Midiax Online Backup - Safe Harbor Data
Privacy Policy
|
Midiax Online Backup (“Midiax”) provides
secure, off-site backup and local backup
software, and abides by the Safe Harbor
Principles of the United States Department of
Commerce.
Midiax respects the individual privacy of its
customers. In all cases Midiax treats personal
information in a manner consistent with the laws
of the countries in which Midiax does business,
but it also aims to uphold the highest
applicable ethical standards in all its business
activities.
Effective February 10, 2009, this Privacy Policy
sets forth the privacy principles that Midiax
follows with respect to the protection and
transfers of personal information, whether it is
in electronic, paper or verbal format, between
the United States and the EU. This statement
applies to all personal information Midiax
processes (except as noted below), including
on-line, off-line, and manually processed data.
Any employee whom Midiax determines is in
violation of this Privacy Policy will be subject
to disciplinary process, up to and including
termination.
|
Safe Harbor
|
Consistent with its commitment to protect
personal privacy, Midiax declares that it
adheres to the Safe Harbor Principles
embodied in the Safe Harbor Agreement concerning
the transfer of personal data from the European
Union to the United States of America. The
United States Department of Commerce and the
European Commission have agreed on the Safe
Harbor Principles as they are articulated in a
set of data protection principles and frequently
asked questions as a means to enable U.S.
companies to satisfy EU law requirements for
adequate protection of personal information
transferred from the EU to the United States. If
there is a conflict between the provisions of
this Privacy Policy and the Safe Harbor
Principles, the Safe Harbor Principles will
govern.
|
Definitions
|
The following definitions apply to all
statements throughout this Privacy Policy.
"Personal information" means any information or
set of information that is transferred from the
EU to the United States, is recorded in any
form, pertains to or is about any individual,
and can be linked to or used to identify that
individual. Personal information does not
include information that is encoded, anonymized,
or publicly available information that has not
been combined with non-public personal
information. Personal information does not
include information that pertains to or is about
a specific individual, but from which that
individual could not reasonably be identified.
"Sensitive personal information" means personal
information that reveals race, ethnic origin,
political opinions, religious or philosophical
beliefs, or trade union membership, or that
concerns health or sex life. For purposes of
this Privacy Policy, Midiax will treat as
sensitive personal information any information
received from a third party where that third
party treats and identifies the information as
sensitive.
|
The Privacy Principles
|
Midiax’s operations and processing of
personal information conform to the following
Safe Harbor Privacy Principles as stated below
under the heading of each principle.
|
Notice and Change
|
To the extent permitted by the Safe Harbor
Agreement, Midiax reserves the right to process
personal information in the course of providing
professional services to Midiax’s clients and
customers without the knowledge of individuals
involved. If and when Midiax collects personal
information directly from individuals in the EU,
Midiax will inform them about the types of
personal information it collects from them, the
purposes for which Midiax collects and uses it,
and the types of non-agent third parties to
which Midiax discloses that information. Midiax
will also inform those individuals about the
choices and means, if any, that Midiax offers to
limit the use or disclosure of their
information.
|
Disclosures and Transfers
|
Midiax will not disclose an individual's
personal information to third parties, except
when one or more of the following conditions is
true:
a) Midiax has the individual's permission to
make the disclosure;
b) The disclosure is required by law or
professional standards;
c) The disclosure is reasonably related to
the sale or disposition of all or part of
Midiax’s business;
d) The information in question is publicly
available;
e) The disclosure is reasonably necessary for
the establishment or defence of legal claims; or
f) The disclosure is to another Midiax entity
or to persons or entities providing services on
Midiax’s or the individual's behalf (each a
"transferee"), consistent with the purpose for
which the information was obtained, if the
transferee, with respect to the information in
question:
|
1. Is subject to law providing an
adequate level of privacy protection;
2. Has agreed in writing to provide an
adequate level of privacy protection; or
3. Subscribes to the Safe Harbor
Principles.
|
|
Permitted transfers of information, whether
to third parties or within Midiax, include the
transfer of data from one jurisdiction to
another, including transfers to and from the
U.S. Because privacy laws vary from one
jurisdiction to another, personal information
may be transferred to a jurisdiction where the
laws provide less or different protection than
the jurisdiction in which the information
originated.
|
Data Security
|
To prevent unauthorized access or disclosure,
to maintain data accuracy, and to ensure the
appropriate use and confidentiality of
information, either for its own purposes or on
behalf of its clients, customers and business
partners, Midiax has put in place and rigorously
enforces appropriate physical, electronic, and
managerial procedures to safeguard and secure
the information that Midiax processes. However,
Midiax cannot guarantee the security of
information on or transmitted via the Internet.
|
Data Integrity
|
Midiax processes personal information only in
ways compatible with the purpose for which it
was collected or subsequently authorized by the
individual. To the extent necessary for such
purposes, Midiax takes reasonable steps to make
sure that personal information is accurate,
complete, current, and otherwise reliable for
its intended use.
|
Access and Correction
|
If an individual becomes aware that
information Midiax maintains about that
individual is inaccurate, or if an individual
would like to update or review that individual’s
information, the individual may contact Midiax
using the contact information below. In every
case, Midiax will take reasonable steps to
permit individuals to correct, amend, or delete
information that is demonstrated to be
inaccurate. The individual seeking to amend such
information will need to provide sufficient
identifying information, such as name, address,
birth date, and social security number. Midiax
may request additional identifying information
as a security precaution. In addition, Midiax
may limit or deny access to personal information
where providing such access would be
unreasonably burdensome or expensive in the
circumstances, or as otherwise permitted by the
Safe Harbor Agreement. In some circumstances,
Midiax may charge a reasonable fee, where
warranted, for access to personal information.
|
Enforcement and Dispute Resolution
|
Midiax utilizes the self-assessment approach
to assure its compliance with this Privacy
Policy. Midiax periodically verifies that this
Privacy Policy is accurate, comprehensive for
the information intended to be covered,
prominently displayed, completely implemented,
and in conformity with the Safe Harbor
Principles. Midiax encourages interested persons
to raise any concerns about its implementation
of this Privacy Policy using the contact
information below. Midiax will investigate and
attempt to resolve complaints and disputes
regarding use and disclosure of personal
information in accordance with the principles
contained in this Privacy Policy.
Any claim arising out of or relating to Midiax’s
adherence to the EU Data Directive, or the
breach thereof, that cannot be resolved through
Midiax’s internal processes, will be settled by
arbitration administered by the American
Arbitration Association (“AAA”) in accordance
with its applicable commercial rules. Any
arbitrator will be either an attorney or retired
judge having significant and recognized
experience with and knowledge of privacy issues
and information technology. The
arbitration panel should apply California law,
without regard to its conflict of laws
principles, as well as the Safe Harbor
Enforcement Principles issued by the U.S.
Department of Commerce. In addition, the
exclusive location for such arbitration will be
Los Angeles & California. All decisions of the
arbitration panel will be final and binding on
the parties, which waive any right to appeal the
arbitration award further, to the extent an
appeal may be lawfully waived.
Midiax is also subject to the jurisdiction of
the U.S. Federal Trade Commission.
|
Changes
|
Midiax may change this Privacy Policy from
time to time, consistent with the requirements
of the Safe Harbor Principles or the United
States Department of Commerce. Midiax will post
any revised privacy policy in its work places,
train its employees about such changes and how
to comply with them, and will publish any
amended privacy policy on this Web site or a
similar Web site that replaces this Web site.
|
Information Subject to other Policies or
Standards
|
Midiax is committed to following the Safe
Harbor Principles for all personal information
within the scope of the Safe Harbor Agreement.
Certain information, however, is subject to
policies of Midiax that may differ in some
respects from the provisions of this Privacy
Policy. Information subject to such additional
policies includes information obtained from or
relating to a client, customer or business
partner or former client, customer or business
partner that is subject to the terms of any
privacy notice to or agreement with such client,
customer or business partner, any engagement
letter or letters with such client, customer or
business partner, and applicable laws and
professional standards.
|
Contact Information
|
Questions or comments regarding Midiax’s Safe
Harbor certification and this Privacy Policy
should be submitted to Midiax by mail or e-mail
as follows:
Midiax Online Backup
6822 22nd Avenue North #211
St. Petersburg, FL 33710
or
onlinebackup@midiax.com
|
Top |
|