EU-U.S. and Swiss-U.S. Privacy Shield Policy
Computer Services, Inc. ("CSI") has adopted this Privacy Shield Policy ("Policy") to establish and maintain an adequate level of personal data privacy protection. This Policy applies to the processing of personal information that CSI obtains from customers located in the European Union (EU) and Switzerland.
CSI complies with the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use and retention of personal information transferred from the European Union and Switzerland to the United States, respectively. CSI has certified to the Department of Commerce that it adheres to the Privacy Shield Principles.
If there is any conflict between the terms in this Policy and the Privacy Shield Privacy Principles, the Privacy Shield Privacy Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov.
CSI is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).
CSI personnel may access and use personal data only if they are authorized to do so and only for the purposes for which they are authorized. All CSI employees who handle personal data from EU and Swiss individuals are required to comply with the Principles stated in this Policy.
Collection and Use of Personal Data
CSI collects only the information necessary to serve those customers and visitors who request information by way of our website. When you visit our website, www.csiweb.com, you may provide us with two basic types of information: personal information that you consciously choose to disclose on an individual basis and the website use information (IP Address, Browser data, etc.) of the computer used to access our website.
You may also provide personal information that we request in order for you to register and gain access to our white papers, policy guides and complimentary webinars. This information may include, but is not limited to:
- First and Last Name
- Company Name
- Phone Number
- Email Address
- Physical Address
At times, job opportunities may be posted via our Careers page. You may choose to provide CSI with a resume in response to one of these postings. CSI will only use the information included on your resume to evaluate you as a candidate for employment.
CSI is a strong advocate for protecting the privacy of children online. Our website and services are not intended to be used by children, nor do we intentionally collect personal information from children under the age of 13. This website is not offered to any person under the age of 13. If you are over the age of 13, but under the age of 18, you must either: (i) be an emancipated minor or (ii) have obtained the legal consent of your parent or legal guardian to use this website and enter into the Terms and Conditions. CSI is diligent in its compliance with laws and regulations regarding the privacy of children. CSI complies with the Children’s Online Privacy Protection Act.
Internet Protocol (IP) Address Collection
All computers that browse the Internet have an IP address assigned to them. When you visit our website, your assigned IP address and browser data are collected and sent to our CRM (customer relationship management) system and search provider partner. This information provides CSI the ability to locate the geographic region of the computers that visit our website.
CSI may periodically use the personal information provided to inform you about changes to our website and services or special offers that may be relevant to you and your industry. If you choose not to receive these emails, you may opt-out by notifying us at firstname.lastname@example.org or by clicking the opt-out link within the body of an email message.
Visitors are not required to register to use this website.
Information from Third Party Services
For certain products, CSI serves as a service provider. In our capacity as a service provider, we will receive, store and/or process personal data. In such cases, we are acting as a data processor and will process the personal information on behalf of and under the direction of the third party that contracted our services. This information may include:
- Individual’s Name
- Place of Birth
- Date of Birth
- Identification Numbers
- Phone Number
- Email Address
CSI uses personal data that it collects indirectly in its role as a service provider for the following business purposes, without limitation:
- delivering and providing the requested products/services;
- storing and processing data, including personal data, in computer databases and servers located in the United States;
- verifying individual customers identity; and
- as otherwise required by law.
Individuals whose data is being handled by CSI in our capacity as a data processor and who wish to exercise their rights to access their personal data or exercise the ability to opt-out of having their data used or shared in ways not originally authorized should address their concerns to the data controller, which is the company with which they originally placed their data. Contact CSI through the methods specified in the section titled ‘Questions or Complaints’ below, to assist with this process.
Disclosures / Onward Transfers of Personal Data
For individuals who have placed their data directly with us, CSI does not sell, share or disclose any provided information to a third party, except as otherwise provided herein. CSI discloses personal data only to Third Parties who reasonably need to know such data only for the scope of the initial transaction and not for other purposes. Such recipients must agree to abide by confidentiality obligations.
CSI may provide personal data to Third Parties that act as agents, consultants and contractors to perform tasks on behalf of and under our instructions. For example, CSI may store such personal data in the facilities operated by Third Parties. Such Third Parties must agree to use such personal data only for the purposes for which they have been engaged by CSI and they must contractually agree to provide adequate protections for the personal data that are no less protective than those set out in this Policy.
Please be aware that CSI may be required to disclose an individual's personal information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements. In cases of onward transfer to third parties of data of EU and Swiss individuals received pursuant to the EU-US and Swiss-US Privacy Shield, CSI is potentially liable.
Right to Access, Change or Delete Personal Data
Individual customers have the right to know what personal information about them is included in the databases and to ensure that such personal data is accurate and relevant for the purposes for which CSI collected it. Individual customers may review their own personal data stored in the databases and correct, erase or block any data that is incorrect, as permitted by applicable law and CSI policies. Upon reasonable request and as required by the Privacy Shield principles, CSI allows individual customers access to their personal data, in order to correct or amend such data where inaccurate.
CSI will endeavor to respond in a timely manner to all reasonable requests to view, modify or inactivate personal data. Direct any requests to CSI through the methods specified in the section titled ‘Questions or Complaints’ below.
Questions or Complaints
In compliance with the EU-US and Swiss-US Privacy Shield Principles, CSI commits to resolve complaints about your privacy and our collection or use of your personal information. European Union or Swiss individuals with inquiries or complaints regarding this Policy should first contact CSI Regulatory Compliance Group at:
CSI Regulatory Compliance
13860 Ballantyne Corporate Place, Suite 200
Charlotte, NC 28277
CSI has further committed to refer unresolved privacy complaints under the EU-US and Swiss-US Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information and to file a complaint. Please note that if your complaint is not resolved through these channels, under limited circumstances, a binding arbitration option may be available before a Privacy Shield Panel.
Data Integrity and Security
CSI uses secure encryption technology to protect certain categories of personal data. To secure customer data sufficiently, we have implemented industry-accepted physical and logical security policies and procedures to safeguard against the unauthorized access, disclosure, alteration or destruction of our customers’ information. Despite these precautions, no data security safeguards guarantee 100% security all of the time.
Renewal / Verification
CSI will renew its EU-US and Swiss-US Privacy Shield certification annually, unless it subsequently determines that it no longer needs such certification or if it employs a different adequacy mechanism.
Prior to the re-certification, CSI will conduct an in-house verification to ensure that its attestations and assertions with regard to its treatment of individual customer personal data are accurate and that the company has appropriately implemented these practices.
CSI will prepare an internal verification statement on an annual basis.
Changes to this Policy
Computer Services, Inc. (CSI)
3901 Technology Drive
Paducah, KY 42001