Privacy Shield Policy
Wondersauce LLC(“Wondersauce” or “we” or “our”) adheres to the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework published by the U.S. Department of Commerce (Privacy Shield).
This Privacy Shield Policy (Policy) outlines our general policy and practices for implementing Privacy Shield, including the types of Personally Identifiable Information (PII) Wondersaucegathers, how we use PII, and the choices individuals have regarding our use of, and the ability to correct, the PII relating to them. If there is any conflict between this statement and the Principles described by Privacy Shield at www.privacyshield.gov, the Principles will govern. To learn more about Privacy Shield and its principals, visit: https://www.privacyshield.gov.
This Policy applies to the PII we handle. For purposes of this statement, PII means information that (1) is transferred from the European Economic Area (EEA) and Switzerland to the U.S. in reliance on the Privacy Shield; (2) is about, or pertains to, a specific individual; and (3) can be linked either directly or indirectly to that individual.
In addition to this Policy, we also have other policies and procedures in place that legitimize data flows, including Standard Contract Clauses.
Principles protecting individuals’ privacy notice and choice
Disclosures and transfers
We do not disclose PII to third parties, except when:
Accountability and transfers
In the event we transfer PII covered by this Policy to a third party acting as a controller, we will do so consistent with any notice provided to you and any consent you have given. Further, the third party must provide us with contractual assurances that it will (i) process PII only for limited and specified purposes consistent with any consent you provided, (ii) provide at least the same level of protection as is required by this Policy and Privacy Shield and (iii) notify us if it makes a determination that it cannot do so and then cease processing the PII or take other reasonable and appropriate steps to remediate the circumstances. If we know a third party is processing PII subject to Privacy Shield as a controller in a way that is inconsistent or contrary to Privacy Shield, we will take reasonable steps to prevent or stop such processing.
With respect to our agents, we will transfer only PII covered by Privacy Shield as needed for an agent to deliver the product or service to Wondersauce. We will (i) permit the agent to process PII only for limited and specified purposes; (ii) require the agent to provide at least the same level of protection required by this Policy and Privacy Shield; (iii) take reasonable and appropriate steps to ensure that the agent follows this Policy and Privacy Shield when processes PII; and (iv) require the agent to notify us if it determines it can no longer meet requirements of this Policy and Privacy Shield. Upon receiving this notice, we will take reasonable and appropriate steps to stop and remediate unauthorized processing.
We may also transfer PII from one jurisdiction to another (including from the EU to the U.S. Privacy laws vary by jurisdiction, and some may provide less or different legal protection than others. However, we will protect PII in accordance with Privacy Shield regardless of the jurisdiction in which the PII resides or originates.
Wondersauceremains liable under Privacy Shield if an agent processes PII covered by this Policy and Privacy Shield in a manner inconsistent with Privacy Shield, unless we are not responsible for the event giving rise to the damage.
Security, integrity and access
We employ various physical, electronic, administrative and managerial policies, processes procedures and training that is designed to reasonably protect PII from loss, misuse or unauthorized access, disclosure, alteration or destruction.
We process PII only for the limited and specific purpose it was originally collected. We take reasonable steps to ensure PII is accurate, complete, current and reliable for its intended use.
Individual have the right to access the PII we holds about them in the ways specified by Privacy Shield. Individual may contact us using the information in the “Contact us” section to correct, amend or delete PII that is inaccurate or that has been processed in violation of Privacy Shield. We will take reasonable steps to ensure the individual is who they state they are before honoring their rights under Privacy Shield. In addition, we may limit or deny access to PII where providing access would be unreasonably burdensome or expensive, or where the rights of persons other than the individual would be violated. We may charge a reasonable fee, where warranted, for access to PII.
Accountability and enforcement
Our participation in the EU-U.S. Privacy Shield and the Swiss-U.S. Privacy Shield is subject to investigation and enforcement by the Federal Trade Commission (FTC).
We have established policies and procedures to monitor our compliance with Privacy Shield. This includes a process for addressing questions and concerns about our compliance. These policies and procedures include annual written and signed statement (to be made at least annually), verifying that this statement is (1) accurate, (2) comprehensive for the information it is designed to cover, (3) prominently displayed and readily accessible, and (4) completely implemented. Interested parties and individuals are strongly encourages to send concerns to the contact information located in the “Contact us” below.
Wondersaucepersonnel who violate this Policy will be subject to disciplinary action, including (without limitation), termination.
Individuals may file a complaint with us using the information in the “Contact us” section below. If a complaint or dispute under this Policy cannot be resolved internally:
We may amend this Policy from time to time by posting a revised version. If we amend this Policy, the new Policy will apply to PII previously collected only as the rights of the individual affected are not reduced or eliminated by the amendment. While we continue to participate in Privacy Shield, we will not amend this Policy in a manner inconsistent with Privacy Shield.
Information subject to other policies
We are committed to following the Principles for all PII within the scope of Privacy Shield. However, certain information is subject to policies that may differ in some respects from the general policies set forth in this Policy. For example, certain websites and services have their own privacy notices and information collected about or from employees and customers may be subject to additional policies or agreements.
To receive more information, address a concern or file a complaint, please contact us at:
Attn: Data Privacy Champion
45 West 25th Street, 6th Floor,
New York, NY 10010
+1 (646) 756-5410