Last amended November 1, 2016
NOTE: Aurico Reports, LLC complies with the U.S.-Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from Switzerland. The company has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view the company’s certification, please visit http://www.export.gov/safeharbor/
A. DATA PROTECTION AT AURICO REPORTS LLC ("Aurico")
Aurico respects individual privacy and is committed to the protection of confidential data we maintain. Aurico is committed to the collection, use and disclosure personal information in a manner consistent with the laws of the countries in which data is collected. Aurico is also committed to maintaining high ethical standards. For these reasons, Aurico has developed a privacy program designed to respect and protect data privacy rights.
This Policy applies to all personal information received by Aurico in the U.S. from Switzerland in any format including, but not limited to, electronic, written or verbal. This policy sets certain minimum standards within Aurico which may be subjected to more stringent privacy safeguards as a result of the requirements of other national or international regulatory agencies.
For purposes of this Policy, the following definitions shall apply:
1. "Agent" means any third party that uses personal information provided by Aurico to perform tasks on behalf of and at the direction of Aurico.
2. "Aurico" means Aurico Reports Inc., its subsidiaries, affiliates and offices within the United States.
3. "Personal information" means any information or set of information that identifies or could be used by or on behalf of Aurico to identify an individual. Personal information does not include information that is encoded or stripped of all personal identifiable information, or which is publicly available.
4. "Sensitive personal information" means personal information that reveals race, ethnic origin, political opinions, religious or philosophical beliefs, or that concerns the health of an individual. In addition, Aurico will treat as sensitive personal information any information received from a third party where that third party treats and identifies the information as sensitive.
D. PRIVACY PRINCIPLES
These privacy principles are based on the U.S.-Swiss Safe Harbor Privacy Principles.
1. Notification: Where Aurico collects personal information directly from individuals in Switzerland, it will inform them about the purposes for which it collects and uses the information, the types of third parties to which Aurico discloses that information, and the choices and means, if any, Aurico offers individuals for limiting the use and disclosure of their personal information. Notice will be provided in clear and conspicuous language when individuals are first asked to provide personal information to Aurico, or as soon as practicable thereafter, and in any event before Aurico uses the information for a purpose other than that for which it was originally collected.
Where Aurico receives personal information from its subsidiaries, affiliates or other entities in Switzerland, it will use such information in accordance with the notices provided by such entities and the choices made by the individuals to whom such personal information relates.
2. Choice:Aurico will offer individuals the opportunity to choose whether their personal information is to be disclosed to a third party. Aurico will not use the information collected for other than the purpose for which it was originally collected or subsequently authorized to be used by the individual.
3. Data Usage: Aurico will use personal information only in ways that are compatible with the purposes for which it was collected or subsequently authorized by the individual. Aurico will take reasonable steps to ensure that personal information is relevant to its intended use, accurate, complete and up-to-date.
4. Information Transfer: Aurico may share an individual's information with contractors, government agencies and/or partners of Aurico in connection with services that these individuals or entities perform for, or with, Aurico. As an example, Aurico may provide an individual's personal information to court clerks for the purpose of obtaining criminal records.
Where Aurico has knowledge that a consultant, independent contractor or partner is using or disclosing personal information in a manner inconsistent with this Policy, Aurico will take reasonable steps to prevent or stop such improper use and/or disclosure.
5. Data Access and Correction: Upon request, individuals will be granted reasonable access to personal information that Aurico maintains about them. In addition, upon request, Aurico will take reasonable steps to permit individuals to correct, amend or delete information that is found to be inaccurate, incomplete or out-of-date.
6. Data Security:Aurico will employ reasonable safeguards to protect personal information in its possession from loss, misuse, unauthorized access, disclosure, alteration or destruction. For personal information subject to electronic storage or transmission, Aurico maintains an internal private, secure network that is protected from computer malicious software and monitored for unauthorized access. Both electronic and paper based records holding personal information are maintained in access controlled facilities for which business continuity plans are required. Personal data held electronically by Aurico is encrypted.
7. Enforcement: Aurico will conduct compliance audits of its privacy practices to verify adherence to this Policy.
All reported breaches or potential breaches will be investigated by the Compliance Officer, who will take such action as deemed appropriate in the investigation. Any employee that Aurico determines is in violation of this Policy will be subject to disciplinary action up to and including termination of employment. In the event of criminal or other serious violations of the law, these actions could also be subject to notification of the appropriate legal body.
8. Dispute Resolution: Any questions or concerns regarding the use or disclosure of personal information should be directed to the Compliance Officer at the address given below. Aurico will investigate and attempt to resolve complaints and disputes regarding use and disclosure of personal information in accordance with the principles contained in this Policy.
9. Contact Information: Questions or comments regarding this Policy should be submitted to the Aurico Compliance Officer at the following address:
Aurico Reports, LLC
Attn: Compliance Officer
Atrium Corporate Center
3800 Golf Road, Suite 120
Rolling Meadows, IL 60008
If you feel that Aurico may not have abided by this policy or the U.S.-Swiss Safe Harbor privacy principles, you may contact Aurico at the address above, or the U.S. Federal Trade Commission.
10. Release of Information: Aurico reserves the right to share an individual's information if required to do so by a court of law or in order to respond to duly authorized information requests made by government authorities or agencies.
11. Amendments :This Policy may be amended from time to time, consistent with the requirements of the Safe Harbor Principles. Appropriate public notice will be given concerning such amendments when they are made.