"Personal information" means any information relating to an identified or identifiable natural person that is within the scope of the EU Personal Data Directive, received by inContact from the European Economic Area or Switzerland, and recorded in any form. An identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity. Personal information does not include anonymized information, aggregate information (to the extent an individual’s identity cannot reasonably be derived from such information), or information as to which the data has freely given specific, informed and unambiguous consent for transfer to the United States.
inContact protects personal information as follows:
The United State Department of Commerce and the European Commission have agreed on a set of data protection principles and frequently asked questions (FAQ) (the “U.S.-EU Safe Harbor Framework”) to enable U.S. companies to satisfy European Union (EU) law requirements for adequate protection of personal information transferred from the European Economic Area (“EEA”) to the United States. The United State Department of Commerce and the Federal Data Protection and Information Commissioner of Switzerland have agreed on a similar set of data protection principles and frequently asked questions (FAQ) (the “U.S.-Swiss Safe Harbor Framework”) to enable U.S. companies to satisfy Swiss law requirements for adequate protection of personal information transferred from Switzerland to the United States. inContact adheres to the Safe Harbor Principles outlined below.
The privacy principles in this policy are based on the Safe Harbor Principles.
INFORMATION COLLECTION & USAGE:
inContact uses several methods for collecting information. Information collected through the Corporate Website, New Service Order, associated processes, and inContact application software is owned solely by inContact with the exception of some information gathered through the inContact application software and associated process. We do not sell, share or rent this information to others outside of the inContact family of companies. inContact collects information from our users at several different points within our site and application software. When a person orders services through inContact we will request additional information on our sign-up form. This includes such things as financial and contact information that is used to provide correct billing and confirmation methods. inContact tracks and catalogs certain information regarding usage of the site including databases used, pages or documents viewed and traffic information. If you are a registered user this information is associated directly with your member account. Use of this information will help us better define the visitor's needs in future renditions of this website, tools, and offerings from inContact. inContact uses the information voluntarily supplied by our users or obtained through tracking to enhance their experience on the site through personalization. Information is also used for the purpose of filling out orders. In addition we may also use the information to identify potential products and services that may appeal to our users.
DISCLOSURE AND ONWARD TRANSFER:
inContact will not sell, trade, or disclose to third parties any individually (either client or inContact employee) personal information, derived from the use of any inContact service, (except as required by subpoena, search warrant or other legal process or in the case of imminent physical harm to the customer or others). When inContact uses other agents, contractors or companies to perform services on its behalf, inContact will ensure that the company protects personal information consistent with this policy. inContact will obtain reasonable assurances from its agents that they will safeguard personal information collected by inContact consistently with this Policy and the Safe Harbor Principles. Examples of appropriate assurances may include: a contract obliging the agent to afford a level of protection to the personal information that is at least equivalent to the Safe Harbor Principles; Safe Harbor certification by the agent; or the agent being subject to EU Directive 95/46/EC or other law providing an adequate level of privacy protection.
This provision does not apply to public record information or publicly available information except in certain situations as defined by the Safe Harbor Program.
inContact has implemented personnel training, technology and security features and strict policy guidelines to safeguard the privacy of personal information from unauthorized access or improper use, and we will continue to enhance our security procedures as new technology becomes available. However, we cannot guarantee the security of personal information.
inContact will take reasonable measures to ensure that personal information is relevant for its intended use, reliable for its intended use, accurate, complete, and current.
inContact may use personal information to investigate and help prevent potentially unlawful activity or activity that threatens the network or otherwise violates the customer agreement for that service.
ACCOUNT INFORMATION UPDATE AND ACCESS:
Upon an individual’s request, inContact will offer such individual reasonable access to his or her personal information and will afford such individual a reasonable opportunity to correct, amend, or delete inaccurate information. Consistent with the Safe Harbor Principles, individuals may choose whether to opt out with regard to disclosure of personal information to third parties and/or with regard to personal information that the individual believes will be used for a purpose that is incompatible with the purpose(s) for which it was originally collected or subsequently authorized by the individual.
inContact honors requests from clients for changes in account information, such as name and password, and will correct any such information that is inaccurate. Personal information may be updated/removed through a direct call to a support representative (1-800-826-8028). inContact may limit or deny access to personal information, or charge a fee, where providing such access would be unreasonably burdensome or expensive under the circumstances or as otherwise permitted by the Safe Harbor Principles.
inContact informs individuals in the EU about the purposes for which it collects and uses their personal information, and how to contact inContact, the types of third parties with which inContact shares their personal information in conjunction with regular business process, and the choice and means inContact offers for limiting the use and disclosure of their personal information.
Consistent with the Safe Harbor requirements, inContact may not be in a position to furnish notice in certain limited situations. Specifically, notice is not required where the processing of EU personal information is necessary to respond to a government inquiry; is required by applicable laws, court orders or government regulations; or is necessary to protect inContact legal interests and providing notice would interfere with those interests.
inContact utilizes the self-assessment approach to assure its compliance with our Safe Harbor Privacy statement. inContact periodically verifies that the policy is accurate, comprehensive for the information intended to be covered, prominently displayed, completely implemented, and in conformity with the Safe Harbor Principles.
Any questions, concerns, or complaints concerning the collection and use of personal information by inContact should be directed to the Office of the Compliance Department at the address given below. inContact will conduct a reasonable investigation of and will attempt to resolve any complaints in accordance with the principles contained in this Policy. For complaints that cannot be resolved between inContact and the complainant, inContact agrees to participate in the dispute resolution procedures of the panel established by the European Data Protection Authorities to resolve disputes pursuant to the Safe Harbor Principles.
LIMITATION ON SCOPE OF PRINCIPLES:
75 West Towne Ridge Parkway
Sandy, UT, USA 84070
ATTN: Compliance Department
Effective Date: 7/29/11