EU-US Privacy Shield Privacy Statement
HALO Recognition is a global business. To offer our services, we may need to transfer your personal information among several countries. We comply with applicable legal requirements providing adequate safeguards for the transfer of personal information to countries outside of the European Economic Area or Switzerland.
HALO Recognition has certified that it adheres to the Privacy Shield Privacy Principles of notice, choice, accountability for onward transfer, security, data integrity and purpose limitation, access, and recourse, enforcement and liability and commits to process in accordance with these Principles all personal data transferred to it by any EU data controller in reliance on this commitment. To learn more about the Privacy Shield program please visit https://www.privacyshield.gov/list.
If you wish to withdraw your consent to our processing of your data or if users feel we are violating the Privacy Shield Principles, they should contact us. If contacting us does not resolve the complaint, users may contact the European Union Data Protection Authorities ("DPA"). If DPAs finds us to be in violation of the Principles, we will correct the situation and stop processing the data of the user bringing the complaint.
This legislation will replace current data privacy law, giving more rights to you as an individual and more obligations to organisations holding your personal data. One of the rights is a right to be informed, which means we have to give you even more information than we do now about the way in which we use, share and store your personal information.
Type of Information Collected
We collect two types of information: personal information and non-personal information.
As used in this policy, Personal Information is information that identifies you or can be used to identify or contact you and may include your name, address, email address, telephone number, birth date (primarily for eligibility purposes), details of employer, and employee ID number. Such information is only collected from your employer or if you voluntarily submit such information to us.
Non-Personal Information is information that cannot be used to identify or contact you, such as survey responses, demographic information regarding, for example, browser types, domain names, and other anonymous statistical data involving the use of our Sites.
We do collect IP addresses which are classified as personal information under the new General Data Protection Regulations. These are collected and stored for security reasons only.
The Use of Information
The personal information referred to above is used for the purpose of fulfilling a recognition award and/or to provide the relevant fulfilment partner with your name and address for fulfillment. Upon request of your employer, we may also use certain personal information, such as your name and email address, from time to time, to conduct email surveys in accordance with the Employee Surveys provision below.
HALO Recognition may track and collect certain information through emails that we send to you. This may include, but is not limited to, whether or not an email is opened, and links you click on in the email. We will not share this information with your employer, and some emails have no tracking at all. However, the ability to track and collect this information allows us to understand how our services are meeting your needs.
HALO Recognition expects that our customers have received appropriate consent, according to applicable privacy laws, from their employees before transferring, in printed, electronic, facsimile or any other format, personal information to HALO Recognition.
Disclosure of Information to Third Parties
HALO Recognition will store and process your personal information only for the purposes of opening and administering your customer account, fulfilling your orders, responding to your requests and/or to communicate with you about your orders. Your personal information will not be shared with third parties other than for these purposes (unless a transfer is necessary in the context of a change of ownership of HALO Recognition’s assets or business).
We may disclose your information (including personal information) if we believe in good faith that we are required to do so in order to comply with an applicable law, a subpoena, a search warrant, a court or regulatory order or other valid legal process or lawful requests by public authorities, including to meet national security or law enforcement requirements. However, we believe that your specific redemption data is personal to you and will not share this information with a third party, including but not limited to your employer.
Pursuant to the Privacy Shield program, HALO Recognition remains accountable, as described in the Privacy Shield Principles, for personal data that it receives under the Privacy Shield and subsequently transfers to a third party. In particular, HALO Recognition, remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process the personal data on its behalf do so in a manner inconsistent with the Principles, unless HALO Recognition proves that it is not responsible for the event giving rise to the damage. HALO Recognition commits to cooperate with EU data protection authorities (DPAs) and comply with the advice given by such authorities with regard to personal data transferred from the EU in the context of the providing its Services.
HALO Recognition may conduct employee surveys upon request from your employer. All survey questions are optional; there is no requirement that you answer all or any of the questions asked. Your individual survey responses may be used to provide your employer with aggregate information and summary data on employee responses and to provide consultation and guidance to your employer.
Access to Personal Data/Amending of Personal Details
If you are an individual employee of any HALO Recognition customer, please contact your company to:
- update or correct your personal information,
- verify what personal information we maintain about you,
- change your preferences with respect to communications and other information you receive from us,
- delete the personal information maintained about you on our systems.
If you are not an employee of a HALO Recognition customer and would like to review or amend any personal details we may store on our system about you, as described above, please contact us directly at firstname.lastname@example.org, providing us with sufficient information to enable us to confirm your identity.
We undertake that as soon as reasonably practicable (subject to any statutory time periods) after receiving your or your employer’s request, all personal information stored in databases we actively use and other readily searchable media will be updated, corrected, changed, deleted or confirmed to you, as appropriate, as soon as reasonably practicable and in accordance with applicable General Data Protection Regulations or the Privacy Shield Principles (as relevant).
HALO Recognition is committed to taking reasonable steps to ensure the security of your information. To prevent unauthorized access, maintain data accuracy and ensure the appropriate use of information, we have put in place appropriate physical, electronic and managerial procedures to safeguard and secure the information we collect online.
Concerns and Comments
In the event that any complaint related to the Privacy Shield program cannot be resolved directly between you and HALO Recognition, we have further committed to cooperate with EU data protection authorities (DPAs) with regard to unresolved Privacy Shield complaints concerning human resources data transferred from the EU in the context of the employment relationship. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact the EU DPAs for more information or to file a complaint. The services of EU DPAs are provided at no cost to you. HALO Recognition is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission and the ICO (Information Commissioner’s Office.