Effective Date: November 19, 2018
Updated on: November 7, 2023
Compliance with the EU-U.S. Data Privacy Framework
Fortalice Solutions, LLC complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) as set forth by the U.S. Department of Commerce. Fortalice Solutions, LLC has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) Program, and to view our certification, please visit https://www.dataprivacyframework.gov/.
Personal Information We Collect. “Personal information” is data that can be used to uniquely identify or contact a single person. If you visit our Website, you may be asked to provide certain types of personal information (mostly contact information), but you can also visit and use the Website without providing this information. If you sign up to receive our newsletter, we may collect your email address. If you apply for a job on our Website, you will be required to provide your first and last name, email address, your resume (which may contain information about your educational and employment background and other information you choose to include), and will have the option to include your telephone number, website and upload a cover letter.
How We Use Information We Collect. We collect and use your personal information for a variety of business purposes, including to provide the services that you request (for example, sending our newsletter), to review your job application, to communicate with you, and to do all things necessary to administer the Website and our services, and manage, protect and improve them. As described in more detail below, we also use the traffic data we collect to improve our Website and services.
We reserve the right to transfer any information we have about you in connection with a sale, merger, consolidation, change in control, transfer of assets, reorganization or liquidation of our business. We reserve the right to disclose any personal information as needed if that information is requested by law enforcement agencies or if we are required to do so by law, treaty, regulation,subpoena, court order, or by a government entity. We also may disclose your personal information to third parties if we have reason to believe that disclosing such information is necessary to conduct investigations of possible breaches of law, to cooperate in any legal investigation, or to identify, contact, or bring legal action against someone who may be violating any agreement with us.
Traffic Data. Whenever you visit or interact with the Website, we, or our service providers, use analytics software that automatically or passively collect information about how the Website is accessed and used. We refer to this information as traffic data. Traffic data may include browser type, device type used to access the Website (i.e., computer or mobile device), unique number assigned to identify such device, operating system, application version, click path taken through the Website, your use of features or applications on the Website, and other usage information. This information helps us improve and customize the Website and services. Traffic data is generally non-identifying, but if we associate it with you as an identifiable person, we will treat it as personal information.
Social Media. You may have the opportunity to interact with us via social media, such as through our Facebook, Twitter, LinkedIn or YouTube pages. When you interact with us through various social media, for example, by liking or messaging us on Facebook, we may collect information that you provide to us. When you post on our Facebook page, remember that your post is public to other users of the platform. Please do not post sensitive information on our social media pages. The information we receive from your social network depends on your privacy settings. You should always review, and, if you prefer, adjust your privacy settings on third-party websites and services.
Do Not Track Requests; Third-Party Tracking. Unless your browser settings are configured to make your online activities and publicly available information about your online activities (such as traffic data as described above) invisible to usage analytics tools, we do not presently have the capability to omit you from usage analytics to the extent your browser only sends us a “do not track” message and does not otherwise screen you from tracking without any action on our part. To learn more about browser tracking signals and “Do Not Track”, please visit http://allaboutdnt.org. Third parties, other than our vendors (such as our website analytics provider), do not have authorization from us to track which websites you visited prior to and after visiting the Website. Please note, however, that we cannot control third-party tracking and there may be some third-party tracking that occurs without our knowledge or consent.
Opt-Out; Changes in Personal Information. If you need to correct, update, delete or deactivate your personal information, please contact us at any time by sending an email to firstname.lastname@example.org. If you receive any promotional email communication from us, you will be given the option to “unsubscribe” from receiving further email communications from us at any time. Your option not to receive promotional and marketing material will not preclude us from corresponding with you, by email or otherwise, regarding your existing or past business relationships with us, and will not preclude us from accessing and viewing your personal information in the course of maintaining and improving the Website and our services.
Children. The Website is not intended for use by children in the United States under the age of 18, and we do not knowingly collect personal information from such individuals. If we learn that we have collected the personal information of any such individual, we will take steps to delete the information as soon as possible. Children under the age of majority in any jurisdiction outside of the United States should not provide any personal information without their parent’s consent.
Your California Privacy Rights. Pursuant to Section 1798.83 of the California Civil Code, residents of California have the right to request from a business with whom the California resident has an established business relationship what types of personal information, if any, the business shares with third parties for direct marketing purposes by such third parties and the identities of the third parties with whom the business has shared such information in the immediately preceding calendar year. We do not currently share any personal information with third parties for direct marketing purposes by such parties. If you have any questions, comments or requested related to this Section, please contact us by email at email@example.com. A number of states are currently considering enacting laws similar to the California law above. If you are a resident of a state that enacts such a law, please use the contact information above to contact us with any questions, requests or comments.
EU-U.S. Data Privacy Framework Principles Provisions
Scope. Our commitment to the EU-U.S. Data Privacy Framework Principles; Framework covers personal information collected from the EU and transferred to the U.S., including customer data and personal information received from job applicants.
Right of Access. You have the right to access the personal information we hold about you. If such information is inaccurate or processed in violation of the the “EU-U.S. Data Privacy Framework Principles, you may also request that such information be corrected, amended or deleted. For additional information on how to exercise such rights, please see the “Contact Us” section below.
Choice. You also have the right to opt out of (i) disclosures of your personal information to third parties not identified at the time of collection or subsequently authorized and (ii) uses of personal information for purposes materially different from those disclosed at the time of collection or subsequently authorized. To exercise this right, please see the “Contact Us” section below.
Onward Transfers. If we receive personal information subject to our certification under the EU-U.S. Data Privacy Framework Principles and then transfer such information to a third-party service provider acting as an agent on our behalf, we have certain liability under the EU-U.S. Data Privacy Framework Principles if the agent processes such information in a manner inconsistent with the EU-U.S. Data Privacy Framework Principles except when we are not responsible for the event giving rise to the damage.
Our Internal Recourse Mechanism. In compliance with the EU-U.S. DPF, Fortalice Solutions, LLC commits to resolve DPF Principles-related complaints about our collection and use of your personal information. EU individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF should first contact Fortalice Solutions, LLC at: firstname.lastname@example.org
Dispute Resolution. Within the scope of this privacy notice, if a privacy complaint or dispute cannot be resolved through Fortalice Solutions’ internal processes, Fortalice Solutions has agreed to participate in the VeraSafe EU-U.S. Data Privacy Framework Principles Dispute Resolution Procedure. Subject to the terms of the VeraSafe EU-U.S. Data Privacy Framework Principles Dispute Resolution Procedure, VeraSafe will provide appropriate recourse free of charge to you. To file a complaint with VeraSafe under the EU-U.S. Data Privacy Framework Principles Dispute Resolution Procedure, please submit the required information to VeraSafe here: https://www.verasafe.com/privacy-services/dispute-resolution/submit-dispute/
Binding Arbitration. You have the possibility, under certain conditions, to invoke binding arbitration for complaints regarding EU-U.S. Data Privacy Framework Principles compliance not resolved by any of the other EU-U.S. Data Privacy Framework Principles mechanisms pursuant to the EU-U.S. Data Privacy Framework Principles’s Recourse, Enforcement and Liability Principle and Annex I of the EU-U.S. Data Privacy Framework Principles.
Regulatory Oversight. The Federal Trade Commission has jurisdiction over our compliance with the EU-U.S. Data Privacy Framework Principles.