RolePoint Inc - Safe Harbor Policy

Last Updated: July 19, 2015

Definitions:

"Personal Information" or "Information" means information that (1) is transferred from the EU to the United States; (2) is recorded in any form; (3) is about, or pertains to a specific individual; and (4) can be linked to that individual.

"Organizations" means RolePoint Inc and their respective successors, subsidiaries, divisions and groups in the United States.


RolePoint complies with the U.S.-EU Safe Harbor Framework and the U.S.-Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland. RolePoint has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view RolePoint's certification, please visit http://www.export.gov/safeharbor/

  1. Notice
    1. Organizations shall notify individuals about the purposes for which they collect and use information about them. We will provide information about how individuals can contact the organization with any inquiries or complaints, the types of third parties to which it discloses the information and the choices and means the organization offers for limiting its use and disclosure.
  2. Choice
    1. Organizations shall give individuals the opportunity to choose (opt out) whether their personal information will be disclosed to a third party or used for a purpose incompatible with the purpose for which it was originally collected or subsequently authorized by the individual. For sensitive information, affirmative or explicit (opt in) choice must be given if the information is to be disclosed to a third party or used for a purpose other than its original purpose or the purpose authorized subsequently by the individual.
  3. Onward Transfer (Transfers to Third Parties)
    1. To disclose information to a third party, organizations shall apply the notice and choice principles. Where an organization wishes to transfer information to a third party that is acting as an agent, it may do so if it makes sure that the third party subscribes to the Safe Harbor Privacy Principles or is subject to the Directive or another adequacy finding. As an alternative, the organization can enter into a written agreement with such third party requiring that the third party provide at least the same level of privacy protection as is required by the relevant principles.
  4. Access
    1. Individuals will have access to personal information about them that an organization holds and be able to correct, amend, or delete that information where it is inaccurate, except where the burden or expense of providing access would be disproportionate to the risks to the individual's privacy in the case in question, or where the rights of persons other than the individual would be violated.
  5. Security
    1. Organizations shall take reasonable precautions to protect personal information from loss, misuse and unauthorized access, disclosure, alteration and destruction.
  6. Data integrity
    1. Personal information shall be relevant for the purposes for which it is to be used. An organization should take reasonable steps to ensure that data is reliable for its intended use, accurate, complete, and current.
  7. Enforcement
    1. RolePoint uses a self-assessment approach to maintain compliance with this privacy policy and periodically verifies that the policy is accurate, comprehensive for the information intended to be covered, prominently displayed, completely implemented and accessible and in conformity with these Principles. We encourage interested persons to raise any concerns using the contact information provided and we will investigate and attempt to resolve any complaints and disputes regarding use and disclosure of Personal Information in accordance with the Principles.
  8. Dispute Resolution
    1. Any questions or concerns regarding the use or disclosure of personal information should be directed to RolePoint at the address given below. RolePoint will investigate and attempt to resolve complaints and disputes regarding use and disclosure or personal information in accordance with the principles contained in this Policy. RolePoint has further committed to refer unresolved privacy complaints under the US-EU and US-Swiss Safe Harbor Principles to an independent dispute resolution mechanism when necessary. If a complaint or dispute cannot be resolved through our internal process, we agree to dispute resolution using ICDR/AAA as its independent dispute resolution provider. ICDR/AAA can be contacted at www.icdr.org. This link will provide details about filing and associated costs.

Contact Information: Questions, comments, or complaints regarding the Company’s Safe Harbor Policy or data collection and processing practices can be mailed or emailed to: RolePoint Inc, Hatchery, Floor 2, 645 Harrison Street, San Francisco, CA, US, 94107 or support@rolepoint.com