- SCHEDULE A DEMO: 877-455-6789
- info@complipoint.com
Menu
Menu
Complipoint (“we,” “us,” “our”) respects individual privacy and values the confidence of its customers, vendors, business partners and others. Complipoint adheres to the Privacy Shield Privacy Policy concerning the transfer of personal data from the European Union member countries and Switzerland to the United States of America. Accordingly, we follow the Privacy Shield Principles published by the U.S. Department of Commerce. Privacy Shield Privacy Policy (the “Policy”) sets forth the privacy principles that complipoint follows with respect to transfers of personal information anywhere in the world, including transfers from the European Union (EU) and Switzerland to the United States. Complipoint is subject to the regulatory and enforcement authority of the US Federal Trade Commission (FTC).
Complipoint complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union, the United Kingdom, and Switzerland to the United States in reliance on Privacy Shield. Complipoint has certified that it adheres to the Privacy Shield Principles with respect to such data. If there is any conflict between the policies in this privacy policy and data subject rights under the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit: https://www.privacyshield.gov.
Processor on Behalf: Complipoint provides enterprise compliance management software designed to help companies manage data more effectively. Complipoint does not own or control any of the information it processes on behalf of the complipoint customer. Complipoint does not process HR data on its own employees. Complipoint personal data, or PII data is not required nor is it needed for the applications use. It is up to our clients/customers to determine if they are going to provide and use personal data, such as social security number and employee name, in the creation of records. All such information is owned and controlled by the complipoint customer. In this capacity, complipoint receives information transferred from the EU and Switzerland to the United States merely as a processor on behalf of its clients which are made up of various companies and organizations who wish to track safety related incidents. With the exception of performing data imports or as otherwise directed by its clients, complipoint does not collect or enter data into its clients’ software systems. Complipoint does not transmit data to third-parties without permission from its clients. Third-parties can include insurance carriers clients use for employee injuries. Any access to or use of client data by complipoint is incidental to performing complipoint’s contractual obligations to its clients as a processor.
Complipoint as a Processor on Behalf: When complipoint acts as a processor on behalf of its customer, the policies outlined below apply to all data processing operations concerning personal information that has been transferred from the EU and Switzerland to the United States.
Individuals are notified of complipoint being a data processor by their employer. In its role as data processor, complipoint does not require individuals to provide any PII.
As a data processor for its clients, complipoint will work with individuals (may refer back to our client) regarding the purposes for which their personal information is collected and used by its clients (the individuals’ employers). Complipoint relies on its clients to provide and comply with any required options. Individuals wishing to exercise their choice regarding the processing of their personal data or access their personal data must contact our customer who is also their employer.
Complipoint occasionally transfers personal information to third-parties that act as agents for its clients (with regard to interfaces/integrations with third party software products) or for complipoint (with regard to software implementations). When complipoint transfers personal information as described above, complipoint enters into a written agreement with the third-party requiring the third-party to provide at least the same level of privacy protection as is required by the relevant Principles. Complipoint may be liable for the third-party transfer of personal data.
Security is extremely important to complipoint and our clients. Accordingly, complipoint takes significant security precautions to protect personal information from loss, misuse and unauthorized access, disclosure, alteration and destruction. Complipoint relies on its clients to establish in the software appropriate password requirements and user roles and levels of access.
As a data processor for its clients, complipoint does not typically collect, access or use the personal information provided by its clients. Complipoint relies on its clients (the data subjects’ employers) to ensure that personal information is relevant for the purposes for which it is used, reliable for its intended use, accurate, complete and current.
Complipoint acknowledges the individual’s right to access their personal data. Personal information may be accessed only by authorized users at complipoint and its clients. As a data processor for its clients, complipoint must refer all individual requests to our client, who remains the data controller.
Complipoint utilizes the self-assessment approach to assure its compliance with our privacy statement. Complipoint periodically verifies that the policy is accurate, comprehensive for the information intended to be covered, prominently displayed, completely implemented, and in conformity with the Principles. We encourage interested persons to raise any concerns with us using the contact information below. We will investigate and attempt to resolve complaints and disputes regarding use and disclosure of personal information in accordance with the principles contained in this policy.
Complipoint’s accountability for personal data that it receives in the United States under the Privacy Shield and subsequently transfers to a third-party is described in the Privacy Shield Principles. In particular, complipoint remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process personal data on its behalf do so in a manner inconsistent with the Principles, unless complipoint proves that it is not responsible for the event giving rise to the damage.
Complipoint notifies and trains appropriate team members regarding its privacy policies and practices and the consequences for failing to comply with them. Any person who we determine is in violation of our privacy policies will be subject to a disciplinary process. In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
In compliance with the Privacy Shield Principles, complipoint commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to Privacy Shield. European Union, United Kingdom, and Swiss individuals with Privacy Shield inquiries or complaints should first contact complipoint by email at: privacypolicy@complipoint.com.
Lauren Leventer: lleventer@complipoint.com – Vice President of Human Resources & Operations
Complipoint has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit: https://bbbprograms.org/privacy-shield-complaints for more information and to file a complaint. This service is provided free of charge to you.
If your complaint involves human resources data transferred to the United States from the European Union, [the United Kingdom, or Switzerland] in the context of the employment relationship, and complipoint does not address it satisfactorily, complipoint commits to cooperate with the panel established by the EU data protection authorities (DPA Panel), [the UK Information Commissioner’s Office, and the Swiss Federal Data Protection and Information Commissioner, as applicable] and to comply with the advice given by the DPA panel [ICO, or FDPIC, as applicable] with regard to such human resources data. To pursue an unresolved human resources complaint, you should contact the state or national data protection or labor authority in the appropriate jurisdiction. Complaints related to human resources data should not be addressed to the BBB EU PRIVACY SHIELD. Contact details for the EU data protection authorities can be found at: https://edpb.europa.eu/about-edpb/board/members_en. Complaints related to human resources data should not be addressed to the BBB EU PRIVACY SHIELD.
If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at: https://www.privacyshield.gov/article?id=ANNEX-I-introduction.
Elle Field – Executive Vice President & Policy Officer
Complipoint reserves the right to revise this policy at any time in accordance with the PrivacyShield Principles. You agree to be bound by any such revisions and should therefore periodically visit this page to determine the current terms to which you are bound.
If you have any questions regarding our privacy policy, please contact us at: privacypolicy@complipoint.com.
Complipoint (“we,” “us,” “our”) respects individual privacy and values the confidence of its customers, vendors, business partners and others. Complipoint adheres to the Privacy Shield Privacy Policy concerning the transfer of personal data from the European Union member countries and Switzerland to the United States of America. Accordingly, we follow the Privacy Shield Principles published by the U.S. Department of Commerce. Privacy Shield Privacy Policy (the “Policy”) sets forth the privacy principles that complipoint follows with respect to transfers of personal information anywhere in the world, including transfers from the European Union (EU) and Switzerland to the United States. Complipoint is subject to the regulatory and enforcement authority of the US Federal Trade Commission (FTC).
Complipoint complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union, the United Kingdom, and Switzerland to the United States in reliance on Privacy Shield. Complipoint has certified that it adheres to the Privacy Shield Principles with respect to such data. If there is any conflict between the policies in this privacy policy and data subject rights under the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit: https://www.privacyshield.gov.
Processor on Behalf: Complipoint provides enterprise compliance management software designed to help companies manage data more effectively. Complipoint does not own or control any of the information it processes on behalf of the complipoint customer. Complipoint does not process HR data on its own employees. Complipoint personal data, or PII data is not required nor is it needed for the applications use. It is up to our clients/customers to determine if they are going to provide and use personal data, such as social security number and employee name, in the creation of records. All such information is owned and controlled by the complipoint customer. In this capacity, complipoint receives information transferred from the EU and Switzerland to the United States merely as a processor on behalf of its clients which are made up of various companies and organizations who wish to track safety related incidents. With the exception of performing data imports or as otherwise directed by its clients, complipoint does not collect or enter data into its clients’ software systems. Complipoint does not transmit data to third-parties without permission from its clients. Third-parties can include insurance carriers clients use for employee injuries. Any access to or use of client data by complipoint is incidental to performing complipoint’s contractual obligations to its clients as a processor.
Complipoint as a Processor on Behalf: When complipoint acts as a processor on behalf of its customer, the policies outlined below apply to all data processing operations concerning personal information that has been transferred from the EU and Switzerland to the United States.
Individuals are notified of complipoint being a data processor by their employer. In its role as data processor, complipoint does not require individuals to provide any PII.
As a data processor for its clients, complipoint will work with individuals (may refer back to our client) regarding the purposes for which their personal information is collected and used by its clients (the individuals’ employers). Complipoint relies on its clients to provide and comply with any required options. Individuals wishing to exercise their choice regarding the processing of their personal data or access their personal data must contact our customer who is also their employer.
Complipoint occasionally transfers personal information to third-parties that act as agents for its clients (with regard to interfaces/integrations with third party software products) or for complipoint (with regard to software implementations). When complipoint transfers personal information as described above, complipoint enters into a written agreement with the third-party requiring the third-party to provide at least the same level of privacy protection as is required by the relevant Principles. Complipoint may be liable for the third-party transfer of personal data.
Security is extremely important to complipoint and our clients. Accordingly, complipoint takes significant security precautions to protect personal information from loss, misuse and unauthorized access, disclosure, alteration and destruction. Complipoint relies on its clients to establish in the software appropriate password requirements and user roles and levels of access.
As a data processor for its clients, complipoint does not typically collect, access or use the personal information provided by its clients. Complipoint relies on its clients (the data subjects’ employers) to ensure that personal information is relevant for the purposes for which it is used, reliable for its intended use, accurate, complete and current.
Complipoint acknowledges the individual’s right to access their personal data. Personal information may be accessed only by authorized users at complipoint and its clients. As a data processor for its clients, complipoint must refer all individual requests to our client, who remains the data controller.
Complipoint utilizes the self-assessment approach to assure its compliance with our privacy statement. Complipoint periodically verifies that the policy is accurate, comprehensive for the information intended to be covered, prominently displayed, completely implemented, and in conformity with the Principles. We encourage interested persons to raise any concerns with us using the contact information below. We will investigate and attempt to resolve complaints and disputes regarding use and disclosure of personal information in accordance with the principles contained in this policy.
Complipoint’s accountability for personal data that it receives in the United States under the Privacy Shield and subsequently transfers to a third-party is described in the Privacy Shield Principles. In particular, complipoint remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process personal data on its behalf do so in a manner inconsistent with the Principles, unless complipoint proves that it is not responsible for the event giving rise to the damage.
Complipoint notifies and trains appropriate team members regarding its privacy policies and practices and the consequences for failing to comply with them. Any person who we determine is in violation of our privacy policies will be subject to a disciplinary process. In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
In compliance with the Privacy Shield Principles, complipoint commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to Privacy Shield. European Union, United Kingdom, and Swiss individuals with Privacy Shield inquiries or complaints should first contact complipoint by email at: privacypolicy@complipoint.com.
Lauren Leventer: lleventer@complipoint.com – Vice President of Human Resources & Operations
Complipoint has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit: https://bbbprograms.org/privacy-shield-complaints for more information and to file a complaint. This service is provided free of charge to you.
If your complaint involves human resources data transferred to the United States from the European Union, [the United Kingdom, or Switzerland] in the context of the employment relationship, and complipoint does not address it satisfactorily, complipoint commits to cooperate with the panel established by the EU data protection authorities (DPA Panel), [the UK Information Commissioner’s Office, and the Swiss Federal Data Protection and Information Commissioner, as applicable] and to comply with the advice given by the DPA panel [ICO, or FDPIC, as applicable] with regard to such human resources data. To pursue an unresolved human resources complaint, you should contact the state or national data protection or labor authority in the appropriate jurisdiction. Complaints related to human resources data should not be addressed to the BBB EU PRIVACY SHIELD. Contact details for the EU data protection authorities can be found at: https://edpb.europa.eu/about-edpb/board/members_en. Complaints related to human resources data should not be addressed to the BBB EU PRIVACY SHIELD.
If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at: https://www.privacyshield.gov/article?id=ANNEX-I-introduction.
Elle Field – Executive Vice President & Policy Officer
Complipoint reserves the right to revise this policy at any time in accordance with the PrivacyShield Principles. You agree to be bound by any such revisions and should therefore periodically visit this page to determine the current terms to which you are bound.
If you have any questions regarding our privacy policy, please contact us at: privacypolicy@complipoint.com.