Effective Date 1 June, 2020
Whispir Americas, Inc. (Whispir or we) complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework (together, Privacy Shield) as set forth by the U.S. Department of Commerce regarding the collection, use and retention of personal data (also known as personal information), which means data about an identified or identifiable individual recorded in any form, that is received by Whispir in the United States from the European Union (EU), Switzerland or, after December 31, 2020, United Kingdom (UK) in reliance on Privacy Shield.
If this Privacy Shield Policy and data subject rights under the Privacy Shield Principles conflict, then the Privacy Shield Principles shall govern.
With respect to personal data received or transferred pursuant to Privacy Shield, Whispir is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission.
To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/.
Please also see the Whispir Privacy Policy for more information about how we process your information. If the Whispir Privacy Policy and this Privacy Shield Policy conflict, then this Privacy Shield Policy controls with respect to the subject matter described below.
In this Whispir Privacy Shield Policy:
Whispir commits to comply with the Privacy Shield Principles with respect to personal data collected from or about Authorized Users – EU. This Whispir Privacy Shield Policy does not apply to personal data transferred under Standard Contractual Clauses or any approved derogation under EU data protection law.
If you are an Authorized User – EU, then Whispir commits to processing your personal data in accordance with the Privacy Shield Principles as follows:
1. Notice
The Whispir Privacy Policy notifies individuals covered by this Whispir Privacy Shield Policy about the categories of personal data that Whispir collects and the purposes for collection and use of their personal data. Whispir will only process personal data in ways that are compatible with the purpose for which Whispir collected it or for purposes later authorized.
The types of personal data that Whispir collects depends on how the Sites and/or Services are used.
1.1 We collect the information that you provide to us.
When you use our Services or Sites, we may ask you to provide certain information.
Business contact details, including:
Authorized User-EU credentials, including:
Other personal data that you choose to provide or the relevant Customer provides to us, such as device type, date of birth and gender, driver’s license number and personal interests
Ordering information
Whispir does not process credit card transactions. Credit card transactions are processed by a third-party credit card processing service.
Information you give us when you fill out our forms or send us emails
1.2 We collect personal data about you
Whispir collects information about you from your use of the Services and Sites. Whispir and its vendors collect this information in order to detect fraud and block fraudsters from disrupting the Services and Sites and as described in the table above.
(a) We automatically collect information about use of the Sites or Services.
We automatically collect certain information about use of the Sites and Services from your computer or mobile device. The information, some of which is personal data includes:
We use this automatically collected information:
Some of this information is automatically collected using cookies and similar tracking technology. See the OUR USE OF COOKIES AND SIMILAR TRACKING TECHNOLOGY section in the Whispir Privacy Policy.
(b) We collect information about use of our Apps
When you download, access or otherwise use our mobile applications (“Apps”), the information that we collect depends on your operating system and permissions. Our Apps need to use certain features and data from your mobile device in order to function. For example, we automatically collect usage statistics and crash logs to help us identify and fix problems.
To learn more about the specific information collected by our Apps, please check your device settings or review the information available on the particular platform from which you downloaded an App, such as in Google Play or the App Store. Our Apps also allow you to check or change your status for certain data collection in the preferences or settings. If you change your settings, certain features may be unavailable or not function properly. To stop collection of all information through an App, please uninstall the App.
1.1 We collect information from third party sources
From time to time, we may receive personal data about you from third-party sources, which include:
All personal data is collected to operate, manage and improve the Sites and Services and ensure the technical functionality and security of the Sites and Services as well as for the reasons set forth in the Whispir Privacy Policy. Before Whispir uses personal data for a purpose that is materially different from the purpose for which Whispir collected it or that was later authorized, Whispir will provide you with the opportunity to opt out.
PLEASE SEE THE WHISPIR PRIVACY POLICY FOR MORE INFORMATION.
2. Choice
Whispir will obtain your opt-in consent whenever Privacy Shield requires, including if we disclose personal data to third parties or before personal data is used for a different purpose than the purpose for which it was collected or later authorized by you.
Please send requests to limit the uses or disclosures of personal data to privacy@whispir.com
(with “Privacy Shield” in the subject line).
3. Accountability for Onward Transfer
Whispir may share personal data collected through the Sites and Services to the following categories of recipients:
PLEASE SEE THE WHISPIR PRIVACY POLICY FOR MORE INFORMATION.
If Whispir transfers personal data covered by this Whispir Privacy Shield Policy to a third party, Whispir takes reasonable and appropriate steps to ensure that each third party transferee processes personal data transferred in a manner consistent with Whispir’s obligations under the Privacy Shield Principles. Whispir will ensure that each transfer is consistent with any notice provided to you and any consent you have given. Whispir requires a written contract with any third party receiving personal data that ensures that the third party (i) processes the personal data for limited and specified purposes consistent with any consent you provided, (ii) provides at least the same level of protection as is required by the Privacy Shield Principles, (iii) notifies Whispir if it cannot comply with Privacy Shield; and (iv) ceases processing personal data or takes other reasonable and appropriate steps to remediate.
Under certain circumstances, Whispir may be required to disclose personal data in response to valid requests by public authorities, including for national security or law enforcement requirements.
Whispir remains liable under the Privacy Shield Principles if an agent processes personal data covered by this Whispir Privacy Shield Policy in a manner inconsistent with the Privacy Shield Principles unless Whispir is not responsible for the event giving rise to the damage.
4. Security
Whispir takes appropriate measures to protect personal data covered by this Whispir Privacy Shield Policy from loss, misuse and unauthorized access, disclosure, alteration, unavailability and destruction. In determining these measures, Whispir takes into account the risks involved in the processing and the nature of the personal data.
5. Data Integrity and Purpose Limitation
Whispir takes reasonable steps to ensure that such personal data is reliable for its intended use, accurate, complete and current. Whispir adheres to the Privacy Shield Principles for as long as it retains personal data in identifiable form. Whispir takes reasonable and appropriate measures to comply with the requirement under Privacy Shield to retain personal data in identifiable form only for as long as it serves a purpose of processing.
Whispir limits the collection of personal data covered by this Whispir Privacy Shield Policy to information that is relevant for processing. Whispir does not process personal data in a way that is incompatible with the purpose for which it was collected or subsequently authorized.
6. Access
You have the right to access your personal data and to correct, amend, limit use of or delete the personal data if the personal data is inaccurate or processed in violation of the Privacy Shield Principles. Whispir is not required to grant the rights to access, correct, amend and delete personal data if the burden or expense of providing access, correction, amendment or deletion is disproportionate to the risks to your privacy or if the rights of persons are or could be violated.
You may request access to the personal data that we hold about you and/or or to correct, amend, limit use of or delete your personal data by contacting us at privacy@whispir.com (with “Privacy Shield” in the subject line). We will respond to all requests within a reasonable time, and in accordance with applicable legal requirements.
7. Recourse, Enforcement, and Liability
In compliance with the Privacy Shield Principles, Whispir commits to resolve complaints about your privacy and our collection or use of your personal data transferred to the United States pursuant to Privacy Shield. European Union and Swiss or UK, individuals with Privacy Shield inquiries or complaints should first contact Whispir at privacy@whispir.com (with “Privacy Shield” in the subject line).
Whispir has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the JAMS EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield Frameworks Dispute Resolution operated by JAMS. If you do not receive timely acknowledgment of your complaint or if your complaint is not satisfactorily addressed, please visit https://www.jamsadr.com/eu-us-privacy-shield for more information and to file a complaint. This independent dispute resolution mechanism is provided free of charge to you.
If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction.
Whispir commits to periodically review and verify its compliance with the Privacy Shield Principles and to remedy any issues arising out of failure to comply with the Privacy Shield Principles. Whispir acknowledges that its failure to provide an annual self-certification to the U.S. Department of Commerce will remove it from the Department’s list of Privacy Shield participants.
CHANGES TO THIS WHISPIR PRIVACY SHIELD POLICY
Whispir may amend this Whispir Privacy Shield Policy consistent with the requirements of Privacy Shield, including notice about any amendment.
HOW TO CONTACT WHISPIR
If you are an Authorized User – EU and have questions about this Whispir Privacy Shield Policy or would like to request access to your personal data, please contact us as follows:
Whispir Americas, Inc.
1201 3rd Avenue, Ste 2200,
Seattle, Washington 98107, USA
Attention: Privacy Shield
Email: privacy@whispir.com (with “Privacy Shield” in the subject line)