FareHarbor builds and/or hosts websites on behalf of clients. FareHarbor may receive personal information from its clients when providing reservations, operations, and logistics, and fulfilling service contracts.
PRIVACY SHIELD POLICY
For purposes of enforcing compliance with the Privacy Shield, we are subject to the investigatory and enforcement authority of the U.S. Federal Trade Commission.
For purposes of this Policy, the following definitions shall apply:
“Agent” means any third party that collects or uses personal information under the instructions of, and solely for, FareHarbor or to which FareHarbor discloses personal information for use on FareHarbor’s behalf.
“Personal information” means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. Personal information does not include information that is anonymized or aggregated.
“Sensitive information” means any personal information that reveals race, ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, information that concerns health or sex life, and information about criminal or administrative proceedings and sanctions.
Before we use your personal information for a purpose that is materially different than the purpose we collected it for or that you later authorized, we will provide you with the opportunity to opt out. An individual may opt-out of such uses of their personal data by contacting us at the address given below. We will not use sensitive personal information for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual unless we have received the individual’s affirmative and explicit consent (opt-in). To contact us, please email email@example.com .
Data Integrity and Purpose Limitation
FareHarbor will use personal information only in ways that are compatible with the purposes for which it was collected or subsequently authorized by the individual. We maintain reasonable procedures to help ensure that personal information is reliable for its intended use, accurate, complete, and current.
Transfers to Agents
Under certain circumstances, we may be required to disclose your personal information in response to valid requests by public authorities, including to meet national security or law enforcement requirements.
We maintain reasonable and appropriate security measures to protect personal information from loss, misuse, unauthorized access, disclosure, alteration, or destruction in accordance with the Privacy Shield and applicable law.
If you would like to request access to, correction, amendment, or deletion of your personal information, you can submit a written request to the contact address provided below. These rights may not apply in some cases, including where providing access is unreasonably burdensome or expensive under the circumstances or where it would violate the rights of someone other than the individual requesting access. Please note: In order to verify your identity, we may require you to provide us with personal information prior to accessing any records containing information about you. In some circumstances we may charge a reasonable fee for access to your information.
FareHarbor will conduct compliance audits of its relevant privacy practices to verify adherence to this Policy. Any employee that FareHarbor determines is in violation of this policy will be subject to disciplinary action.
You can direct any questions or complaints about the use or disclosure of your personal information to us at firstname.lastname@example.org. We will investigate and attempt to resolve any complaints or disputes regarding the use or disclosure of your personal information within 45 days of receiving your complaint. For any unresolved complaints, we have agreed to cooperate with the BBB EU PRIVACY SHIELD, operated by the Council of Better Business Bureaus. If you are unsatisfied with our resolution of your complaint, you may contact http://www.bbb.org/EU-privacy-shield/for-eu-consumers for further information and to file a complaint.
Under the Privacy Shield you may have the option to select binding arbitration for the resolution of your complaint under certain circumstances, provided you have taken the following steps: (1) raised your compliant directly with us and provided us the opportunity to resolve the issue; (2) made use of the independent dispute resolution mechanism identified above; and (3) raised the issue through the relevant data protection authority and allowed the US Department of Commerce an opportunity to resolve the complaint at no cost to you. For more information on binding arbitration, see US Department of Commerce’s Privacy Shield Framework: Annex I.
Limitations & Changes
Adherence by FareHarbor to the EU-U.S. and Swiss-U.S. Privacy Shield Principles may be limited (a) by the exception for personal information that is gathered for publication, broadcast, or other forms of public communication of journalistic material as well as information found in previously published material disseminated from media archives; (b) to the extent required to respond to a legal obligation; (c) to the extent necessary to respond to requests by authorities; and (d) to the extent expressly permitted by an applicable law, rule or regulation.
We reserve the right to amend this statement and notice from time to time consistent with the Privacy Shield’s requirements and applicable law. The amended Policy will be made publicly available via FareHarbor’s website.
PRIVACY STATEMENT APPLICABLE TO USERS IN THE EUROPEAN UNION
Purposes of processing and legal basis for processing
Right to lodge a complaint
Residents of the EEA or Switzerland have the right to lodge a complaint about our data collection and processing actions with the supervisory authority concerned. Contact details for data protection authorities are available here.
Personal data we collect may be transferred to, and stored and processed in, the United States or any other country in which we or our affiliates or subcontractors maintain facilities. Upon the start of enforcement of the GDPR, we will ensure that transfers of personal data to a third country or an international organization are subject to appropriate safeguards as described in Article 46 of the GDPR.
If you are a resident of the EEA or Switzerland, you are entitled to the following rights once the GDPR becomes effective. Please note: In order to verify your identity, we may require you to provide us with personal data prior to accessing any records containing information about you.
The right to request data erasure. You have the right to have your personal data erased if the personal data is no longer necessary for the purpose for which it was collected, you withdraw consent and no other legal basis for processing exists, or your fundamental rights to data privacy and protection override our legitimate interest in continuing the processing.
The right to restrict or object to our processing. You have the right to restrict or object to our processing if we are processing your personal data based on legitimate interests or the performance of a task in the public interest as an exercise of official authority (including profiling); using your data for direct marketing (including profiling); or processing your data for purposes of scientific or historical research and statistics.
If you have any questions about this privacy statement/notice or would like to request access to your personal data, please contact Zach Snow, Data Protection Officer at email@example.com. If you are a Supervisory Authority based in the European Union, please contact FareHarbor’s EU representative Max Valverde at firstname.lastname@example.org.
Effective Date: April 12, 2018