The rapid growth of the Internet has brought with it a whole new set of issues regarding personal privacy. Data Foundry fully respects your privacy rights, and our policies have reflected our commitment to your privacy since we started offering news service to the public.
Data Foundry holds personal information about you in the strictest confidence and does not sell or rent that information. Data Foundry will not release or divulge any customer information unless ordered to do so by a court of law.
Data Foundry requires certain information at the time of signup and in the course of providing customer support. This information is necessary for us to provide quality service and support. This information is never released to others, unless we are ordered by a court of competent jurisdiction to do so. Data Foundry has never sold or rented customer lists or any other customer information, and Data Foundry will never do so.
Data Foundry monitors its servers to the extent necessary to ensure that high standards of maintenance are met. Data Foundry does not monitor or record your activities.
Data Foundry will not release a customer’s personal information or usage information to investigators, attorneys or agencies unless we are directed to do so by a court of competent jurisdiction in the matter. If there is a hearing in court, the customer will be notified so they will have an opportunity to contest the surrender of personal information.
Data Foundry cooperates fully with law enforcement agencies, yet there must still be a court order before Data Foundry surrenders customer information. The Fourth Amendment to the US Constitution requires a court order to conduct a search and seizure. Data Foundry will, when requested by law enforcement entities, acknowledge the existence of personal customer information, and when requested, provide the technical language to include in the court order, “particularly describing … the property to be seized.” In a criminal investigation Data Foundry is under a duty not to divulge the fact of the investigation to the customer.
The Companies agree to comply with the seven safe harbor principles. The principles require the following:
Companies must notify individuals about the purposes for which they collect and use information about them. They must provide information about how individuals can contact the organization with any inquiries or complaints, the types of third parties to which it discloses the information and the choices and means the organization offers for limiting its use and disclosure.
- Onward Transfer (Transfers to Third Parties)
To disclose information to a third party, Companies must apply the notice and choice principles. Where an organization wishes to transfer information to a third party that is acting as an agent(1), it may do so if it makes sure that the third party subscribes to the safe harbor principles or is subject to the Directive or another adequacy finding. As an alternative, the organization can enter into a written agreement with such third party requiring that the third party provide at least the same level of privacy protection as is required by the relevant principles.
Individuals must have access to personal information about them that an organization holds and be able to correct, amend or delete that information where it is inaccurate, except where the burden or expense of providing access would be disproportionate to the risks to the individual’s privacy in the case in question, or where the rights of persons other than the individual would be violated.
Companies must take reasonable precautions to protect personal information from loss, misuse and unauthorized access, disclosure, alteration and destruction.
- Data integrity
Personal information must be relevant for the purposes for which it is to be used. An organization should take reasonable steps to ensure that data is reliable for its intended use, accurate, complete and current.
In order to ensure compliance with the safe harbor principles, there must be (a) readily available and affordable independent recourse mechanisms so that each individual’s complaints and disputes can be investigated and resolved and damages awarded where the applicable law or private sector initiatives so provide; (b) procedures for verifying that the commitments companies make to adhere to the safe harbor principles have been implemented; and (c) obligations to remedy problems arising out of a failure to comply with the principles. Sanctions must be sufficiently rigorous to ensure compliance by the organization. Companies that fail to provide annual self-certification letters will no longer appear in the list of participants and safe harbor benefits will no longer be assured.
Questions or comments regarding this Policy should be submitted to the following:
Data Foundry, Inc.
Attention: General Counsel
1044 Liberty Park Drive
Austin, TX 78746