For personal information of individuals received from the European Economic Area (EEA), XDD is committed to handling such personal information in accordance with the EU-U.S. Privacy Shield as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries. The data that XDD collects can include Names, Email Addresses, Home Addresses, and Telephone Numbers. XDD retain your information for 18 months after your last transaction with us. If protective orders, contracts, written requests, or the like require a different retention period, this 18-month period may change.
If XDD transfers your information to a third-party (e.g. analytics or web hosting vendors), XDD will attempt to ensure the third-party maintains the same level of security as us. We can actively monitor their compliance using TrustBase. XDD is a participant in the U.S. Department of Commerce’s EU-U.S. Privacy Shield and has certified that we adhere to the EU-U.S. Privacy Shield Principles. XDD is subject to the investigatory and enforcement powers of the Federal Trade Commission.
For more information about the EU-U.S. Privacy Shield Framework, visit the U.S. Department of Commerce’s Privacy Shield website at https://www.commerce.gov/privacyshield
To the extent permitted by the EU-U.S. Privacy Shield, XDD reserves the right to process personal information in the course of providing professional services to our clients without the knowledge of individuals involved. Where we collect, at the direction of our clients, personal information directly from individuals in the E.U. it remains the responsibility of our client to inform the individual of the purposes for which we collect and use it and the types of non-agent third parties to which the information is disclosed. It remains the responsibility of our client to inform those individuals about the choices and means, if any, offered the individuals for limiting the use or disclosure of their information.
XDD collects and processes data under the instruction and direction of our clients. If an individual becomes aware that information we maintain about that individual is inaccurate, or if an individual would like to update or review his or her information, the individual must contact and coordinate with our client and proceed according to that client’s personal information policy.
XDD will not disclose an individual’s personal information to third parties unless directed by our client or when one or more of the following conditions are true:
XDD’s intent is to strictly protect the security of your personal information, honor your choice for its intended use, and carefully protect your data from loss, misuse, unauthorized access or disclosure, alteration, or destruction. We have taken appropriate steps to safeguard and secure information we collect online including the use of encryption when collecting personal information.
XDD will only use data in a way that is compatible with the reason it was collected and authorized by our client.
XDD welcomes your comments and/or questions regarding this privacy statement; please contact us by sending us your feedback to firstname.lastname@example.org, or writing to:
Xact Data Discovery
5800 Foxridge Drive, Suite 406
Mission, KS 66202
If however you are unhappy with our response to your concerns you can raise an issue with PrivacyTrust, an independent third party dispute resolution service.
If you do not receive timely acknowledgement of your complaint, or if your complaint is not satisfactorily addressed, you can also submit your complaint to Privacy Trust, an independent third party. Visit https://www.privacytrust.com/drs/xactdatadiscovery to file a complaint.
Finally, as a last resort and in limited situations, EU individuals may seek redress from the Privacy Shield Panel, a binding arbitration mechanism.