Blog | Contact Us | Client LogIn | 1-833-812-4636

V12’s US- EU Privacy Shield Principles

V12 verifies that it adheres to all of the Privacy Shield Principles concerning the transfer of personal data from the European Union (“EU”) to the United States (“U.S.”). As such, we follow the Privacy Shield Principles published by the U.S. Department of Commerce (the “Principles”) with respect to all such data.

The Privacy Principles are:

  • Notice
  • Choice
  • Accountability for Onward Transfer
  • Security
  • Data Integrity and Purpose Limitation
  • Access
  • Recourse, Enforcement and Liability

To learn more about the Privacy Shield program please visit the U.S. Department of Commerce: https://www.privacyshield.gov/.

Processor on Behalf of Clients

V12 provides customized computer services designed to help companies manage their customer information more effectively, increase profitability of their marketing and reduce the operational costs of processing customer information. In this capacity, V12 does not own or control any of the information it processes on behalf of V12’s clients. All such information is owned and controlled by V12’s clients. In this capacity V12 receives information transferred from the EU to the United States merely as a processor on behalf of our clients. V12 does not make any of its client’s data available to any third parties unless it is at the express request of our clients.

When V12 acts as a processor on behalf of its clients, the policies outlined below apply to all data processing operations concerning personal information that has been transferred from the EU to the United States.

Processing Contracts
Before starting any processing on behalf of V12’s clients, V12 will enter into a processing contract with the EU data controller responsible for the personal information pursuant to the applicable EU Member State Data Protection law. The processing contract ensures that the EU data controller will be in compliance with the Member State Data Protection law.

Any data processed by V12 will not be further disclosed to third parties except where permitted or required by the processing contract, EU Privacy Shield or the applicable Member State Data Protection law.

Any information V12’s client (acting as the EU controller) identifies as sensitive will be treated accordingly.
The processing contract will also specify that the processing will be carried out with appropriate data security measures. V12 has in place measures to protect personal information from loss, misuse, unauthorized access, disclosure, alteration and destruction.

Notice
V12 adheres to the Principles of the Privacy Shield, and is committed to subject all personal data received from the EU to the Privacy Shield Principles. To find out more about participating companies, here is a link to the list maintained by the USDOC: https://www.privacyshield.gov/list.

Prior to the transfer of any non-public personal information from the EU to the United States, V12 requires contractual confirmation from the EU controller from whom V12 acquired the information that the personal data has been provided to V12 in accordance with the applicable EU Member State Data Protection law, thereby ensuring the data subjects have been provided with proper notice regarding how their personal data will be used. In addition, when personal data is collected directly from data subjects, V12 provides the data subject with notice regarding the manner and circumstances in which the personal data will be used and transferred to third parties.

Choice
Prior to the transfer of any non-public personal information from the EU to the United States, V12 requires contractual confirmation from the EU controller from whom V12 acquired the information that the personal data has been collected in accordance with applicable EU member State Data Protection law, thereby ensuring the data subjects have been provided with the proper choice regarding how their personal data may be used.

Accountability for Onward Transfer
V12 complies with the notice and choice principles as described above for all data disclosed or transferred to a third party. Data transfer would only occur at the express request and direction of the client. Examples of a third party would be a printer, to prepare catalogs or mailings on the client’s behalf or a market research firm to conduct client managed research.

V12 requires that any third party:

  • Enter into a written agreement with V12 requiring them to provide the same level of protection as V12 provides including that the data is being transferred for limited and specified purposes; and that the third party adhere to the Privacy Shield Principles. In cases of onward transfer to third parties, V12 is generally liable for the acts of the third party that are in violation of the Privacy Shield Principles.

Security
V12 has in place an information security policy to protect personal information from loss, misuse, unauthorized access, disclosure, alteration and destruction. V12’s security officer is responsible for conducting investigations into any alleged computer or network breaches, incidents or problems and ensuring the proper disciplinary action is taken against those who violate V12’s information security policy.

Any security compromises or potential security compromises and any inquiries concerning security should be reported to the V12 consumer advocate. Contact information is provided below under Access.

Data Integrity and Purpose Limitation
V12 takes reasonable steps to ensure the information transferred from the EU to the United States is reliable, accurate, complete and current. The steps V12 takes to assure data integrity are based on the purposes for which the personal information is used.

Access
An individual may request access to the information V12 maintains in its information products. The individual has the right to learn whether or not data about him or her is found in V12’s information products and to correct, amend or delete that information when it is inaccurate. This right applies only to personal information about the individual making the request and is subject to other limitations as defined by law.

Individuals can request access by emailing or writing:

Privacy Advocate
V12
2319 Oak Myrtle Lane
Wesley Chapel, FL 33544
Email: privacyshield@v12data.com

V12’s consumer advocate will explain the process for making an access request. In order to confirm the identity of the individual and have the necessary information to retrieve the individual’s information, V12 provides a request form which the individual fills out, signs and postal mails to V12. V12 agrees to process all reasonable requests for access within a reasonable time period, but reserves the right to deny access or limit access in cases where the burden or cost of providing access would be disproportionate to the risks to the individual’s privacy or in the case of an unwarranted or fraudulent request.

Recourse, Enforcement and Liability
Individuals who wish to file a complaint or who take issue with V12’s EU U.S. Privacy Shield Principles should contact V12’s consumer advocate. V12’s consumer advocate will explain the process to be followed when filing a complaint. Filing a complaint in English will speed-up the request process.

V12 has registered under the DMA division of the ANA Privacy Shield complaint resolution process. If consumers can’t resolve a complaint after contacting V12’s consumer advocate, they may file a written complaint with the DMA division of the ANA Privacy Shield:

DMA division of the ANA
Privacy Shield
225 Reinekers Lane, Suite 325
Alexandria, VA 22314

To file a complaint/inquiry:
https://thedma.org/resources/consumer-resources/privacyshield-consumers/
https://thedma.org/resources/consumer-resources/privacyshield-consumers/dma-eu-privacyshield-complaint-form/

V12 is also subject to the jurisdiction of the U.S. Federal Trade Commission. Consumers unable to resolve a complaint through the DMA Privacy Shield Complaint process may contact the Federal Trade Commission:

Federal Trade Commission
Attn: Consumer Response Center
600 Pennsylvania Avenue NW
Washington, DC 20580

consumerline@ftc.gov
www.ftc.gov

In the event a dispute cannot be resolved V12 is open to the possibility of Binding Arbitration.
See more at: V12-privacy-point-view

V12 is required to disclose personal information in response to lawful requests by public authorities, including meeting national security or law enforcement requirements.