PrivacyPolicy

Clifton Myers EnterprisesEU-U.S. Privacy Shield Policy

Clifton Myers Enterprises Inc. (the “Company”) complies with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and the United Kingdom to the United States. The Company has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov.

The Company is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).

Scope

This policy applies to all personal information knowingly received and processed by the Company in the United States from the European Economic Area including, but not limited to, personal information collected from the Company’s business customers concerning their employees and/or customers in the context of the services the Company performs for its clients.

Definitions

“The Company” means Clifton Myers Enterprises Inc., its predecessors, and successors.

"Personal information" means information that identifies or reasonably may identify a natural person. Personal information does not include anonymized information or aggregate information to the extent an individual's identity cannot reasonably be derived from such information. In addition, the Company reserves all rights to use public information or information as to which an individual has given explicit consent for use, consistent with the Privacy Shield Framework.

“Agent” means any third party that processes, collects, or uses personal information pursuant to the instructions of, and solely for the benefit of, the Company, or to which the Company discloses personal information for use on its behalf. “Sensitive personal information" means personal information that reveals a natural person's race, ethnic origin, political opinions, religious or philosophical beliefs, criminal record, or trade union membership, or that concerns a natural person's sex life or health.

Privacy Principles

The privacy principles in this policy are based on and shall be interpreted in a manner not inconsistent with the Privacy Shield Framework.

Notice

The Company is contracted by its clients to process their employees’ and/or customers’ personal data for the purpose of business process outsourcing functions such as assistance with software functionality, development and support.
During that process, information collected may include personal information about an individual. This information is collected to facilitate the Company’s client’s human resources information management and computer systems functionality in an efficient, organized, and comprehensive matter. The Company is not responsible for the content of the information it collects, which may include personal information, nor is it responsible for the way its clients treat their employees’ and customers’ personal information.

Choice

The Company generally does not collect information directly from individuals within the EEA. It merely acts as a data processor for its clients. If the Company does collect information directly from individuals within the EEA, it will offer such individuals the choice to opt out of having their personal information disclosed to a third party that is not an agent or used for a purpose other than for which it was collected originally. Similarly, to the extent required by the Privacy Shield Framework, the Company will offer individuals the choice to opt in to having their sensitive personal information disclosed to a third party that is not an agent or used for a purpose other than for which it was collected originally.

Onward Transfer

The Company will obtain reasonable assurances from its agents that they will safeguard personal information knowingly collected by the Company concerning individuals residing in the EEA consistently with this policy and the Privacy Shield Framework. Examples of appropriate assurances may include (1) a contract obliging the agent to afford a level of 6289/21410-001 Current/12452382v1 02/03/2017 12:35 PM protection to the personal information that is at least equivalent to the Privacy Shield Framework, (2) Privacy Shield certification by the agent, or (3) the agent being subject to EU Directive 95/46/EC or other law providing an adequate level of privacy protection.

The Company also may disclose personal information for other purposes or to other third parties when an individual has consented to or requested such disclosure. Please be aware that the Company may be required to disclose an individual's personal information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements. The Company is liable for appropriate onward transfers of personal data to third parties.

Access

Upon an individual's request, if feasible, the Company will offer individuals reasonable access to their personal information and will afford individuals a reasonable opportunity to correct, amend, or delete inaccurate information. If an employee or customer of one of the Company’s clients would like to access personal information about him or her that is maintained by the Company, the employee or customer should make a written request to his or her employer’s local human resources representative or customer service information contact, as well as to the Company at the following address:

Clifton Myers Enterprises Inc.
17853 Santiago Blvd, #107-471
Villa Park, CA 92861
e-mail: privacy.shield@gotocme.com

For security and business purposes, the Company may have to coordinate such a response with the individual’s employer or other applicable entity. The Company may then contact the employee or customer and ask him or her to provide it with various pieces of personal information to process the request. The Company may limit or deny access to personal information where providing such access would be unreasonably burdensome or expensive under the circumstances or as otherwise permitted by the Privacy Shield Framework.

Security

The Company will take reasonable measures including technical, physical, and administrative measures and training, as appropriate, to protect personal information from loss, misuse, and unauthorized disclosure, access, alteration, and destruction. The Company safeguards information according to established security standards and periodically assesses new technology for methods of protecting information. However, the Company cannot guarantee the security of personal information.

Data Integrity

The Company will take reasonable measures to ensure that personal information is relevant for its intended use, reliable for its intended use, accurate, complete, and current.

The Company will conduct periodic assessments to confirm the accuracy of, and verify its adherence to, this policy. The Company will investigate suspected infractions and will take all appropriate action. Any questions, concerns, or complaints concerning the collection and use of personal information by the Company should be directed to:

Clifton Myers Enterprises Inc.
Attn: Daniel Riscalla
17853 Santiago Blvd, #107-471
Villa Park, CA 92861
e-mail: privacy.shield@gotocme.com

The Company will conduct a reasonable investigation of and will attempt to resolve any complaints in accordance with the principles contained in this Statement. The Company has further committed to cooperate with EU data protection authorities (DPAs) with regard to unresolved Privacy Shield complaints concerning data transferred from the EU. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact the EU DPAs for more information or to file a complaint. For complaints that cannot be resolved between the Company and the complainant, the individual may seek redress from the Privacy Shield Panel, a binding arbitration mechanism.

Limitations

The Company's adherence to the Privacy Shield Framework may be limited by any applicable legal, regulatory, ethical, or public interest consideration, and as expressly permitted or required by any applicable law, rule, or regulation. Examples of such limitations include (1) exceptions to the opt-in requirements for sensitive personal information permitted by Commission Decision 2000/520/EC of 26 July 2000, (2) exceptions on access as permitted by the Privacy Shield Framework, or (3) limitations under applicable European Economic Area member state directives. The Company also may disclose personal information reasonably related to the sale or disposition of all or part of its business.

Internet Privacy

The Company maintains a distinct Internet Privacy Policy governing the privacy of information collected by the Company online through its United States site. To learn more about the Privacy Shield Frame program, and to view Clifton Myers Enterprises Inc.’s certification, please visit https://www.privacyshield.gov.

Modification of this Privacy Shield Policy

This policy may be amended from time to time with or without notice in accordance with the Privacy Shield Framework. Any modified policies will be posted on the company’s website for public viewing.

Contact Information

Questions, concerns, or complaints concerning the collection and use of personal information by the Company pursuant to this Privacy Shield policy should be directed by mail or electronic mail to the following address:

Clifton Myers Enterprises Inc.
Attn: Daniel Riscalla
17853 Santiago Blvd, #107-471
Villa Park, CA 92861
e-mail: privacy.shield@gotocme.com