EU-US Privacy Shield Policy
Use of Third-Parties
Onna uses a limited number of third parties to assist in providing Onna’s Services to our customers. These third party providers perform the technical implementation and management of some aspects of Onna’s Services such as data collection and processing, data storage, hosting services, and support services. Third-parties may access, collect, process, and store personal data in the course of providing Onna’s Services.
In order to provide Services related to data processing for customers, Onna requires the use of Google Cloud Platform to collect, process, and host customer data. Google Cloud Platform adheres to EU-US Privacy Shield regulations. For more information about regulatory certifications, please see Google’s Compliance Policy.
Third Party Onward Transfer Liability
Onna is responsible for the collection and processing of data it may receive under the Privacy Shield Framework, including subsequent transfers to third parties Onna engages that act on our behalf. Onna complies with the Privacy Shield Principles of all transfers of data in the EU.
Right to Access, Limit Use and Disclosure of Personal data
Onna collects information via Onna’s Services as instructed by customers and may not have a direct relationship to the individual’s whose personal data those customers collect and process. Individuals (including those whose personal data is within the scope of this Privacy Shield Certification) have certain legal rights to access personal data Onna holds and to obtain its correction, amendment or deletion. If individuals seek to access, correct, limit, amend, or delete inaccurate data please contact us at email@example.com and we will work with you and the third party responsible for processing the individual’s personal data and to respond to that request within a reasonable timeframe.
Onna will offer EU individuals whose personal information has been transferred to us the opportunity to choose whether the personal information it has received is to be used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual. An individual may opt-out of such uses of their personal information by contacting us at firstname.lastname@example.org.
Onna is subject to oversight by the U.S. Federal Trade Commission. JAMS is the US-based independent organization responsible for reviewing and resolving complaints about our Privacy Shield compliance—free of charge to you. We ask that you first submit any such complaints directly to us via email@example.com. If you aren’t satisfied with our response, please contact JAMS at https://www.jamsadr.com/eu-us-privacy-shield. In the event your concern still isn’t addressed by JAMS, you may be entitled to a binding arbitration under Privacy Shield and its principles. Please visit https://www.privacyshield.gov/article?id=ANNEX-I-introduction for further information.