Privacy Shield Policy
Note: The Privacy Shield has been invalidated and Engage2Excel does not rely on Privacy Shield for cross-border data transfers. However, we continue to comply with the framework, including its dispute resolution process. Please read our statement for information about how we comply with the Privacy Shield Framework.
Engage2Excel recognizes that the EU and Switzerland have established strict protections regarding the handling of EU and/or Swiss Personal Data, including requirements to provide adequate protection for EU and/or Swiss Personal Data transferred outside of the EU and Switzerland. To provide adequate protection for certain EU and/or Swiss Personal Data relating to website visitors, customers, prospective customers, partners, vendors, third-party suppliers and contractors that Engage2Excel receives in the U.S., Engage2Excel complies with the EU-U.S. Privacy Shield and the Swiss-U.S. Privacy Shield Frameworks (collectively, “Privacy Shield”) as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. Engage2Excel has certified to the Department of Commerce that it adheres to the Privacy Shield. Engage2Excel adheres to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability. If there is any conflict between the terms in this Policy and the Privacy Shield, the Privacy Shield shall govern.
For purposes of enforcing compliance with the Privacy Shield, Engage2Excel is subject to the investigatory and enforcement authority of the U.S. Federal Trade Commission. For more information about the Privacy Shield, see the U.S. Department of Commerce’s Privacy Shield website located at https://www.privacyshield.gov. To review Engage2Excel’s Privacy Shield certification, see the U.S. Department of Commerce’s list of Privacy Shield certified companies located at https://www.dataprivacyframework.gov/s/.
Types of EU and/or Swiss Personal Data Collected
Engage2Excel collects EU and/or Swiss Personal Data (i) from individuals who visit our website and voluntarily provide their information, and (ii) from our customers, vendors, contractors and agents, including the following specific types of information:
- Contact information, including name, address, email address and phone number
- Professional and employment information
- Financial information
Engage2Excel also collects certain data that may not specifically identify an individual but relate to an individual’s visit to our site, including information about equipment, browsing actions and usage patterns. This data is used for internal purposes only.
Purposes of EU and/or Swiss Personal Data Collection and Use
Engage2Excel collects, uses and processes EU and/or Swiss Personal Data for the purposes of:
- Providing information about our products, services and events
- Providing products, services and support to our customers
- Administrative purposes relating to processing transactions with our customers
- Communicating with business partners, vendors, agents, and contractors about business matters
- Analysis of information in order to improve business practices, products and services
- Conducting related tasks for legitimate business purposes
- Other purposes disclosed at the time of collection
- Compliance with legal requirements and protection of rights and property
Engage2Excel will only process EU and/or Swiss Personal Data in ways that are compatible with the purpose for which Engage2Excel collected the EU and/or Swiss Personal Data, or for purposes that the individual or entity providing the EU and/or Swiss Personal Data later authorizes. Before we use your EU and/or Swiss Personal Data for a purpose that is materially different than the purpose for which it was collected or that you later authorized, we will provide you with the opportunity to opt-out. Engage2Excel maintains reasonable procedures to help ensure that EU and/or Swiss Personal Data is reliable for its intended use, accurate, complete, and current.
We may collect, or our customers may provide to us when using Engage2Excel services, certain EU and/or Swiss Personal Data that is regarded as “sensitive”. When we directly collect sensitive EU and/or Swiss Personal Data, we will obtain opt-in consent where the Privacy Shield requires, including if we disclose sensitive EU and/or Swiss Personal Data to third parties, or before we use sensitive EU and/or Swiss Personal Data for a different purpose than we collected it for or than the data subject later authorized.
In furtherance of the Privacy Shield Framework principles, Engage2Excel will only use your personal data if we have a proper reason for doing so. We will take reasonable steps to ensure that personal data is reliable for its intended use, accurate, complete and current. We will not retain your personal information for longer than necessary for the purposes set out in this policy. Different retention periods apply for different types of personal information, and in most cases, we use the purpose for which we collected the personal information to determine the length of time that we need to retain it. In some instances, such as when required by law or authorized by you, we may retain the information for a longer period. We will destroy, erase or make anonymous documents or other records containing personal information as soon as it is reasonable to conclude that the purposes for which that information is in our possession are no longer being served by retention of the information and retention is no longer necessary for legal or business purposes. We will take due care when destroying personal information so as to prevent unauthorized access to the information.
Engage2Excel may disclose your personal information to our service providers with whom we have a contract to process your personal information for a specific business purpose, such as to help us provide our services to you, to deliver to you the product that you selected, or to protect or improve our website. We contract with our service providers to use reasonable and appropriate security measures when processing your personal data.
Automated decision-making takes place when an electronic system uses personal data to make a decision relevant to you without human intervention. We may process automated decision-making in the following circumstances:
- Where we have notified an individual of the decision and given that individual 21 days to request a reconsideration;
- Where it is necessary to perform the contract with an individual and appropriate measures are in place to safeguard that individual’s rights; or
- In limited circumstances, with an individual’s explicit and informed consent and where appropriate measures are in place to safeguard that individual’s rights.
We will not make any decision that would significantly affect an individual based solely on processing by automated means unless we have taken measures to protect the legitimate interests of that individual. If decisions are made by automated means, the individual has the right to know the logic involved in that decision-making.
Data Transfers to Third Parties
Third Party Agents or Service Providers. We may transfer EU and/or Swiss Personal Data to our third-party agents or service providers that perform functions on our behalf. Where required by the Privacy Shield, we enter into written agreements with those third-party agents and service providers requiring them to provide the same level of protection that the Privacy Shield requires and limiting their use of the data to the specified services provided on our behalf. We take reasonable and appropriate steps (i) to ensure that third-party agents and service providers process EU and/or Swiss Personal Data in accordance with our Privacy Shield obligations and (ii) to stop and remediate any unauthorized processing. Under certain circumstances, we may remain liable for the acts of our third-party agents or service providers that perform services on our behalf for their handling of EU and/or Swiss Personal Data that we transfer to them.
Third-Party Data Controllers. In some cases, we may transfer EU and/or Swiss Personal Data to unaffiliated third-party data controllers. These third parties do not act as agents or service providers and are not performing functions on our behalf. We may transfer your EU and/or Swiss Personal Data to third-party data controllers for the following purposes:
- To facilitate provision of services to Engage2Excel customers, Engage2Excel may provide EU and/or Swiss Personal Data to third-party software and services companies whose products interact with Engage2Excel products and services in certain instances where an Engage2Excel customer is also a client of such third party.
We will only provide your EU and/or Swiss Personal Data to third-party data controllers where you have not opted out of such disclosures. We enter into written contracts with any unaffiliated third-party data controllers requiring them to provide the same level of protection for EU and/or Swiss Personal Data that the Privacy Shield requires. We also limit their use of your EU and/or Swiss Personal Data so that it is consistent with any consent you have provided and with the notices you have received. If we transfer your EU and/or Swiss Personal Data to one of our affiliated entities within our corporate group, we will take steps to ensure that your EU and/or Swiss Personal Data is protected with the same level of protection that the Privacy Shield requires.
Disclosures for National Security or Law Enforcement
Under certain circumstances, we may be required to disclose your EU and/or Swiss Personal Data in response to valid requests by public authorities, including to meet national security or law enforcement requirements.
Engage2Excel maintains reasonable and appropriate security measures to protect EU and/or Swiss Personal Data from loss, misuse, unauthorized access, disclosure, alteration, or destruction in accordance with the Privacy Shield.
You may have the right to access the EU and/or Swiss Personal Data that we hold about you and to request that we correct, amend, or delete it if it is inaccurate or processed in violation of the Privacy Shield. These access rights may not apply in some cases, including where providing access is unreasonably burdensome or expensive under the circumstances or where it would violate the rights of someone other than the individual requesting access. If you would like to request access to, correction, amendment, or deletion of your EU and/or Swiss Personal Data, you can submit a written request to the contact information provided below. We may request specific information from you to confirm your identity. In some circumstances we may charge a reasonable fee for access to your information. If your EU and/or Swiss Personal Data was provided to us by an Engage2Excel customer, we may facilitate your access to such data by directing you to the customer that provided your data to us.
Questions or Complaints
You can direct any questions or complaints about the use or disclosure of your EU and/or Swiss Personal Data to us as noted below (Contact Us). We will investigate and attempt to resolve any complaints or disputes regarding the use or disclosure of your EU and/or Swiss Personal Data within 45 days of receiving your complaint. If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact the European Union Data Protection Authorities (“DPAs”) or the Swiss Federal Data Protection and Information Commissioner (“FDPIC”).
If you believe that we may be processing data about you and wish to have access to that information, we can provide you with that data or at least an explanation of why we cannot do so in the particular context, such as if responding to the request would be unreasonably expensive.
Please also let us know if you have any questions, concerns, disputes, or issues. We are open to dialogue to resolve issues. If your concerns cannot be resolved, we can enter into appropriate third-party neutral dispute resolution. If you need to reach us about a privacy or data protection issue, please contact us using the contact information below.
In compliance with the Privacy Shield Principles, Engage2Excel commits to resolve complaints about our collection or use of your personal information. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Engage2Excel at: us-privacy@Engage2Excel.com.
For personal data that is not human resources data, Engage2Excel has further committed to refer unresolved Privacy Shield complaints to:
100 M Street S.E., Suite 600
Washington D.C., 20003, USA
VeraSafe EU VeraSafe EU
Prague 1, 110 02, Czech Republic
Unit 3D North Point House
North Point Business Park
New Mallow Road
Cork, T23AT2P, Ireland
If you do not receive timely acknowledgement of your complaint from us, or if we have not resolved your complaint, please contact or visit (VeraSafe) for more information or to file a complaint. The services of VeraSafe are provided at no cost to you. If neither Engage2Excel nor (VeraSafe), as applicable, resolves your complaint, you may have the ability to engage in binding arbitration through the Privacy Shield Panel. Additional information on the arbitration process is available on the Privacy Shield website at https://www.dataprivacyframework.gov/s/.
Engage2Excel has further committed to cooperate with the panel established by the EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved Privacy Shield complaints concerning data transferred from the EU and Switzerland which involves human resources personal information or information collected in the context of an employment relationship if that information is transferred from the EU to the US. If neither Engage2Excel nor DPAs or FDPIC, as applicable, resolves your complaint, you may have the ability to engage in binding arbitration through the Privacy Shield Panel. Additional information on the arbitration process is available on the Privacy Shield website at https://www.dataprivacyframework.gov/s/.
You may have the option to select binding arbitration for the resolution of your complaint under certain circumstances, provided you have first taken the following steps: (1) raised your complaint directly with Engage2Excel and provided us the opportunity to resolve the issue; (2) raised the issue through the relevant data protection authority and allowed the U.S. Department of Commerce an opportunity to resolve the complaint at no cost to you. For more information on binding arbitration, see U.S. Department of Commerce’s Privacy Shield Framework: Annex I (Binding Arbitration) at https://www.dataprivacyframework.gov/s/article/G-Arbitration-Procedures-dpf.
If you have any questions about this Policy or would like to request access to your EU and/or Swiss Personal Data, please contact us as follows:
Attn: Data Compliance Department
115 Corporate Center Drive, Suite E,
Mooresville, North Carolina 28117 USA
Changes To This Policy
We reserve the right to amend this Policy from time to time consistent with the Privacy Shield’s requirements.
Effective Date: September 29, 2023