FSEnet+ 2.0 Portal Privacy Notice

Effective on: 05/27/2016

Scope of this Notice

This privacy notice (hereinafter, the “Notice”) addresses data subjects whose personal data (“PII”) FSE, Inc. (“us”, “we,” “our,” or “FSEnet+”) may receive or otherwise process in our hosted technology platform, the “FSEnet+ 2.0 Portal”.  This Notice does not apply to the FSEnet+ 1.0 Portal, the FSEnet+ mobile applications, the FSEnet+ publicly accessible websites, the employees of FSEnet+, or to any PII we collect outside of the FSEnet+ 2.0 Portal. 

The FSEnet+ 2.0 Portal is used by both demand-side subscribers and supply-side subscribers. Where PII is submitted to the FSEnet+ 2.0 Portal by a demand-side subscriber, FSEnet+ and the demand-side subscriber are joint data controllers with respect to such PII. Where PII is submitted to the FSEnet+ 2.0 Portal by a supply-side subscriber, FSEnet+ is a data processor with respect to such PII.

U.S.-EU and U.S.-Swiss Safe Harbor

[Note: our Safe Harbor compliance assessment is currently underway; however, as of the effective date we have not yet completed this process.] FSEnet+, Inc. complies with the U.S. - EU Safe Harbor Framework and U.S. - Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of PII from European Union member countries and Switzerland. FSEnet+, Inc. has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view FSEnet+, Inc.’s certification, please visit http://www.export.gov/safeharbor/.

FSEnet+, Inc. is a member of the VeraSafe Privacy Program, meaning that VeraSafe has assessed FSEnet+, Inc.’s data governance and data security for compliance with the VeraSafe Privacy Program Certification Criteria. The program criteria require that participants maintain a high standard of data protection and implement specific best practices pertaining to notice, choice, access, data security, and third-party information sharing. 

In the case that a privacy complaint or dispute cannot be resolved through FSEnet+, Inc.’s internal process, FSEnet+, Inc. has agreed to participate in the VeraSafe EU Safe Harbor Dispute Resolution Procedure for U.S.-EU and U.S.-Swiss Safe Harbor disputes. To file a complaint with the procedure, please submit the required information to VeraSafe here: https://www.verasafe.com/dispute-submission.

FSEnet+, Inc. is subject to the investigatory and enforcement powers of the United States Federal Trade Commission.

Confidentiality

The FSEnet+ 2.0 Portal enables the trading partners of supply-side subscribers to access the product level PII submitted by those supply-side subscribers. Likewise, the FSEnet+ 2.0 Portal enables the trading partners of our demand-side subscribers to access the PII submitted by those demand-side subscribers.

Except as disclosed in this Notice, FSEnet+ maintains the PII contemplated by this Notice in confidence.

Categories of PII

The FSEnet+ 2.0 Portal is designed to process, among others, the basic contact information of natural persons that are employed by our supply-side subscribers and our demand-side subscribers. However, since PII covered by this Notice is sent to us by another company, the categories of data sent and the purposes of use often depend on such other company, with whom the data subjects typically have a closer employment or business relationship (and which, therefore, can provide additional information on categories of data transferred to us).

Purposes of Use

We collect and use PII for the purposes of providing services to our subscribers at their instruction, processing (including, where FSEnet+ acts as a data controller, correcting and updating) PII on behalf of subscribers, communicating with corporate business partners about business matters, providing information on our services to prospective subscribers, and conducting related tasks for legitimate business purposes.

Where FSEnet+ acts as a joint data controller, FSEnet+ may use the PII it controls for its own direct marketing efforts. 

Disclosure

We share PII with our data processors and subprocessors, who further process such PII on behalf of, and under the instruction of, FSEnet+. Such data processors and subprocessors include:

  • Internet hosting service providers;
  • colocation service providers;
  • CRM software-as-a-service providers;
  • cloud storage service providers;
  • software consulting and database hosting service providers;
  • database administration service providers; and
  • email service providers.

We require those data processors and subprocessors to maintain at least the same level of confidentiality, integrity, and availability that we maintain for such PII.

We may also disclose PII:

  • to other third parties for the purposes for which we receive the PII (e.g., performance of contractual obligations and rights);
  • to the extent required by law or if we have a good-faith belief that such disclosure is necessary in order to comply with official investigations or legal proceedings initiated by governmental and/or law enforcement officials, or private parties, including but not limited to: in response to subpoenas, search warrants, or court orders;
  • if we sell or transfer all or a portion of our company’s business interests, assets, or both, or in connection with a corporate merger, consolidation, restructuring or other company change;
  • to our subsidiaries only if necessary for business and operational purposes; and
  • where we are a joint controller with regards to such PII, the disclosure is permitted by law or the U.S.-EU/CH Safe Harbor Principles, and we have a legitimate business interest in such disclosure.

Data Integrity & Security

FSEnet+ employs technical, administrative, and physical measures that are reasonably designed to help protect PII that we process from loss, unauthorized access, disclosure, alteration, or destruction. 

Access, Review & Opting Out

If you are a data subject of PII that was submitted to the FSEnet+ 2.0 Portal by a demand-side subscriber, you may request access to, and the opportunity to update, correct, amend, or (where the information is inaccurate) delete, such PII. Where FSEnet+ processes your PII for our direct marketing purposes, you may opt out of such processing. To do so, please submit your request using the web form located at: https://FSEnet.wufoo.com/forms/FSEnet-privacy-policy-inquiry/

We reserve the right to take appropriate steps to authenticate your identity, to charge a reasonable fee before providing access and to deny requests, except as required by the Safe Harbor Principles. Please note that if you opt out of our direct marketing, you may continue to receive certain communications from us, such as those pertaining to an existing business relationship established between FSEnet+ and you or your employer.

If you are a data subject of PII that was submitted to the FSEnet+ 2.0 Portal by a supply-side subscriber and wish to exercise your rights with regards to such PII, please contact the subscriber that provided your PII to us.

Privacy of Children

The FSEnet+ 2.0 Portal is not directed at, or intended for use by, children under the age of 13. If you believe that PII pertaining to your under-13-year-old child has been submitted to the FSEnet+ 2.0 Portal by a demand-side subscriber, and you would like to exercise your rights with regards to such PII, you may contact us using the information in the section Access, Review & Opting Out, and we will undertake reasonable efforts to comply with your request.

If you believe that PII pertaining to your under-13-year-old child has been submitted to the FSEnet+ 2.0 Portal by a supply-side subscriber, and you would like to exercise your rights with regards to such PII, please contact the subscriber who submitted the PII to the FSEnet+ 2.0 Portal.

Changes to This Notice

We may update this Notice from time to time by posting a new version on our website. When we make a material change to the Notice, we will update the Effective On disclosure above to reflect the effective date of the most recent version of the Notice.

Contact & Dispute Resolution Process

If you have questions about this Notice, please contact us at:

FSE, Inc. 
Attn: Shawn Cady, Security Officer 
77 Rumford Ave.
Suite 3 Waltham, MA 02453 USA

You may also call us at +1-617-340-2068.

We will reply to your inquiry within 30 days. We will promptly investigate and attempt to resolve complaints and disputes in a manner that complies with this Notice.

VeraSafe is a trademark of Advanced Partnerships LLC.