EEA & UK Privacy Policy
Last modified: August 22, 2022
Individuals (“Data Subjects”) in the European Economic Area (EEA) and the United Kingdom (UK) have certain privacy rights under EU and UK law, including the General Data Protection Regulations (the “GDPR”) and UK Data Protection Act 2018. In the event, we collect Personal Data (as defined in the GDPR) that is subject to the GDPR, this EEA and UK Privacy Notice shall apply and supplements our Teramind Websites Privacy Policy. Terms in this section are to be understood in a manner consistent with the GDPR including the definitions of such terms in the GDPR. Such terms may have a different definition or meaning in other portions of this Privacy Policy because the GDPR may not apply to those sections.
This EEA and UK Privacy Notice does not apply to the information that our customers manage, upload, and store in the Services (“Customer Content”). In those circumstances:
a. We process and/or host Customer Content on behalf of a customer and that customer is responsible for the
collection and use of all Customer Content; and
b. that customer’s privacy notice will apply to the customer’s collection and use of such Customer Content.
1. Data Controller
The Data Controller is Teramind.
2. Rights under the GDPR
- Right of Access. You have the right to obtain confirmation from us as to whether or not we process Personal Data from you, and you also have the right to at any time obtain access to your Personal Data stored by us.
- Right to Rectification. If we process your Personal Data, we use reasonable measures to ensure that your Personal Data is accurate and up-to-date for the purposes for which your Personal Data was collected. If your Personal Data is inaccurate or incomplete, you have the right to require us to correct it.
- Right to Erasure. You may have the right to require us to delete your Personal Data.
- Right to Restrict Processing. You may have the right to request the restriction or suppression of Personal Data.
- Right to Withdraw Consent. If you have given your consent to the processing of your Personal Data, you have the right to withdraw your consent at any time, without affecting the lawfulness of processing based on the consent before the withdrawal.
- Right to Data Portability. You may have the right to receive the Personal Data concerning you and which you have provided to us, in a structured, commonly used and machine-readable format or to transmit this data to another controller.
- Right to Object. You may have the right to object to the processing of your Personal Data as further specified in this Privacy Policy and you may have the right to object to decisions being made with your Personal Data based solely on automated decision making or profiling.
- Right to Lodge a Complaint with Supervisory Authority. You have the right to lodge a complaint with a data protection supervisory authority located in the European Union or UK. Further information about how to contact your local data protection authority is available at the website of the European Commission.
3. Onward Transfer. Teramind will not disclose Personal Data to a third party except as stated below:
3.1.1. We may disclose Personal Data to subcontractors and third-party agents. Before disclosing Personal Data to a subcontractor or third-party agent, we will obtain assurances by contractual agreement from the recipient that it will: (i) transfer such data only for limited and specified purposes; (ii) ascertain that the subcontractor or third-party agent is obligated to provide at least the same level of privacy
protection as is required by the GDPR; (iii) take reasonable and appropriate steps to ensure that subcontractors and third-party agents effectively process the Personal Data transferred in a manner consistent with the organization’s obligations under the GDPR; (iv) require subcontractors and third party agents to notify the organization if it makes a determination that it can no longer meet its obligation to provide the same level of protection as is required by the GDPR; (v) upon notice, including under (iv), take reasonable and appropriate steps to stop and remediate unauthorized processing; and (vi) provide a summary or a representative copy of the relevant privacy provisions of its contract with subcontractors and third-party agents to the Supervisory Authorities upon request. We also may be required to disclose, and may disclose, Personal Data in response to lawful requests by public authorities, including for the purpose of meeting national security or law enforcement requirements, or in the event of a merger or acquisition.
4. Transfers to the United States
Teramind is hosted in Frankfurt, Germany; however, in using the Websites and the Services, your Personal Data may be processed by employees in the United States, which is not recognized as a country having adequate safeguards for the protection of Personal Data. We rely on your consent or Article 49 of the GDPR for transfers of data collected from Data Subjects in the EU and EEA. Transfers are made to us only if the Data Subject has explicitly consented to the proposed transfer after having been informed of the possible risks of such transfers or via appropriate transfer mechanisms, such as standard contractual clauses. Additionally, we transfer data as necessary for the performance of a contract with to Data Processors who have an agreement with us that includes protecting your privacy and the security of your data, and in cases where your Personal Data is necessary for the implementation of pre-contractual measures taken in accordance with your requests.
5. Contact Us
If you would like to exercise your EEA and UK privacy rights, please contact at 1-888-521-0518 or via email at [email protected]