Safe Harbor

DayNine Consulting Inc. and its affiliated United States subsidiaries (hereinafter collectively referred to as the “DayNine,” “we,” “us” or “our”) adhere to the Safe Harbor Agreement concerning the transfer of personal data from the European Union (“EU”) and Switzerland to the United States of America. Accordingly, we follow the Safe Harbor Principles published by the U.S. Department of Commerce (the “Principles”) with respect to all such data. If there is any conflict between the policies in this privacy policy and the Principles, the Principles shall govern. This privacy policy outlines our general policy and practices for implementing the Principles, including the types of information we gather, how we use it and the notice and choice affected individuals have regarding our use of and their ability to correct that information. This privacy policy applies to all personal information received by DayNine whether in electronic, paper or verbal format.

Definitions

“Personal Information” or “Information” means information that (1) is transferred from the EU or Switzerland to the United States; (2) is recorded in any form; (3) is about, or pertains to a specific individual; and (4) can be linked to that individual.

“Sensitive Personal Information” means personal information that reveals race, ethnic origin, sexual orientation, political opinions, religious or philosophical beliefs, trade union membership or that concerns an individual’s health.

Principles

Notice

DayNine shall inform an individual of the purpose for which it collects and uses the Personal Information and the types of non-agent third parties to which DayNine discloses or may disclose that Information. DayNine shall provide the individual with the choice and means for limiting the use and disclosure of their Personal Information. Notice will be provided in clear and conspicuous language when individuals are first asked to provide Personal Information to DayNine, or as soon as practicable thereafter, and in any event before DayNine uses or discloses the Information for a purpose other than for which it was originally collected.

Choice

DayNine will offer individuals the opportunity to choose (opt out) whether their Personal Information is (1) to be disclosed to a third party or (2) to be used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual. For Sensitive Personal Information, DayNine will give individuals the opportunity to affirmatively or explicitly (opt out) consent to the disclosure of the information for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual. DayNine shall treat Sensitive Personal Information received from an individual the same as the individual would treat and identify it as Sensitive Personal Information.

Onward Transfers

Prior to disclosing Personal Information to a third party, DayNine shall notify the individual of such disclosure and allow the individual the choice (opt out) of such disclosure. DayNine shall ensure that any third party for which Personal Information may be disclosed subscribes to the Principles or are subject to law providing the same level of privacy protection as is required by the Principles and agree in writing to provide an adequate level of privacy protection.

Data Security

DayNine shall take reasonable steps to protect the Information from loss, misuse and unauthorized access, disclosure, alteration and destruction. DayNine has put in place appropriate physical, electronic and managerial procedures to safeguard and secure the Information from loss, misuse, unauthorized access or disclosure, alteration or destruction. DayNine cannot guarantee the security of Information on or transmitted via the Internet.

Data Integrity

DayNine shall only process Personal Information in a way that is compatible with and relevant for the purpose for which it was collected or authorized by the individual. To the extent necessary for those purposes, DayNine shall take reasonable steps to ensure that Personal Information is accurate, complete, current and reliable for its intended use.

Access

DayNine shall allow an individual access to their Personal Information and allow the individual to correct, amend or delete inaccurate information, except where the burden or expense of providing access would be disproportionate to the risks to the privacy of the individual in the case in question or where the rights of persons other than the individual would be violated.

Enforcement

DayNine uses a self-assessment approach to assure compliance with this privacy policy and periodically verifies that the policy is accurate, comprehensive for the information intended to be covered, prominently displayed, completely implemented and accessible and in conformity with the Principles. We encourage interested persons to raise any concerns using the contact information provided and we will investigate and attempt to resolve any complaints and disputes regarding use and disclosure of Personal Information in accordance with the Principles. If a complaint or dispute cannot be resolved through our internal process, we agree to dispute resolution using the International Centre For Dispute Resolution as a third party resolution provider.

They can be contacted as follows:

  1. Online: https://go.adr.org/safeharbor
  2. Fax: 877-304-8457 (USA) | 212-484-4178 (Outside USA)
  3. Mail:

International Centre for Dispute Resolution
Case Filing Services
1101 Laurel Oak Road, Suite 100
Vorhees, NJ 08043

Personal Information DayNine Processes

In the course of delivering services to its customers, DayNine processes data, including Personal Information, on behalf of its customers. In this context, DayNine acts as a data processor and does not control the data. DayNine processes Customer Data under the direction of its Customers, and has no direct control or ownership of the personal data it processes. Customers are responsible for complying with any regulations or laws that require providing notice, disclosure and/or obtaining consent prior to transferring the data to Workday for processing purposes.

An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data, should direct his or her query to the DayNine Customer (the data controller). If the Customer requests DayNine to remove the personal data to comply with data protection regulations, DayNine will respond to their request within 30 business days.

DayNine will refer any request for disclosure of personal data by a law enforcement authority to the Customer. DayNine may, where it concludes that it is legally obligated to do so, disclose personal data to law enforcement or other government authorities. DayNine will notify Customer of such request unless prohibited by law.

Information Subject to Other Policies

DayNine is committed to following the Principles for all Personal Information within the scope of the Safe Harbor Agreement. However, certain information is subject to policies of DayNine that may differ in some respects from the general policies set forth in this privacy policy.

Amendments

This privacy policy may be amended from time to time consistent with the requirements of the Safe Harbor. We will post any revised policy on this website.

Please contact the following with any questions regarding this policy:

DayNine Consulting, Inc.
Attention: Privacy
6200 Stoneridge Mall Road, #250
Pleasanton, California- 94588
Phone: 925-475-5700
Email: [email protected]