This policy’s purpose is to inform employees, affiliates, customers and clients of the principles under which ZL Technologies Inc. processes Personal Information received from countries belonging to the European Union (the “EU”). This policy complies with the U.S. Department of Commerce safe harbor framework, which has been approved by the EU as an adequate way for ZL Technologies Inc. to demonstrate that it complies with the protections outlined in the EU Directive on Data Policy.
ZL Technologies Inc. provides e-mail and file archiving for records management, compliance and e-discovery. Information can be archived and processed on an organization’s own computers using ZL Technologies Inc.’s software or on in a hosted environment where ZL Technologies Inc. is a software service provider.
ZL Technologies Inc. respects individual privacy and values the confidence of its customers, employees, business partners and others. ZL Technologies Inc. prides itself on upholding the highest ethical standards in its business practices. ZL Technologies Inc. shall not knowingly allow the property of a customer to be used for any purpose other than the customer’s processing, shall keep such customer’s proprietary information confidential, and shall not disclose any such customer proprietary information for any purpose other than as directed by its customers. To help ensure and protect the confidentiality of a customer’s business and to prevent unauthorized persons from gaining access to a customer’s records, ZL Technologies Inc. and its partners shall maintain strict operational controls and security procedures in conjunction with the customer.
As a hosted service provider, ZL Technologies Inc. has certain responsibilities for protecting the privacy of a customer’s information including any personal information being maintained in a customer’s files. Each customer, as the collector and user of that information, has primary responsibility for the privacy of that information.
“Personal Data” and “Personal Information” are data about an identified or identifiable individual, received by ZL Technologies Inc. in the U.S. from the EU, and recorded in any form.
A “Data Subject” is the individual who is the subject of personal data or information.
“Processing” means any online and offline processing, and includes activities such as copying, filing and inputting personal information into a database.
“Sensitive Data” is data that pertains to racial or ethnic origins, political, philosophical or religious beliefs, trade union membership, or health or sex life. Sensitive Data may not be processed at all, unless the Data Subject has given explicit consent.
In processing Personal Data, ZL Technologies Inc. complies with the following Safe Harbor Principles:
In the course of archiving information supplied by the customer, ZL Technologies Inc. receives Personal Information from its customers for the purposes of providing archiving, records management, compliance and e-discovery services to its customers, but ZL Technologies Inc. does not directly control the collection of the Personal Information. ZL Technologies Inc. will only use such Personal Information as necessary to process information on behalf of its customers. ZL Technologies Inc. is usually mandated by its clients to hold the Personal Information in the strictest confidence. In these cases, ZL Technologies Inc. reserves the right to process Personal Information in the course of providing services to its clients without the knowledge of the Data Subjects involved. ZL Technologies Inc. never uses the Personal Information for a purpose other than as it was provided to the company.
Where ZL Technologies Inc. collects Personal Information directly from individuals in the EU for any other purpose, it will notify all identified EU Data Subjects about the purposes for which Personal Information is collected and used, any third parties to whom the Personal Information may be disclosed, and how to contact ZL Technologies Inc. with privacy inquiries.
Since ZL Technologies Inc. does not collect Personal Information directly from Data Subjects, it does not offer an opportunity to choose (opt out) whether their Personal Information is (1) to be disclosed to a third party or (2) to be used for a purpose other than the purpose for which it was originally collected. However, to the extent ZL Technologies Inc. is collecting Personal Information directly from individuals, ZL Technologies Inc. gives each Data Subject the opportunity to opt out from allowing ZL Technologies Inc. to disclose his/her Personal Information to a third party or to use it for a purpose incompatible with the purpose for which it was originally collected or authorized. For Sensitive Data, affirmative choice (opt in) must be given if the data is to be disclosed to a third party or used for a purpose other than its original purpose or the purpose authorized.
Onward Transfer (to Third Parties)
ZL Technologies Inc. will obtain assurances from their agents that they will safeguard Personal Data consistently with this policy. Where ZL Technologies Inc. becomes aware that an agent is using or disclosing Personal Data in a manner that is contrary to this policy, ZL Technologies Inc. will take reasonable steps to prevent or stop the use or disclosure.
ZL Technologies Inc. takes reasonable steps to ensure that Personal Data and Sensitive Data is accurate, complete and current, and relevant for the purposes for which it will be used. Personal Data and Sensitive Data will not be processed in a way that is incompatible with the purposes for which it has been collected or subsequently authorized by the individual.
ZL Technologies Inc. processes information under the guidance and direction of our corporate clients. Where appropriate, and with written permission from our corporate clients, IPS will grant Data Subjects reasonable access to correct, amend or delete inaccurate information, except where the burden or expense of providing access would be disproportionate to the risks to privacy of the Data Subject in the case in question or where rights of persons other than the Data Subject would be violated.
Data Subjects may contact the Legal Department at ZL Technologies Inc.’s offices in San Jose in order to register complaints, access requests or any other issues arising under the Safe Harbor Principles. ZL Technologies Inc. will investigate and attempt to resolve complaints and disputes regarding use and disclosure of Personal Information in accordance with the principles contained in this policy.
ZL Technologies Inc. self-certifies annually with the U.S. Department of Commerce as a data controller, and the U.S. Federal Trade Commission has been empowered to investigate complaints and to obtain redress for individuals in case of the Company’s non-compliance with the Safe Harbor Principles.
ZL Technologies Inc. conducts an annual self-assessment in order to verify that this Policy on Data Protection and Privacy of Information is published and implemented within the company and that it conforms to the Safe Harbor Principles.
STATUS OF POLICY
This policy is subject to change, although ZL Technologies Inc. will provide updates from time to time about changes to this policy. In case of the sale of the company, acquisition or merger, bankruptcy or other change in corporate status, this Policy could change. In addition, this Policy may be supplemented by other company policies and statements.