms; blogs; and forums/communities;
  • in connection with the download of EnterpriseDB software from its Website;
  • in connection with maintaining its customer relationships and providing products and services to EnterpriseDB customers;
  • Information we receive from our business partners in connection with our Website users’ use of the Website.
  • In addition, EnterpriseDB collects general information about its customers, including a customer’s company name and address, credit card information, and the customer representative’s contact information (“General Information”) for billing and contracting purposes.

NOTE THAT BY PROVIDING PERSONAL DATA AND SENSITIVE DATA, CONSUMERS PROVIDE THEIR INFORMED CONSENT TO THE USES OF SUCH INFORMATION AS STATED IN THIS POLICY.

Notice:

EnterpriseDB provides information in its online Privacy Policy regarding its general practices related to Personal Data collected on the Website, including the purposes for which EnterpriseDB collects and uses Personal Data.

Choice:

In accordance with the Principles, EnterpriseDB will offer Consumers choice to the extent it (i) discloses their Personal Data to certain undisclosed third parties, or (ii) uses their Personal Data for a purpose that is materially different from the purposes for which the Personal Data was originally collected or subsequently authorized by the Consumer.  To the extent required by the Principles, EnterpriseDB also will obtain opt‑in consent if it engages in certain uses or disclosures of Sensitive Data.  Unless EnterpriseDB offers Consumer an appropriate choice, EnterpriseDB uses Personal Data only for purposes that are materially the same as those indicated in this Policy or the online Privacy Policy.

EnterpriseDB may disclose Personal Data of Consumers without offering an opportunity to opt out, and may be required to disclose the Personal Data, (i) to third‑party Processors that EnterpriseDB has retained to perform services on its behalf and pursuant to its instructions, (ii) if it is required to do so by law or legal process, (iii) to its subsidiary companies as necessary to perform services on its behalf, (iv) when EnterpriseDB believes disclosure is necessary to prevent physical harm or financial loss, or in connection with an investigation of suspected or actual illegal activity; or (v) in response to lawful requests from public authorities, including to meet national security, public interest or law enforcement requirements.  EnterpriseDB also reserves the right to transfer Personal Data in the event of an audit or if the company sells or transfers all or a portion of its business or assets (including in the event of a merger, acquisition, joint venture, reorganization, dissolution or liquidation).

Accountability for Onward Transfer of Personal Data:

EnterpriseDB complies with the Privacy Shield’s Principle regarding accountability for onward transfers.  EnterpriseDB remains liable under the Principles if its onward transfer recipients process Personal Data in a manner inconsistent with the Principles, unless EnterpriseDB proves that it was not responsible for the event giving rise to the damage.

Security:

EnterpriseDB utilizes reasonable technological and physical safeguards to protect Personal Data from loss, misuse and unauthorized access, disclosure, alteration, and destruction.

Data Integrity and Purpose Limitation:

EnterpriseDB takes reasonable steps to ensure that the Personal Data that it processes is: (i) relevant for the purposes for which it is to be used, (ii) reliable for its intended use, and (iii) accurate, complete and current.

Access:

Where appropriate, EnterpriseDB provides Consumers with reasonable access to the Personal Data EnterpriseDB maintains about them. EnterpriseDB also provides a reasonable opportunity for Consumers to correct, amend, limit disclosure, or delete that information where it is inaccurate, as appropriate.

EnterpriseDB may limit or deny access to Personal Data where providing such access is unreasonably burdensome or expensive under the circumstances, or as otherwise permitted by the Privacy Shield Principles. The right to access personal information also may be limited in some circumstances by local law requirements. Consumers may request access to their Personal Data by contacting EnterpriseDB as indicated below. We will respond to all access requests as soon as possible and in accordance with applicable law.

In this regard, EnterpriseDB depends on its Consumers to update and correct Personal Data to the extent necessary for the purposes for which the information was collected or subsequently authorized by the individuals. Consumers may contact EnterpriseDB as indicated below to request that EnterpriseDB update or correct relevant Personal Data.

Recourse, Enforcement and Liability:

EnterpriseDB has established procedures for periodically verifying implementation of and compliance with the Privacy Shield Principles. Specifically, EnterpriseDB conducts an annual self-assessment of its Personal Data practices to verify that the attestations and assertions the company makes about its privacy practices are true and that the company’s privacy practices have been implemented as represented.

Consumers may submit a complaint concerning EnterpriseDB’s processing of their Personal Data or Personal Data practices to EnterpriseDB at the contact information provided below.

If the issue cannot be resolved by EnterpriseDB, EnterpriseDB has committed to refer unresolved privacy complaints to JAMS under the JAMS EU-US and Swiss-US Privacy Shield.  For more information and/or to file a complaint, please visit: https://www.jamsadr.com/eu-us-privacy-shield.

EnterpriseDB is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC) to ensure compliance with the EU-US and Swiss-US Privacy Shield principles outlined in this policy.

If a Consumer complaint from an EEA or Swiss individual is not resolved through these channels, EEA or Swiss individuals may be entitled to a binding arbitration before the Privacy Shield Panel to be created by the U.S. Department of Commerce and the European Commission.

How to Contact EnterpriseDB:

EnterpriseDB may retain Consumer’s Personal Data for a period of time consistent with the original purpose of collection.  your To ask questions or comment about this Privacy Shield Policy and our privacy practices or if you need to update, change or remove your information, contact us at: legal@enterprisedb.com or by regular mail addressed to:

EnterpriseDB Corporation
Attn. Legal Department
34 Crosby Drive, Suite 201
Bedford, MA 01730

 

 

 

 

Version 1/26/2018