Poll Everywhere, the GDPR and the Privacy Shield

Updated February 2, 2023

This Policy describes how Poll Everywhere complies with its legal obligations regarding the collection, use, and retention of personal information transferred from the European Union, the United Kingdom and Switzerland to the United States, including the EU General Data Protection Regulation (Regulation (EU) 2016/679) and corresponding legislation in the UK (collectively, the "GDPR") as well as the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce. This Policy supplements Poll Everywhere’s Privacy Policy at https://www.polleverywhere.com/privacy-policy

Poll Everywhere has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit www.privacyshield.gov

Types of Personal Data Collected. Poll Everywhere’s compliance with the GDPR and participation in the Privacy Shield applies to all personal data that is subject to the Poll Everywhere Privacy Policy and is received from the European Union, the United Kingdom and Switzerland (“Personal Data”). Poll Everywhere will comply with the GDPR and the Privacy Shield Principles in respect of the processing of Personal Data.

Purposes of Personal Data Collection and Use. Poll Everywhere will only process Personal Data in ways that are compatible with the purpose for which Poll Everywhere collected the Personal Data, or for purposes that the individual or entity providing the Personal Data later authorizes. Before we use your Personal Data for a purpose that is materially different than the purpose for which it was collected or that you later authorized, we will provide you with the opportunity to opt out. Poll Everywhere maintains reasonable procedures to help ensure that Personal Data is reliable for its intended use, accurate, complete, and current.

Disclosures for National Security or Law Enforcement. Under certain circumstances, we may be required to disclose your Personal Data in response to valid requests by public authorities, including to meet national security or law enforcement requirements.

Security. Poll Everywhere maintains reasonable and appropriate security measures to protect Personal Data from loss, misuse, unauthorized access, disclosure, alteration, or destruction in accordance with the GDPR and the Privacy Shield.

Data Access and Portability Rights. You may have the right to access the Personal Data that we hold about you and to request that we correct, amend, or delete it if it is inaccurate or processed in violation of the GDPR or the Privacy Shield. These access rights may not apply in some cases, including where providing access is unreasonably burdensome or expensive under the circumstances or where it would violate the rights of someone other than the individual requesting access. If you would like to request access to, correction, amendment, or deletion of your Personal Data, you can submit a written request to us as provided below. We may request specific information from you to confirm your identity. In the event your information is to be deleted, we will dispose of your information in a secure way. In some circumstances we may charge a reasonable fee for access to your information. You have the right to receive your Personal Data in a structured, commonly used and machine-readable format and the right to transmit your Personal Data to another data controller without hindrance from Poll Everywhere.

Data Retention. Poll Everywhere will retain the Personal Data that we collect about you for as long as necessary for the purposes set out in the Poll Everywhere Privacy Policy and in this Policy. Please be aware that we may also be required to retain your Personal Data for legal and accounting reasons.

Data Transfers to Third Parties. Poll Everywhere’s accountability for Personal Data that it receives under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, Poll Everywhere remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process Personal Data on its behalf do so in a manner inconsistent with the Principles, unless Poll Everywhere proves that it is not responsible for the event giving rise to the damage. Poll Everywhere will enter into data processing agreements with any such third parties consistent with the requirements of the GDPR.

Questions or Complaints. As further explained in the "How to Contact Us" section of the Poll Everywhere Privacy Policy, we encourage you to contact us should you have a GDPR-related, Privacy Shield-related or general privacy-related question or complaint. In compliance with the GDPR and the Privacy Shield Principles, Poll Everywhere commits to resolve complaints about our collection or use of your Personal Data. For any complaints that cannot be resolved with Poll Everywhere directly, Poll Everywhere has chosen to utilize the JAMS Privacy Shield Program as an independent recourse mechanism available to investigate unresolved complaints (as further described in the Privacy Shield Principles). If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please visit https://www.jamsadr.com/eu-us-privacy-shield for relevant JAMS contacts, for more information or to file a complaint. The services of the JAMS Privacy Shield Program are provided at no cost to you. As further explained in the Privacy Shield Principles, a binding arbitration option will also be made available to you in order to address residual complaints not resolved by any other means. Poll Everywhere is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).