BackOffice is undergoing the process to self-certify to the Department of Commerce its compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework (collectively, the “Frameworks”) and, by publishing this Notice, BackOffice hereby publicly commits to comply with each of the Framework’s requirements by adopting and implementing the Privacy Shield Principals (the “Principals”). For more information, please visit the International Trade Administration of the United States Department of Commerce Privacy Shield Framework website located
here. To view BackOffice’s certificate, once it is issued, please visit www.privacyshield.gov/list. By committing to comply with each of the Frameworks and the Principals, it is BackOffice’s intent to meet and exceed the adequacy requirement for data protection under EU and Swiss law. If there is any conflict between the terms in this Notice and the Privacy Shield Principles, the Privacy Shield Principles shall govern.
The United States Federal Trade Commission has jurisdiction over BackOffice’s compliance with the Principles.
BackOffice collects personal data from individuals who visit the Websites, and individual representatives of its corporate customers who use and access the BackOffice Services, as well as individual representatives of its suppliers and business partners.
From the Websites and the BackOffice Services, BackOffice may collect the following types of personal data:
BackOffice also collects or has access to personal data from BackOffice Employees, including the following types:
BackOffice uses this information in order to operate, improve, and optimize the Websites and the BackOffice Services, as well as generate leads for its sales and marketing teams. BackOffice also uses Host Information and Usage Information alone or in combination with users’ Personal Information to provide its users (“Users”) of the Websites and BackOffice Services with personalized information about BackOffice, to provide the BackOffice Services that a User requested, prevent or address technical issues, respond to support issues and to improve the BackOffice Services. BackOffice personnel and its authorized third-party agents may only access and use Personal Information if such individuals are authorized to do so and only for the purpose for which such individuals are authorized.
With regards to personal data from BackOffice Employees, BackOffice uses such personal data to carry out and support human resources functions and activities, which may include: (i) recruiting and hiring job applicants; (ii) managing BackOffice Employee communications and relations; (iii) providing compensation and benefits; (iv) administering payroll; (v) processing corporate expenses and reimbursements; (vi) managing BackOffice Employee participation in human resources plans and programs; (vii) carrying out obligations under employment agreements; (viii) managing BackOffice Employee performance; (ix) conducting training and talent development; (x) facilitating BackOffice Employee relocations and international assignments; (xi) managing BackOffice Employee headcount and office allocation; (xii) managing the BackOffice Employee termination process; (xiii) managing information technology and communications systems, such as the corporate email system and company directory; (xiv) conducting ethics and disciplinary investigations; (xv) administering BackOffice Employee grievances and claims; (xvi) managing audit and compliance matters; (xvii) complying with applicable legal obligations, including government reporting and specific local law requirements; and (xviii) other general human resources purposes. BackOffice also may obtain and process Personal Data about BackOffice Employees’ emergency contacts and other individuals (such as spouse, family members, dependents and beneficiaries) to the extent Employees provide such information to BackOffice. BackOffice processes this information to comply with its legal obligations and for benefits administration and other internal administrative purposes.
The Websites and BackOffice Services do not collect, store or use any Sensitive Personal Information.
BackOffice is committed to the Principles with respect to all European and Swiss personal data that it receives from individuals or companies in the EU or Switzerland in reliance on the Privacy Shield. BackOffice also receives some data in reliance on other compliance mechanisms, including data processing agreements based on the EU Standard Contractual Clauses.
BackOffice is responsible for the processing of Personal Information it receives, under the Privacy Shield Framework, and any subsequent transfers to a third party acting as an agent on its behalf. BackOffice complies with the Privacy Shield Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions.
Each User has the right to access such User’s Personal Information covered by this Notice and to correct, amend, or delete such Personal Information if such User can demonstrate that such Personal Information is inaccurate or incomplete (except when the burden or expense of providing access, correction, amendment, or deletion would be disproportionate to the risks to such User’s privacy, or where the rights of persons other than a User would be violated).
As required by law, BackOffice may respond to subpoenas, court orders, or similar legal process by disclosing a User’s Personal Information and other related information, if necessary. BackOffice also may choose to establish or exercise its legal rights or defend against legal claims. In certain situations, BackOffice may be required to disclose Personal Information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
BackOffice may collect and possibly share Personal Information and any other additional information available to it in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of BackOffice’s terms of service, or as otherwise required by law.
BackOffice is committed to resolving complaints about its collection or use of a User’s Personal Information. EU and Swiss individuals with concerns or complaints about the use of their Personal Information should contact BackOffice’s Privacy Officer at email@example.com. BackOffice will attempt to resolve any such concerns in accordance with the principles of this Notice. In the event of an unresolved privacy or data use concern that BackOffice has not addressed satisfactorily, please contact BackOffice’s U.S.-based third-party dispute resolution provider (free of charge) at https://www.jamsadr.com/eu-us-privacy-shield.
Under certain conditions, more fully described on the Privacy Shield website [https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint], a User may invoke binding arbitration when other dispute resolution procedures have been exhausted.
Please refer and questions or comments related to this Privacy Shield Notice to:
BackOffice Associates, LLC
Attention: Privacy Officer
75 Perseverance Way
Hyannis, MA 02601
BackOffice may amend this Notice from time to time, and at any time to remain consistent with the Principles, each of the Frameworks and other applicable laws.
Effective: May 16, 2018
Last Updated: May 16, 2018
“BackOffice Employee” means any current, former or prospective employee, temporary worker, intern or other non-permanent employee of any subsidiary or affiliate of BackOffice, who is a resident of the EU.
“BackOffice Services” means its products or services, including without limitation, its software, services, customer support services, software maintenance services, hosted services or cloud offerings. “Host Information” means certain information about a User’s computer, browser, and systems that BackOffice collects when a User accesses the Websites or the BackOffice Services, including IP address along with the network path, operating system type and version, and browser type, client version, the MAC address of a User’s internet connection, and geographical location.
“Personal Information” is any information about a visitor to BackOffice’s Websites or a user of the BackOffice Services (on behalf of its customers) that BackOffice collects or a User submits that could, alone or together with other information, personally identify such User. Information such as name, a user name and password, an email address, physical address, phone number, a company name, and a photograph are examples of “Personal Information.” Personal Information can also include information about any transactions, both free and paid, that a User enters into on the Websites, and information about a User that is available on the internet, such as from Facebook, LinkedIn, Twitter and Google, or publicly available information that BackOffice acquires from third party service providers.
“Sensitive Personal Information” means Personal Information that pertains to a person’s medical or health condition, race or ethnicity, political, religious or philosophical affiliations or opinions, sexuality or trade union membership.
“Usage Information” means the information BackOffice records about a User’s usage of, and interactions with, the Websites or the BackOffice Services, including actions taken, date and time, frequency, duration, quantity, quality, network connectivity, and performance information related to logins, clicks, and other feature usage information.
“Websites” means BackOffice’s public websites and their associated content.