Effective as of January 30, 2019
OTOY, Inc. and its affiliates and subsidiaries ("OTOY" or "we", "us" or "our") complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data transferred to it in the United States from the European Economic Area ("EEA") and Switzerland, respectively. We have certified to the Department of Commerce that we adhere to the Privacy Shield Principles. To learn more about the Privacy Shield program, the Privacy Shield Principles and to view our certification, please visit www.privacyshield.gov.
Our certification of adherence to the Privacy Shield Principles applies to the personal data that (a) we collect from our customers and other visitors to our website for account management, billing or marketing purposes ("OTOY User Data"), (b) that we process on behalf of our customers in providing online services to them under a service agreement ("Services Data") and (c) we collect about our employees (past or present) collected in the context of the employment relationship ("HR Data"). OTOY commits to cooperate with the panel established by the EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) and comply with the advice given by the panels with regard to HR Data transferred from the EU and Switzerland in the context of the employment relationship. Please contact us to be directed to the relevant DPA contacts.
In compliance with Privacy Shield Principles, OTOY commits to resolve complaints about our collection or use of your personal data. EU and Swiss individuals with inquiries or complaints concerning our Privacy Shield policy should first contact [email protected]. If you are located in the EEA or Switzerland and have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact the JAMS Privacy Shield Program, our U.S.-based third party dispute resolution provider (free of charge), which you can learn more about by visiting https://www.jamsadr.com/eu-us-privacy-shield.
If you are located in the EEA or Switzerland and neither OTOY nor our dispute resolution provider resolves your complaint, you may be entitled to invoke binding arbitration under certain conditions more fully described on the Privacy Shield website.
In addition, we may be required to disclose any personal data that we process in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Individuals in the EEA and Switzerland have rights to access personal data about them, and to limit use and disclosure of their personal data. With our Privacy Shield self-certification, we have committed to respect those rights. This means that if you wish to access Services Data and request that we correct, amend or delete it if it is inaccurate or processed in violation of Privacy Shield, you should contact that customer with your request. We will then help them to fulfil that request in accordance with their instructions.
If your personal data includes OTOY Personal Data, you can request access to that data and request that we correct amend, or delete it if it is inaccurate or processed in violation of Privacy Shield by emailing your request to [email protected]. We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to legal restrictions.
OTOY’s commitments under the Privacy Shield are subject to the regulatory enforcement powers of the U.S. Federal Trade Commission.
If there is any conflict between the terms in this Privacy Shield Notice and the Privacy Shield Principles, the Privacy Shield Principles shall take precedence.