About this Privacy Statement

Effective: September 4, 2018

Policy Statement

MotionPoint Corporation, including its subsidiaries and affiliates (collectively, “MotionPoint”), respects rights to privacy, and is committed to protecting that privacy through compliance with this EU Privacy Statement (this “Statement”). This Statement applies to MotionPoint’s processing of data obtained from individuals located in the European Union and Switzerland and sets out practices for collecting, using, maintaining, protecting and disclosing such data.

Specifically, this Statement applies to the processing by MotionPoint of Personal Information from the EU or Switzerland submitted by or regarding Data Subjects, including:

Definitions

To help understand the terminology used throughout this Privacy Statement

Data Subject: means the individual to whom any given Personal Information covered by this Statement relates.

Processing: means any operation or set of operations which is performed upon Personal Information, whether or not by automated means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure or dissemination, and erasure or destruction.

Controller: means a person or organization which, alone or jointly with others, determines the purposes and means of the processing of Personal Information.

Processor: means a person or entity that processes Personal Information on behalf of the Controller.

Personal Information: means data about an identified or identifiable Data Subject as more particularly defined under European legislation, received by an organization in the United States from the European Union or Switzerland, and recorded in any form.

Agent: Any third-party sub processor that processes Personal Information provided by MotionPoint on its behalf and under its instructions.

Privacy Shield

MotionPoint complies with the EU-U.S. Privacy Shield Framework, including the Supplemental Principles and the Swiss – U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce (collectively, the “Principles”) regarding the collection, use, and retention with respect to its services and certain Personal Information (as defined below) transferred from the European Union and Switzerland to the United States, respectively.

MotionPoint has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this Statement and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view MotionPoint’s certification, please visit https://www.privacyshield.gov/.

The United States Federal Trade Commission holds jurisdiction and enforcement authority over MotionPoint’s compliance with the Principles.

About MotionPoint

MotionPoint is a global technology company that localizes, translates, and optimizes websites for businesses with customers located across geographic boundaries.

The MotionPoint Globalization Platform and supporting applications and technology (collectively, the “Platform”) is a high performance solution that enables customers to expedite entry and expansion into global markets.

This solution is based on a business-to-business model through which enterprises, via the Platform, deliver a context-relevant web presence in strategic markets.

Through this solution, MotionPoint does not have a direct relationship with Data Subjects, but shares the responsibility to protect end-user privacy with its business customer. Under this circumstance, the MotionPoint business customer is the Data Controller, and MotionPoint is the Data Processor, that processes data on instruction from that Data Controller.

In other contexts, such as when MotionPoint engages in marketing and sales efforts to business prospects, MotionPoint may bear a direct relationship with Data Subjects who represent such business prospects. Under these circumstances, MotionPoint is the Data Controller.  In some cases, MotionPoint may use vendors who are Data Processors.

Contact Details

Data Subjects can contact MotionPoint with general questions about this Statement at GDPR-inquiries@motionpoint.com.

As a Data Subject, if you wish to exercise any rights under data protection law or this Statement, please fill out the form available at: https://www.motionpoint.com/request/

The Types of Personal Information MotionPoint Collects

In the course of providing services and engaging in business functions such as sales and marketing efforts, MotionPoint may collect and use various types of Personal Information submitted by or regarding Data Subjects.

Such Personal Information may include names, email addresses, physical addresses, company names, Internet Protocol Addresses, website access log data, website performance data and analytics, information from social media accounts such as LinkedIn and Twitter, and job functions.

How MotionPoint Collects Data Subject’s Personal Information

MotionPoint collects Data Subject’s Personal Information through various methods, including websites, correspondence, third-party sources, business customers, and technical methods.

Through the MotionPoint Website. MotionPoint collects Personal Information from a Data Subject if the Data Subject chooses to fill out any forms, profiles, or surveys on MotionPoint.com.

Correspondence. If a Data Subject sends MotionPoint correspondence, such as emails or letters, MotionPoint may collect Personal Information about Data Subjects within such correspondence.

Third-Party Sources. MotionPoint may receive a Data Subject’s Personal Information from one of MotionPoint’s business partners or other third-party sources. For example, MotionPoint’s sales and marketing teams might receive and collect Personal Information that a Data Subject provides or creates through LinkedIn or other social media platforms, or from other third-parties, for purposes of selling MotionPoint’s services to a business.

Business Customers. In the context of providing solutions to its business customers, MotionPoint may collect and Process Personal Information submitted by or regarding Data Subjects on MotionPoint’s business customer websites, as well as certain data elements relating to the operation of MotionPoint’s solution, website visitor statistics, and traffic on its network. Such data elements may include Internet Protocol Addresses, website access log data, and website performance data.

Technical Methods. MotionPoint may collect Personal Information about Data Subjects through a variety of technical methods, including the following: 

How MotionPoint Uses Data Subjects’ Personal Information

MotionPoint uses Data Subjects’ information to pursue specific purposes that help MotionPoint to meet Data Subjects’ needs and MotionPoint’s objectives. MotionPoint only does this when there is an established lawful basis upon which to process Personal Information.

Below are some examples of how MotionPoint may use Data Subjects’ Personal Information:

MotionPoint undertakes a balancing test in relation to legitimate interests. Further information is available on request.

How MotionPoint Discloses or Shares Personal Information

There are some circumstances in which MotionPoint discloses or shares Data Subjects’ Personal Information with third parties.

International Transfers

MotionPoint uses third-party service providers, contractors, and other businesses to assist it in providing its solutions and services. In some cases, Personal Information will be transferred to third parties located in regions where data protection laws are less stringent than the EU or Switzerland. However, MotionPoint will take steps to ensure Data Subjects’ Personal Information is protected in accordance with this Statement.

In the event that Personal Information is disclosed to a third party acting as an Agent to perform task(s) on behalf of and under MotionPoint’s instructions, MotionPoint will transfer the Personal Information only if MotionPoint first ascertains that the Agent subscribes to the Principles or another adequacy finding or enters into a written agreement with the third party requiring the Agent to provide at least the same level of privacy protection as is required by the relevant Principles; and the conditions of the transfer do not contradict the Principles.

If a third party to which MotionPoint has disclosed Personal Information covered by this Statement is processing such Personal Information in a way that is inconsistent with this Statement and/or the Principles, MotionPoint will take reasonable steps to prevent or stop such processing. MotionPoint will remain liable under the Principles for any processing carried out by the third party which violates the Principles, unless MotionPoint proves it is not responsible for the event which gives rise to the violation.

Security Measures MotionPoint has In Place to Protect Personal Information

MotionPoint applies appropriate technical and organisational measures to protect Personal Information covered by this Statement from loss, misuse and unauthorised access, disclosure, alteration or destruction. These measures take into account the risks involved in the processing, the nature of the Personal Information, and industry best practices for security and data protection.

Integrity, Retention & Purpose Limitation

MotionPoint only collects Personal Information covered by this Statement for the above-stated purposes and retains Personal Information only for as long as is necessary or required by law.

Personal Information will not be processed in a way that is incompatible with the above-stated purposes for which it is collected or subsequently authorised by the individual. To the extent necessary for those purposes, reasonable steps shall be taken to ensure that the Personal Information is reliable for its intended use, accurate, complete and current.

Personal Information will be retained for as long as needed to fulfil the purposes set out in this Statement or meet legal requirements. When determining the relevant retention periods, MotionPoint takes into account factors including:

Otherwise, MotionPoint securely deletes or anonymises Personal Information where it no longer requires it for the purposes collected.

Rights Available to Data Subjects

MotionPoint recognizes the importance of giving Data Subjects control of their Personal Information. By law, Data Subjects have a number of limited rights concerning the Personal Information collected and processed by businesses like MotionPoint. Further information and advice about Data Subjects’ rights can be obtained from the national data protection regulator. To exercise any of these rights, please contact MotionPoint using the Contact Details set out above.

The right to be informed. Data Subjects have the right to information about how their information is collected and processed – this is why MotionPoint provides this Statement.

The right of access. Data Subjects have the right to obtain access to their Personal Information (if it is processed by MotionPoint), and certain other information (similar to that provided in this Privacy Statement). This is so that Data Subjects are aware and can check that MotionPoint is using their Personal Information in accordance with data protection law.

The right to rectification. If it is inaccurate or incomplete, Data Subjects may request that MotionPoint amend the Personal Information held about them. Data Subjects can request such rectification by contacting MotionPoint in the way set out above.

The right to erasure. This is also known as ‘the right to be forgotten’ and, in simple terms, enables Data Subjects to request the deletion or removal of their information held by MotionPoint.

The right to restrict processing. Data Subjects have the right to ‘block’ or suppress further use of their information. When processing is restricted, MotionPoint may still store Personal Information, but will not use it further.

The right to object to processing. Data Subjects have the right to object to certain types of processing, including processing for direct marketing (i.e. receiving direct marketing communications).

The right to data portability. Data Subjects have the right to obtain and reuse their information for their own purposes across different services. For instance, if the Data Subject wishes to switch to an alternative service provider, data portability enables them to move, copy or transfer their information easily between MotionPoint’s IT systems and theirs safely and securely, without affecting its usability.

The right to lodge a complaint. Data Subjects have the right to lodge a complaint about the way MotionPoint handles or processes their information with the national data protection regulator.

The right to withdraw consent. If a Data Subject has given their consent to anything MotionPoint does with their information (i.e. MotionPoint relies on consent as the legal basis for processing their information), Data Subjects have the right to withdraw consent at any time.

Verification and Enforcement

MotionPoint has verified and will verify annually that the attestations and assertions made about this Statement are true and correct. MotionPoint will annually verify that its privacy practices have been implemented as represented in this Statement and in accordance with the Principles. MotionPoint also commits to remedying issues identified.

This verification has been and will be signed by a corporate officer or other authorized representative of MotionPoint at least once a year and is available upon request by individuals or in the context of an investigation or a complaint about non-compliance.

The verification will include the following:

All MotionPoint employees that have access to Personal Information covered by this Statement in the U.S. are responsible for conducting themselves in accordance with this Statement. Failure of a MotionPoint employee to comply with this Statement may result in disciplinary action up to and including termination.

MotionPoint will investigate and attempt to resolve any complaints and/or disputes regarding the processing of personal information in accordance with the principles of this Statement.

Recourse

MotionPoint is committed to transparency in the procedure it uses to respond to enquiries and complaints concerning its processing of Data.

MotionPoint shall respond to any such inquiries or complaints within forty-five (45) days.

If a Data Subject’s question or concern cannot be satisfied through this process, MotionPoint has committed to refer unresolved privacy complaints under the Principles to an independent dispute resolution mechanism operated by JAMS; and at no cost to the complaining party for hearing the complaint. Information regarding JAMS’ dispute resolution services, including instructions for submitting a complaint may be found by visiting: https://www.jamsadr.com/eu-us-privacy-shield.

In instances where other redress possibilities have been exhausted under EU law, or where the complaint has not been resolved by any other means, MotionPoint shall provide EU end users a binding arbitration option before the Privacy Shield Panel.

MotionPoint acknowledges that any final decision by the Privacy Shield Panel is a legally binding decision, enforceable in US courts.

MotionPoint shall cooperate with the United States Federal Trade Commissions and any data protection authorities of the EU Member States (“DPAs”) and/or the Swiss Federal Data Protection and Information Commissioner (“Commissioner”) in the investigation and resolution of complaints that cannot be resolved between MotionPoint and the complainant that are brought to a relevant DPA.

Changes to this Privacy Statement

This Statement is effective as of the date above. It shall remain in effect except with respect to any changes in its provisions, which will be in effect immediately after being posted on this page.

MotionPoint reserves the right to update or change its Statement at any time If MotionPoint makes any material changes to this Statement, MotionPoint shall place a prominent notice on its website.

Last Updated: May 22, 2018