Types of Personal Data Collected
PacificEast commits to be subject to the Privacy Shield Principles for all personal data that PacificEast receives from the EEA (European Economic Area) in reliance on the Privacy Shield. Personal data on US citizens received from customers based in the U.S. falls under the regulatory authority of the US Federal Trade Commission. Information regarding the Privacy Shield framework and PacificEast’s certification can be found at: https://www.privacyshield.gov.
PacificEast maintains an E-Newsletter and an RSS feed with which to communicate with its clients and prospective clients. Email addresses obtained via the website are collected only when individuals ask to opt-in to its email lists, RSS feeds or other opt-in communications.
From Website Visitors, including those in the EEA, PacificEast may collect the following types of personal data:
From our customers, PacificEast receives the following types of personal data about their clients and prospects, some of which may be residents of an EEA country:
- contact information
- company information
- other personal data provided by website visitors
- contact information
- company information
- other personal or contact information provided by our customers
Purposes of Collection and Use
PacificEast collects and uses personal data of Website Visitors solely for the purpose of communicating with them and providing the services and/or information they request. PacificEast receives customer and prospect contact data from our Business Clients (some of whom may be located in the EEA) for the purposes of:
- providing client and prospect data hygiene, standardization and appending services to our business customers
- providing products, services and support to our customers
- conducting related tasks for legitimate business purposes
- other purposes requested and/or disclosed at the time of collection
Commitment to Subject to the Principles
We subject to the Privacy Shield Principles all European personal data that we receive from individuals or companies in the EEA in reliance on the Privacy Shield. We may also receive some data in reliance on other compliance mechanisms, including data processing agreements based on the EU Standard Contractual Clauses.
Type of Third Parties to Which We Disclose Personal Data and Purposes
PacificEast does not share personal contact information we collect from individuals via our websites with any third party. PacificEast, as a processor on behalf of our customers and only at the request of our customers, may share the consumer or business contact information of our customer’s clients and prospects with companies operating in the US, Canada or the EEA with the following types of third parties and for the stated purposes:
- subsidiaries, affiliates and contractors, who perform data hygiene, standardization or appending on the contact data supplied by our customers
- other third party service providers contracted to provide services on our behalf
- other corporate entities if PacificEast goes through a business transition, such as a merger, acquisition by another company, or sale of all or a portion of its assets
Choices and Means
When acting as a Processor On Behalf processing consumer or business contact information under the direction of its registered clients, PacificEast has no direct relationship with the individuals whose personal data it processes. The data processing services performed by PacificEast may require PacificEast to use contracted third-party agents acting, in turn, on its behalf for the purpose of providing standardization, verification, hygiene or appending services. In all cases, these third-party agents are contractually limited to no less than the same level of care, protection, control and restriction of use than is PacificEast. It is the responsibility of PacificEast’s registered clients to inform individuals about the possibility of such disclosures and provide individuals with the choice of opting out of them.
Visitors to a PacificEast website, including those from the EEA or EEA Business Contacts can, at any time after registering for information, change their mind about receiving information from us and cancel your account or request. This can be done by contacting us via the contact information in the “Right to Access” section below. Otherwise, we will retain and use your information for as long as needed to provide you services, comply with our legal obligations, resolve disputes and enforce our agreements.
Each PacificEast registered client is provided with private and secure login access. PacificEast does not partner with or have special relationships with any Ad server companies. PacificEast does not place cookies on user machines. However, website performance and benchmarking software used by PacificEast may place a cookie on a user’s machine for the purpose of benchmarking and analyzing website traffic. PacificEast may utilize that information only to gather analytics and performance data about our public websites. The only individual information PacificEast itself collects and controls are the email addresses of clients who opt-in to receive email notifications and newsletters.
Data processing services may be performed on business or consumer/individual information, (known as “client information”) some of which may be personally identifiable. Such information may be appended to, standardized and/or verified based on the request of the registered client. The information provided to PacificEast for these purposes from its registered clients is processed and then sent back to the registered client. PacificEast does not retain any client information without the expressed, written consent of that client, and even then it retains such information only for billing, assessment and verification of data quality, or for client convenience to assist our clients with questions regarding billing or data quality. When PacificEast is contracted by a client to provide services as a Processor on Behalf it does not accumulate, compile, aggregate or otherwise integrate the data by its clients into any of its products or services for resale or license to third parties in any fashion.
Onward Transfer Liability
As defined in the EU-U.S. Privacy Shield Framework PacificEast acts as a Processor On Behalf of other organizations. Information temporarily passed to and processed by PacificEast for those organizations is not considered to be an “onward transfer” since ownership of and responsibility and control over the information processed has not been transferred. PacificEast informs any registered clients which it knows to be subject to the privacy laws of the UK or EU that it adheres to the Privacy Principles of the EU-US Privacy Shield Framework as described below in the section on Privacy Shield.
PacificEast remains liable under the Privacy Shield Principles if the company's third-party Processor onward transfer recipients process relevant Personal Data in a manner inconsistent with the Privacy Shield Principles, unless PacificEast proves that it is not responsible for the event giving rise to the damage.
When acting as a Processor On Behalf, PacificEast has no direct relationship with the individuals whose personal data it processes. Any individual, including those in the EEA, who seek access to correct, amend, or delete inaccurate data must first attempt to direct their request to the Organization which has contracted with PacificEast for such processing. PacificEast may, in the interests of safety, privacy of an individual or regulatory compliance, implement systems which allow an authenticated individual to effectively prevent information about themselves, including Personally Identifiable Information (PII) or Personal Health Information (PHI) from being passed through its systems. Such requests must be presented in writing to PacificEast and submitted either to its mailing address (noted at the bottom of this section) or emailed to firstname.lastname@example.org. Such requests will be processed only if and after PacificEast is able to authenticate that the individual making the request and the individual described by the relevant information are the same and if PacificEast controls the individual’s relevant PII or PHI. PacificEast cannot enforce restrictions on information controlled by another entity, including covered entities as defined by HIPAA.
Please send all correspondence related to any privacy issue to the following address:
PacificEast Research Inc.
Attn: Office of the COO
4900 SW Griffith Dr., Suite 251
Beaverton, OR 97005
We actively work with our customers to encourage them to use encrypted methods when moving all sensitive or personally identifiable data to and from our secure servers. All PacificEast employees have signed confidentiality agreements and access to sensitive data is on a need to know basis only. PacificEast has taken appropriate security measures of our physical facilities to protect against the loss, misuse or alteration of any client or consumer information in our possession. We maintain security policies and procedures to keep information from being accessed by any unauthorized person or business. This is reviewed on a regular basis to ensure only authorized access.
By acting as a Processor On Behalf, processing personal information under the direction of its registered clients, PacificEast assists its registered clients in ensuring that data is reliable for its intended use, that it is accurate, complete and current.
If complaints are not resolved by PacificEast within a reasonable period of time, you may direct formal requests for independent dispute resolution to the International Centre for Dispute Resolution using the contact information below.
Thomas Ventrone, Esq.
International Centre for Dispute Resolution
1633 Broadway 10th Floor
New York, NY 10019
If neither PacificEast Research Inc. nor ICDR/AAA Privacy Shield Program resolves your complaint, you may have the possibility to engage in binding arbitration before the Privacy Shield Panel to be created by the U.S. Department of Commerce and the European Commission. Information about engaging with this panel is available on the privacy shield website.
Requirement to Disclose
PacificEast may disclose personal data in special cases when we have a good faith belief that such action is necessary to: (a) conform to legal requirements or to respond to lawful requests by public authorities, including to meet national security or law enforcement requirements; (b) protect and defend our rights or property; (c) enforce the website Terms and Conditions; or (d) act to protect the interests of our users or others.
EU-US Privacy Shield
PacificEast is subject to the jurisdiction of the U.S. Federal Trade Commission. The Federal Trade Commission may be contacted at the following address:
Federal Trade Commission
Attn: Consumer Response Center
600 Pennsylvania Avenue NW
Washington, DC 20580
Changes to this Privacy Shield Policy
The practices described in this policy are current personal data protection policies as of November 15, 2016. PacificEast reserves the right to modify or amend this policy at any time consistent with the requirements of the Privacy Shield Principles as they regard personal information for residents of EEA member countries. Appropriate public notice will be given concerning such amendments.