Poll Everywhere, the Privacy Shield and GDPR
Updated March 6, 2018
This Policy describes how Poll Everywhere complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland, respectively, to the United States. Poll Everywhere has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit www.privacyshield.gov
This Policy also contains terms that reflect Poll Everywhere's commitment to comply with the General Data Protection Regulation (Regulation (EU) 2016/679) (the "GDPR").
Types of Personal Data Collected. Poll Everywhere’s participation in the Privacy Shield and compliance with the GDPR applies to all personal data that is subject to the Poll Everywhere Privacy Statement and is received from the European Union and Switzerland (“Personal Data”). Poll Everywhere will comply with the Privacy Shield Principles and the GDPR in respect of the processing of Personal Data.
Purposes of Personal Data Collection and Use. Poll Everywhere will only process Personal Data in ways that are compatible with the purpose for which Poll Everywhere collected the Personal Data, or for purposes that the individual or entity providing the Personal Data later authorizes. Before we use your Personal Data for a purpose that is materially different than the purpose for which it was collected or that you later authorized, we will provide you with the opportunity to opt out. Poll Everywhere maintains reasonable procedures to help ensure that Personal Data is reliable for its intended use, accurate, complete, and current.
Disclosures for National Security or Law Enforcement. Under certain circumstances, we may be required to disclose your Personal Data in response to valid requests by public authorities, including to meet national security or law enforcement requirements.
Security. Poll Everywhere maintains reasonable and appropriate security measures to protect Personal Data from loss, misuse, unauthorized access, disclosure, alteration, or destruction in accordance with the Privacy Shield and the GDPR.
Data Access and Portability Rights. You may have the right to access the Personal Data that we hold about you and to request that we correct, amend, or delete it if it is inaccurate or processed in violation of the Privacy Shield or the GDPR. These access rights may not apply in some cases, including where providing access is unreasonably burdensome or expensive under the circumstances or where it would violate the rights of someone other than the individual requesting access. If you would like to request access to, correction, amendment, or deletion of your Personal Data, you can submit a written request to us as provided below. We may request specific information from you to confirm your identity. In some circumstances we may charge a reasonable fee for access to your information. You have the right to receive your Personal Data in a structured, commonly used and machine-readable format and the right to transmit your Personal Data to another data controller without hindrance from Poll Everywhere.
Data Retention. Poll Everywhere will retain the Personal Data that we collect about you for as long as necessary for the purposes set out in the Poll Everywhere Privacy Statement and in this Policy. Please be aware that we may also be required to retain your Personal Data for legal and accounting reasons.
Data Transfers to Third Parties. Poll Everywhere’s accountability for Personal Data that it receives under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, Poll Everywhere remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process Personal Data on its behalf do so in a manner inconsistent with the Principles, unless Poll Everywhere proves that it is not responsible for the event giving rise to the damage. Poll Everywhere will enter into data processing agreements with any such third parties consistent with the requirements of the GDPR.