Privacy Shield Notice

Effective as of: January 9, 2019

At Blueback Global Inc. (“Blueback Global”, “we”, or “us”), we respect your privacy expectations.  This Privacy Shield Notice (“Notice”) supplements our Privacy Policy on our websites (the “Site”).  

This Notice applies to individuals located in the European Economic Area (“EEA”) and Switzerland with respect to the transfer of personal information to the United States.  The Notice describes our standards and procedures for handling personal information transferred from the EEA and Switzerland to the United States.  In this Notice where we use the words “personal information” we use these words to describe information that is about you and which identifies you.  Unless specifically defined in this Notice, the terms in this Notice have the same meaning given them in our Privacy Policy.  

COMPLIANCE WITH THE EU-U.S. AND SWISS-U.S. PRIVACY SHIELD FRAMEWORKS

We comply with the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the EEA or Switzerland, as the case may be, to the United States.  Blueback Global has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this Notice and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/.  

Scope.  Our commitment to the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework covers personal information collected from the EEA or Switzerland and transferred to the U.S., including Blueback Global users, Site visitors (including job applicants), service provider, and human resources data.  Blueback employees please see the Internal Privacy Notice for more information on Privacy Shield as it relates to human resources data.

How We Receive Personal Information.  We receive and process personal information from the EEA and Switzerland, as more fully described in our Privacy Policy.  We receive and collect information in a variety of ways. Some we receive directly from individuals through their use of our Site (such as inquiry submissions on the contact form, blog replies, and job applications). We also collect certain information automatically through your use of our Site Content. Additionally, we may receive information (including personal information) from third parties.

Notice.  This Notice together with our Privacy Policy available on the Site describes our privacy practices, including who is responsible for the information we collect, the types of information we collect, how we use, share, retain, and protect this information, and the choices you, as one of our users, have with respect to its access and use.  In addition to the reasons listed in “How We Use Your Information” and “With Whom We May Share Your Information” in the Privacy Policy on our Site, we may share your personal information if we are under a duty to disclose or share your personal information in order to comply with any legal obligation and in response by public authorities, including to meet national security or law enforcement requirements.

Choice.  You also have the right to opt out of (i) disclosures of your personal information to third parties not identified at the time of collection or subsequently authorized and (ii) uses of personal information for purposes materially different from those disclosed at the time of collection or subsequently authorized.  To exercise this right, please see the “Contact Us” section below.

Accountability for Onward Transfer.  If we receive personal information subject to our certification under the Privacy Shield and then transfer such information to a third-party service provider acting as an agent on our behalf, we have certain liability under the Privacy Shield if the agent processes such information in a manner inconsistent with the Privacy Shield except when we are not responsible for the event giving rise to the damage.  

Security.  We have taken reasonable steps to help protect the personal information we collect. Unfortunately, no measures can be guaranteed to provide 100% security. Accordingly, we cannot guarantee the security of your information in all circumstances.  If you have any questions about the security of our Services, please contact us using the email address listed in “Contact Us” section below.

Data Integrity and Purpose Limitation.  We limit collection of personal information to the information that is relevant for the purpose of processing, as set forth in the Privacy Policy on our Site.  We retain the personal information we collect for so long as reasonably necessary to fulfill the purposes for which the data was collected, to perform our contractual and legal obligations, and for any applicable statute of limitations periods for the purposes of bringing and defending claims.  

Access.  You have the right to access the personal information we hold about you.  If such information is inaccurate or processed in violation of the Privacy Shield Principles, you may also request that such information be corrected, amended or deleted.  For additional information on the right to access and other rights available to you under the General Data Protection Regulation (GDPR), including how to exercise such rights, please see the “Your Rights and Choices” section of the Privacy Policy on our Site and “Contact Us” section below.  

RECOURSE, ENFORCEMENT AND LIABILITY

Our Internal Recourse Mechanism.  In compliance with the Privacy Shield Principles, we commit to resolve complaints about our collection or use of your personal information.  EU and Swiss individuals with inquiries or complaints should first contact us at [email protected] or at the address listed in the “Contact Us” section below.  We will respond to your request within a reasonable timeframe, but in no event less than forty-five (45) days after receipt of your complaint.  

Independent Recourse Mechanism.  If a complaint cannot be resolved through our internal process, we commit to cooperate with the panel established by the EU/EEA data protection authorities (DPAs) or the Swiss Federal Data Protection and Information Commissioner (FDPIC) and will comply with the advice given by the DPAs with regard to personal information transferred from the EU/EEA and with the advice given by the FDPIC with regard to personal information transferred from Switzerland.  Such individuals may direct complaints about their personal information to their respective DPA or the FDPIC (as applicable).

Binding Arbitration.  You have the possibility, under certain conditions, to invoke binding arbitration for complaints regarding Privacy Shield compliance not resolved by any of the other Privacy Shield mechanisms pursuant to the Privacy Shield’s Recourse, Enforcement and Liability Principle and Annex I of the Privacy Shield.  

Regulatory Oversight.  The Federal Trade Commission has jurisdiction over our compliance with the Privacy Shield.

CHANGES TO THIS NOTICE

We may update this Notice to account for changes consistent with the requirements of the EU-U.S. and/or Swiss-U.S. Privacy Shield Frameworks.  Any changes we make to this Notice in the future will be posted on this page. The updated Notice will take effect as soon as it has been updated or otherwise communicated to you.  We encourage you to review this Notice for updates each time you use our Services.

CONTACT US

If you have questions about this Notice or our information handling practices, you can e-mail us at [email protected], or by mail at 21710 Stevens Creek Blvd., Suite 225, Cupertino, CA 95014.