PRIVACY POLICY

Applications International Privacy Policy

Applications International Corporation (“AIC,” “we,” “us,” “our”) respects individual privacy and values the confidence of its customers, vendors, business partners and others. AIC complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) as set forth by the U.S. Department of Commerce.  AIC has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF.  If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles, the Principles shall govern.  To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

Applications International Corporation is subject to the regulatory and enforcement authority of the US Federal Trade Commission (FTC).

Processor on Behalf: AIC provides enterprise compliance management software designed to help companies manage data more effectively. AIC does not own or control any of the information it processes on behalf of the AIC customer. AIC does not process HR data on its own employees. Applications International Corporation: personal data or PII data is not required nor is it needed for the applications use. It is up to our clients/customers to determine if they are going to provide and use personal data, such as social security and employee name, in the creation of records. All such information is owned and controlled by the AIC customer. In this capacity, AIC receives information transferred from the EU, UK, and Switzerland to the United States merely as a processor on behalf of its clients which are made up of various companies and organizations who wish to track safety related incidents. With the exception of performing data imports or as otherwise directed by its clients, Applications International Corporation does not collect or enter data into its clients’ software systems. Applications International Corporation does not transmit data to third parties without permission from its clients. Third parties can include, Insurance Carriers clients use for employee injuries. Any access to or use of client data by Applications International Corporation is incidental to performing Applications International Corporation’s contractual obligations to its clients as a processor.

AIC as a Processor on Behalf: When AIC acts as a processor on behalf of its customer, the policies outlined below apply to all data processing operations concerning personal information that has been transferred from the EU and Switzerland to the United States.

The Data Privacy Framework is based on the following Principles:

Notice: Individuals are notified of AIC being a data processor by their employer. In its role as data processor, AIC does not require individuals to provide any PII.

Choice: As a data processor for its clients, Applications International Corporation will work with individuals (may refer back to our client) regarding the purposes for which their personal information is collected and used by its clients (the individuals’ employers). Applications International Corporation relies on its clients to provide and comply with any required options. Individuals wishing to exercise their choice regarding the processing of their personal data or access their personal data must contact our customer who is also their employer.

Onward Transfer: Applications International Corporation occasionally transfers personal information to third parties that act as agents for its clients (with regard to interfaces/integrations with third party software products) or for Applications International Corporation (with regard to software implementations). When Applications International Corporation transfers personal information as described above, Applications International Corporation enters into a written agreement with the third party requiring the third party to provide at least the same level of privacy protection as is required by the relevant Principles.  Applications International Corporation may be liable for the third-party transfer of personal data.

Security: Security is extremely important to Applications International Corporation and our clients. Accordingly, Applications International Corporation takes significant security precautions to protect personal information from loss, misuse and unauthorized access, disclosure, alteration and destruction. Applications International Corporation relies on its clients to establish in the software appropriate password requirements and user roles and levels of access.

Data Integrity: As a data processor for its clients, Applications International Corporation does not typically collect, access or use the personal information provided by its clients. Applications International Corporation relies on its clients (the data subjects’ employers) to ensure that personal information is relevant for the purposes for which it is used, reliable for its intended use, accurate, complete and current.

Access: Applications International Corporation acknowledges the individual’s right to access their personal data. Personal information may be accessed only by authorized users at Applications International Corporation and its clients. As a data processor for its clients, Applications International Corporation must refer all individual requests to our client, who remains the data controller.

Enforcement: AIC utilizes the self-assessment approach to assure its compliance with our privacy statement. AIC periodically verifies that the policy is accurate, comprehensive for the information intended to be covered, prominently displayed, completely implemented, and in conformity with the Principles. We encourage interested persons to raise any concerns with us using the contact information below. We will investigate and attempt to resolve complaints and disputes regarding use and disclosure of personal information in accordance with the principles contained in this policy.

Applications International Corporation notifies and trains appropriate team members regarding its privacy policies and practices and the consequences for failing to comply with them. Any person who we determine is in violation of our privacy policies will be subject to a disciplinary process.

In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

AIC’s accountability for personal data that it receives in the United States under the Data Privacy Frameworks and subsequently transfers to a third party is described in the Data Privacy Framework Principles. In particular, AIC remains responsible and liable under the Data Privacy Framework Principles if third-party agents that it engages to process personal data on its behalf do so in a manner inconsistent with the Data Privacy Framework Principles, unless AIC proves that it is not responsible for the event giving rise to the damage.

In compliance with the Data Privacy Framework Principles, AIC commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to the Data Privacy Frameworks. European Union, United Kingdom, and Swiss individuals with DPF inquiries or complaints should first contact AIC by email at privacypolicy@applicationsinternational.com.

Lauren Leventer, lleventer@appsint.com
Vice President of Human Resources & Operations

AIC has further committed to refer unresolved privacy complaints under the Data Privacy Framework Principles to a U.S.-based independent dispute resolution mechanism, BBB NATIONAL PROGRAMS. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbbprograms.org/dpf-complaints for more information and to file a complaint. This service is provided free of charge to you.

For Our Clients and End Users of AIC: AIC commits to cooperate with the panel established by the EU data protection authorities (DPA Panel), [the UK Information Commissioner’s Office, and the Swiss Federal Data Protection and Information Commissioner, as applicable] and to comply with the advice given by the DPA panel [ICO, or FDPIC, as applicable. Contact details for the EU data protection authorities can be found at https://edpb.europa.eu/about-edpb/board/members_en.

If you have any questions regarding our privacy policy, please contact us at: privacypolicy@applicationsinternational.com.

Contact Information: Executive Vice President and Policy Officer – Elle Field

Changes: Applications International Corporation reserves the right to revise this policy at any time in accordance with the Data Privacy Framework Principles.  You agree to be bound by any such revisions and should therefore periodically visit this page to determine the current terms to which you are bound.