Purpose & Principle
Finnovion Technologies LLC. and its affiliated U.S. entities (collectively, “Finnovion,” “we,” “us,” and “our”) adhere to the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework published by the U.S. Department of Commerce (“Principles”, “Privacy Shield” or “Privacy Shield Program”).
This Statement outlines the general policies and practices that Finnovion has adopted towards implementing the Privacy Shield Framework, including details on the types of personal data that the firm gathers, how that information is used, the options available to individuals affected by our use of such information, and the options available to them to correct personal data relating to them. If there is any conflict between what is described in this statement and the Principles, the Principles will govern.
This Statement applies to European Union non-HR and HR data and Swiss non-HR and HR data transferred under the Privacy Shield Framework from member countries of the European Union and Switzerland to Finnovion’s various operational centers in the U.S. It does not apply to Personal Data that is transferred under other mechanisms, such as Standard Contractual Clauses. To learn more about the Privacy Shield Programs, please visit:
What personal data do we collect?
Finnovion may collect and process personal data that is provided to us by our own employees and potential employees for administrative and recruitment purposes.
Finnovion otherwise does not itself knowingly collect personal data. To the extent that Finnovion obtains any personal data, it has been collected and transferred to us by our clients in connection with the professional services that we provide to our clients.
Consent for collecting, using and disclosing personal data (including sensitive data) may be required from individuals who intend to use our services. Such consent will be obtained through engagement letters, employment agreements, and other similar documents.
For purposes of this statement, “personal data” means information that:
1. Pertains to an identified or identifiable natural person who is in the European Union or Switzerland and can be linked either directly or indirectly to that individual; and
2. Is transferred from the European Union or Switzerland to the United States under the Privacy Shield Framework.
How do we use and share personal data?
To the extent that we obtain any personal data, we agree to inform people about the type of personal data collected from them, about how we use the data, and about how they can contact us about their privacy concerns.
We use this statement, as well as our engagement letters or other similar documents, and direct communication with the individuals from whom personal data is collected to pass on this information.
Following the Privacy Shield Program, we process personal data relating to our own employees and potential employees for administrative and recruitment purposes.
We process personal data related to our clients and their personnel for the purpose of providing professional services to them.
We will not disclose personal data to third parties, except under the following circumstances:
1. The individual concerned has given us permission to make the disclosure.
2. Lawful requests from public authorities in the interest of national security or law enforcement require such disclosur.
3. Requirements under law or mandatory professional standards demand such disclosure.
4. Sale or disposal of our business in whole or in part requires such disclosure.
5. The information in question is already available in the public domain.
6. The establishment or defense of legal claims reasonably require such disclosure.
7. The disclosure being made is to another Finnovion entity, or to persons or entities (transferee) that are providing services on behalf of Finnovion or on behalf of the individual providing the personal information, and is being made consistent with the purpose for which the information was originally obtained, provided that with respect to the information in question, the transferee: Is subject to law providing adequate protection to data privacy; or Has agreed to provide adequate level of data protection.
8. If the need to do so arises, Finnovion may transfer personal data from one jurisdiction to another. Privacy laws vary from jurisdiction to jurisdiction, and the level of protection provided may also vary. Finnovion however, will continue to protect the privacy of personal data as per the Privacy Shield Program irrespective of the jurisdiction where the data resides.
How you can see and change your data (Access)?
Under the Privacy Shield Program, individuals have the right to access the personal data that Finnovion has about them. Individuals wanting to access the data will have to provide identification details such as name, address, date of birth etc. Additional information may be called for, such as a national identifier (e.g. Social Security Number) as a further precautionary measure. Finnovion may limit or deny access to personal information under circumstances where providing such access would be unreasonably burdensome or overly expensive, or where it would be detrimental to the rights of people other than the individual seeking access.
European Union and Swiss Persons may have the option to select binding arbitration under the Privacy Shield Panel for the resolution of your complaint under certain circumstances. For further information, please see the Privacy Shield website.
Please email us at privacyofficer@finnovion.com if you feel you need to correct, modify, or delete inaccurate information, or information that has been obtained in contravention of the principles of the Privacy Shield Program. Storage of personal data collected will be as per Finnovion’s data retention requirements and corporate policies.
Data Security and Integrity
Personal data collected will be processed and used solely for the purpose for which it was originally collected or authorized to be collected by the individual. We will take all reasonable steps to ensure that the data so collected is correct, complete, current and reliable regarding its intended use.
Various physical, logical, and policy measures are used to protect personal data from loss, misuse or unauthorized access, disclosure, alteration or destruction. Personal information displayed on websites will be protected by standard encryption processes.
Accountability and Enforcement
Finnovion has put processes and practices in place to monitor compliance with requirements under the Privacy Shield Program, and to address queries and concerns regarding compliance.
Complaints regarding Finnovion’s processing of personal data under the Privacy Shield Program may be addressed to privacyofficer@finnovion.com. The following options are available to address disputes relating to Finnovion’s privacy policy that cannot be resolved through our internal processes:
1. If the dispute relates to personal data collected in the context of an employment relationship, Finnovion will work with EU Data Protection Authorities, which serves as an Independent Recourse Mechanism for HR data covered by privacy shield. If it is determined that Finnovion has failed to comply with the terms of the Privacy Shield Program, appropriate steps will be taken to address the fallout of such non-compliance, and to ensure there is no recurrence of the same.
2. If the dispute relates to other types of data, individuals are free to approach EU Data Protection Authorities or Swiss Federal Data Protection and Information Commissioner.
Personnel working for Finnovion who violate our privacy policies will face disciplinary action.
Accountability for Onward Transfers
Finnovion does not transfer data to third parties outside of its agents. Finnovion will obtain assurances from its agents that they will safeguard personal information consistently with this Policy. Examples of appropriate assurances that may be provided by agents include: a contract obligating the agent to provide at least the same level of protection as is required by the relevant EU-US Privacy Shield and Swiss-US Privacy Shield Principles or being subject to another European Commission adequacy finding. Where Finnovion has knowledge that an agent is using or disclosing personal information in a manner contrary to this Policy, Finnovion will take reasonable steps to prevent or stop the use or disclosure. Finnovion is liable for appropriate onward transfers of personal data to third parties who do not comply with the Privacy Shield principles.
Please be aware that Finnovion may be required to disclose an individual’s personal information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements.
Recourse, Enforcement, and Liability
Finnovion participation in the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework is subject to investigation and enforcement by the Federal Trade Commission.
In compliance with the Privacy Shield Principles, Finnovion commits to resolve complaints about your privacy and our collection or use of your Personal Data. Data Subjects with inquiries or complaints regarding this Privacy Shield Policy should first contact Finnovion at: privacyofficer@finnovion.com.
Finnovion will satisfy the requirement of this Principle through the following:
Compliance with legal or regulatory supervisory authorities that provide for handling of individual complaints and dispute resolution; and Commitment to cooperate with (DPA) data protection authorities located in the EU, and the Swiss Federal Data Protection and Information Commissioner (FDPIC) and comply with the advice given by such authorities with regard to human resources data and non-human resources data transferred from the EU and Switzerland.
Under certain conditions detailed in the Privacy Shield, Data Subjects may be able to invoke binding arbitration before the Privacy Shield Panel to be created by the U.S. Department of Commerce and the European Commission.
Finnovion agrees to periodically review and verify its compliance with the Privacy Shield Principles, and to remedy any issues arising out of failure to comply with the Privacy Shield Principles. Finnovion acknowledges that its failure to provide an annual self-certification to the U.S. Department of Commerce will remove it from the Department’s list of Privacy Shield participants.
Changes to this Privacy Shield Policy
This Privacy Shield Policy may be amended from time to time consistent with the requirements of the Privacy Shield Program. Appropriate notice will be given regarding such amendments.
Contact information
For further information or to file a complaint, please contact us.
#3102, North Central Expressway,
Dallas, TX-75250
privacyofficer@finnovion.com