Effective April 21st, 2020
Processor on Behalf – AIC provides enterprise compliance management software designed to help companies manage data more effectively. AIC does not own or control any of the information it processes on behalf of the AIC customer. AIC does not process HR data on its own employees. Applications International Corporation: personal data or PII data is not required nor is it needed for the applications use. It is up to our clients/customers to determine if they are going to provide and use personal data, such as social security and employee name, in the creation of records. All such information is owned and controlled by the AIC customer. In this capacity, AIC receives information transferred from the EU and Switzerland to the United States merely as a processor on behalf of its clients which are made up of various companies and organizations who wish to track safety related incidents. With the exception of performing data imports or as otherwise directed by its clients, Applications International Corporation does not collect or enter data into its clients’ software systems. Applications International Corporation does not transmit data to third parties without permission from its clients. Third parties can include, Insurance Carriers clients use for employee injuries. Any access to or use of client data by Applications International Corporation is incidental to performing Applications International Corporation’s contractual obligations to its clients as a processor.
AIC as a Processor on Behalf – When AIC acts as a processor on behalf of its customer, the policies outlined below apply to all data processing operations concerning personal information that has been transferred from the EU and Switzerland to the United States.
The PrivacyShield is based on the following Principles:
Individuals are notified of AIC being a data processor by their employer. In its role as data processor, AIC does not require individuals to provide any PII.
As a data processor for its clients, Applications International Corporation will work with individuals (may refer back to our client) regarding the purposes for which their personal information is collected and used by its clients (the individuals’ employers). Applications International Corporation relies on its clients to provide and comply with any required options. Individuals wishing to exercise their choice regarding the processing of their personal data or access their personal data must contact our customer who is also their employer.
Applications International Corporation occasionally transfers personal information to third parties that act as agents for its clients (with regard to interfaces/integrations with third party software products) or for Applications International Corporation (with regard to software implementations). When Applications International Corporation transfers personal information as described above, Applications International Corporation enters into a written agreement with the third party requiring the third party to provide at least the same level of privacy protection as is required by the relevant Principles. Applications International Corporation may be liable for the third party transfer of personal data.
Security is extremely important to Applications International Corporation and our clients. Accordingly, Applications International Corporation takes significant security precautions to protect personal information from loss, misuse and unauthorized access, disclosure, alteration and destruction. Applications International Corporation relies on its clients to establish in the software appropriate password requirements and user roles and levels of access.
As a data processor for its clients, Applications International Corporation does not typically collect, access or use the personal information provided by its clients. Applications International Corporation relies on its clients (the data subjects’ employers) to ensure that personal information is relevant for the purposes for which it is used, reliable for its intended use, accurate, complete and current.
Applications International Corporation acknowledges the individual’s right to access their personal data. Personal information may be accessed only by authorized users at Applications International Corporation and its clients. As a data processor for its clients, Applications International Corporation must refer all individual requests to our client, who remains the data controller.
AIC utilizes the self-assessment approach to assure its compliance with our privacy statement. AIC periodically verifies that the policy is accurate, comprehensive for the information intended to be covered, prominently displayed, completely implemented, and in conformity with the Principles. We encourage interested persons to raise any concerns with us using the contact information below. We will investigate and attempt to resolve complaints and disputes regarding use and disclosure of personal information in accordance with the principles contained in this policy.
Applications International Corporation notifies and trains appropriate team members regarding its privacy policies and practices and the consequences for failing to comply with them. Any person who we determine is in violation of our privacy policies will be subject to a disciplinary process.
In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
AIC’s accountability for personal data that it receives in the United States under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, AIC remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process personal data on its behalf do so in a manner inconsistent with the Principles, unless AIC proves that it is not responsible for the event giving rise to the damage.
In compliance with the Privacy Shield Principles, AIC commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to Privacy Shield. European Union, United Kingdom, and Swiss individuals with Privacy Shield inquiries or complaints should first contact AIC by email at email@example.com
Lauren Leventer, firstname.lastname@example.org
Vice President of Human Resources & Operations
AIC has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://bbbprograms.org/privacy-shield-complaints/ for more information and to file a complaint. This service is provided free of charge to you.
If your complaint involves human resources data transferred to the United States from the European Union, [the United Kingdom, or Switzerland] in the context of the employment relationship, and AIC does not address it satisfactorily, AIC commits to cooperate with the panel established by the EU data protection authorities (DPA Panel), [the UK Information Commissioner’s Office, and the Swiss Federal Data Protection and Information Commissioner, as applicable] and to comply with the advice given by the DPA panel [ICO, or FDPIC, as applicable] with regard to such human resources data. To pursue an unresolved human resources complaint, you should contact the state or national data protection or labor authority in the appropriate jurisdiction. Complaints related to human resources data should not be addressed to the BBB EU PRIVACY SHIELD. Contact details for the EU data protection authorities can be found at https://edpb.europa.eu/about-edpb/board/members_en. Complaints related to human resources data should not be addressed to the BBB EU PRIVACY SHIELD.
If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction
Executive Vice President and Policy Officer – Elle Field
Applications International Corporation reserves the right to revise this policy at any time in accordance with the PrivacyShield Principles. You agree to be bound by any such revisions and should therefore periodically visit this page to determine the current terms to which you are bound.