Effective Date: November 8, 2017
Strategic BCP participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework. We are committed to subjecting all personal data received from European Union (EU) member countries and Switzerland, respectively, in reliance on each Privacy Shield Framework, to the Framework’s applicable Principles. To learn more about the Privacy Shield Frameworks, and to view our certification, visit the U.S. Department of Commerce’s Privacy Shield List at https://www.privacyshield.gov.
Strategic BCP is responsible for the processing of personal data it receives, under each Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. Strategic BCP complies with the Privacy Shield Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to the Privacy Shield Frameworks, Strategic BCP is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Strategic BCP has further committed to cooperate with the panel established by the EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved Privacy Shield complaints concerning human resources data transferred from the EU and Switzerland in the context of the employment relationship.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
Under certain conditions, more fully described on the Privacy Shield website at https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.
COLLECTION AND USE OF PERSONAL INFORMATION
We collect your personal information at certain of our public web pages when you voluntarily complete a form or otherwise request additional information. The data we collect generally consists of Name, Title, Company (Organization), Phone Number and e-Mail Address. We use this data to respond to your request for further information.
The ResilienceONE® software user profiles may contain personal information related to the business continuity process and specific to each of its client users in order to provide a means of identification and method of contact in the event of an activation of a client's business continuity plan. Each of SBCP's client companies is responsible for the determination and the nature and content of the information collected. SBCP does not use this information for its own purposes and such information is only available for use by authorized client personnel and the SBCP Master Administrator.
You may sign-up to receive newsletter or other communications from us. If you would like to discontinue receiving this information, you may update your email preferences by using the “Unsubscribe” link found in emails we send to you.
ACCESS TO PERSONAL INFORMATION
Client users and potential client users of our ResilienceONE® software product are always able to review, change and/or delete their information, including any Personal Data residing in the software product by logging in via their specific portal or by contacting us at firstname.lastname@example.org. Upon request we will provide you with information about whether we hold any of your personal information. We will respond to your request within a reasonable timeframe.
We may retain your information for as long as your account is active or as needed to provide you services, comply with our legal obligations, resolve disputes and enforce our agreements.
We may share your information with third parties who provide services on our behalf to help with our business activities such as providing cloud computing infrastructure. These companies are authorized to use your personal information only as necessary to provide these services to us.
We may also disclose your personal information as required by law, such as to comply with a subpoena or other legal process, when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.
If SBCP is involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified via email and/or a prominent notice on our website, of any change in ownership, uses of your personal information, and choices you may have regarding your personal information.
The security of your personal information is important to us. We follow generally accepted standards to protect the personal information submitted to us, both during transmission and once it is received. If you have any questions about the security of your personal information, you can contact us at email@example.com.
INFORMATION COLLECTED ON BEHALF OF OUR CLIENTS
The use of information collected through ResilienceONE® shall be limited to the purpose of providing the service for which the Client has engaged SBCP.
SBCP collects information under the direction of its Clients, and has no direct relationship with the individuals whose personal data it processes. If you are a customer of one of our Clients and would no longer like to be contacted by one of our Clients that use our service, please contact the Client that you interact with directly. We may transfer personal information to companies that help us provide our service. Transfers to subsequent third parties are covered by the service agreements with our Clients.
An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data should direct his query to the SBCP’s Client (the data controller). If requested to remove data we will respond within a reasonable timeframe.
We will retain personal data we process on behalf of our Clients for as long as needed to provide services to our Client. SBCP will retain this personal information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
COOKIES AND OTHER TRACKING TECHNOLOGIES
As is true of most websites, we gather certain information automatically. This information may include Internet protocol (IP) addresses, browser type, Internet service provider (ISP), referring/exit pages, the files viewed on our site (e.g., HTML pages, graphics, etc.), operating system, date/time stamp, and/or clickstream data to analyze trends in the aggregate and administer the site.
The above policy only applies to information collected by SBCP and does not apply to links that we may have on our websites, from time to time, which themselves are governed by the privacy policies of the linked subjects. We are not responsible for the content or the privacy policies of linked sites.
Strategic BCP, Inc.
960 Harvest Drive, Building B,
Blue Bell, PA 19422