In the course of operating the Platform and providing our services, Monetate collects the following types of information (collectively, the “Information”) from visitors to our Clients’ websites (the “Websites”):
Monetate uses and shares the Information only as follows.
We take all necessary steps to protect the Information from loss, misuse, and unauthorized access, disclosure, alteration, or destruction as required by applicable law or the EU-US or Swiss-US Privacy Shield Principles. Please understand, however, that no security system is impenetrable. We cannot guarantee the security of our databases, nor can we guarantee that the Information that you supply will not be intercepted while being transmitted to and from us over the Internet.
Monetate will process all personal information received under the EU-US or Swiss-US Privacy Shield only in ways that are compatible with the purpose for which such information was collected, or for purposes authorized by you later on. We will provide you with the possibility to opt out in case we want to (i) disclose your personal information to a third party that is not acting as an agent to perform tasks on our behalf and under our instructions, or (ii) use your personal information for a purpose materially different from the purpose for which it was initially collected or subsequently authorized by you.
Monetate has further committed to refer unresolved privacy complaints under the EU-US and Swiss-US Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, a non-profit independent dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information and to file a complaint (free of charge).
Under certain conditions you have the possibility to invoke binding arbitration in order to determine whether Monetate has violated its obligations under the EU-US or Swiss-US Privacy Shield Principles as to you, and whether such any such violation remains fully or partially unremedied. You must take following steps prior to initiating an arbitration claim: (1) raise the claimed violation directly with Monetate and afford us an opportunity to resolve the issue within 45 days of receiving your complaint; (2) make use of the independent dispute resolution mechanism, which is at no cost to you; and (3) raise the issue through your Data Protection Authority to the Department of Commerce and afford the Department of Commerce an opportunity to use best efforts to resolve the issue, at no cost to for you. Please check https://www.privacyshield.gov and Annex I (Binding Arbitration) of the EU-US Privacy Shield Framework for further information.
You may have the right under the EU-US and Swiss-US Privacy Shield to access the personal information that we hold about you and to request that we correct, amend or delete it if it is inaccurate or processed in violation of the EU-US or Swiss-US Privacy Shield. These access rights may not apply in some cases, including where providing access is unreasonably burdensome or expensive under the circumstances or where it would violate the rights of someone other than the individual requesting access. We will respond to access requests within a reasonable time period, in a reasonable manner and readily intelligible form. We may charge a fee that is not excessive to cover the costs for providing access. We may also set reasonable limits on the number of times within a given period in which access requests from a particular individual will be met. We may request specific information from you to confirm your identity.
Please note that Monetate may be required to disclose an individual’s personal information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements.
As set out above, Monetate may transfer personal information to our third-party agents who perform functions on our behalf. Where required by the EU-US and Swiss-US Privacy Shields, we will enter into written agreements with those third-party agents requiring them to provide the same level of protection each of the EU-US and Swiss-US Privacy Shield requires and limiting their use of the personal information to the specified services provided on our behalf. We take reasonable and appropriate steps to ensure that third-party agents process personal information received in reliance of the EU-US and Swiss-US Privacy Shield in accordance with our EU-US and Swiss-US Privacy Shield obligations and to stop and remediate any unauthorized processing. We shall remain liable under each of the EU-US and Swiss-US Privacy Shield Principles if our agent processes personal information in a manner inconsistent with the EU-US and Swiss-US Privacy Shield Principles, as applicable, unless we can prove that we are not responsible for the event giving rise to the damage.
Under the conditions set out above, we may also transfer personal information received under each of the EU-US and Swiss-US Privacy Shield to third-party data controllers. These third parties do not act as agents and are not performing functions on our behalf. We will only provide such personal information to third-party data controllers where you have not opted-out of such disclosures. Where required by the EU-US or Swiss-US Privacy Shield, we will enter into written contracts with such third-party data controllers requiring them to provide the same level of protection the EU-US or Swiss-US Privacy Shield requires. We also limit their use of such personal information so that it is consistent with any consent you have provided and with the notices you have received.
Monetate is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).