EU and Switzerland Safe Harbor Policy


Predictablely Inc. (“”) acknowledges the standards for personal data protection in the European Union and Switzerland. Through its relationship with a global customer base, has access to Personally Identifiable Information (PII) of customers in the EEA and Switzerland. This Policy addresses the privacy concerns of European/Swiss customers due to data transfer between’s European/Swiss and U.S. business units and/or locations.

To affect this Policy, will adhere to the United States Department of Commerce Safe Harbor Principles and will self-certify to the United States Department of Commerce compliance with the European/Swiss Safe Harbor Principles. This Policy applies to all PII data transmissions from operations in the EEA/Switzerland to the United States. This includes transmission of data over phone lines, computer lines, and hard copy and includes any material that identifies a particular individual customer.

The use of EEA/Swiss customer PII may include personal telephone numbers, addresses, credit card or bank account information, and any other material that identifies a particular individual customer of


In implementing this policy, will annually self-certify to the Department of Commerce, that it agrees to adhere to the EU/Swiss Safe Harbor Principles. acknowledges that its failure to provide an annual self-certification to the Department of Commerce will result in the removal of from the list of participants.

Questions regarding the transmission of personal data from the EEA/Switzerland to the United States or any other non-EEA/non-Swiss location, or any further transmission of the personal data once received in the United States, should be referred to’s Support Group at

Alternatively, you can opt-out of our e-mail communications by ticking the opt-out box at the bottom of the email.

Guidelines has adopted the seven Safe Harbor principles of notice, choice, onward transfer (transfer to third parties), access, security, data integrity and enforcement with respect to PII and sensitive data to be transferred to the U.S. from operations in the EEA/Switzerland.

Notice – will notify customers in the EEA/Switzerland about the purposes for which personal data will be collected and used. Information will be provided on how customers can contact with inquiries or complaints regarding personal data. will give notice to customers regarding third parties to which it discloses the information, and restrictions that limit the information’s use and disclosure. In certain situations, data is “anonymized” so that the names of the data subjects are not known by data processors within In these cases, data subjects do not need to be notified.

Choice – Prior to releasing personal data to a third party, will give an individual customer the opportunity to choose whether their personal data is disclosed to that third party, used for a purpose incompatible with the purpose for which it was originally collected or subsequently authorized by that individual. For sensitive data, an affirmative choice will be given to the customer if the personal data is to be disclosed to a third party or used for a purpose other than its original purpose or the purposes authorized subsequently by the individual.

Onward transfer – (transfer to third parties) – Prior to disclosing personal data to a third party, will apply the notice and choice principles, enumerated above. will commit to ensuring that the third party keeper of personal data also subscribes to the EU/Swiss Safe Harbor Principles or any other EU/Swiss adequacy finding. will also enter into a written agreement with such third party requiring that the third party provide at least the same level of personal data protection as is maintained by

Access – Customers covered under this policy will have access to personal information about themselves that holds and will be able to correct, amend or delete information if it is inaccurate (the exception is when the burden or expense of providing access would be disproportionate to the risks of the individual privacy in the case in question or the rights of persons other than the individual would be violated.)

Security – will take reasonable precautions to protect personal information from loss, misuse and unauthorized access, disclosure, alteration and destruction. Access to personally identifiable personal data of EEA/Swiss customers will be to a limited number of users on a need to know basis.

Data Integrity – Personal data kept by will be relevant for the purposes for which it is to be used. will take reasonable steps to ensure that the data is reliable and that it is applied to its intended use. will also ensure that the information is accurate, complete and correct.

Enforcement – To ensure compliance with these Safe Harbor Principles, will:

• Commit to cooperate with JAMS as its independent recourse mechanism and with the Data Protection Authorities (DPAs) of the EU/Switzerland in the investigation and resolution of complaints and will comply with any advice given by DPAs;

• Employ a procedure for verifying that the commitment the company has made to adhere to the Safe Harbor Principles has been implemented;

• Remedy issues arising out of any failure to comply with the Principles. acknowledges that its failure to provide an annual self-certification to the Department of Commerce will remove it from its list of participants and the transfers of information will not be allowed unless otherwise complies with the EU/Swiss Data Protection Directive.

• will conduct compliance audits of its relevant privacy practices to verify adherence to this Policy. Any employee that determines is in violation of this policy will be subject to disciplinary action, up to and including termination of employment.

Dispute Resolution– The Support Group (“WSG”) will be the internal mechanism for ensuring compliance with the Safe Harbor Principles and facilitating the independent recourse mechanism referenced in the “Enforcement” section above.

Any questions or concerns regarding the use or disclosure of personal information should be directed to the WSG at the address given below. will investigate and attempt to resolve complaints and disputes regarding use and disclosure of personal information by reference to the principles contained in this Policy. For complaints that cannot be resolved between and the complainant, has agreed to participate in the following dispute resolution procedures in the investigation and resolution of complaints to resolve disputes pursuant to the Safe Harbor Principles:

• For disputes involving human resources personal information received by from the EEA/Switzerland, has agreed to cooperate with the data protection authorities in the EU/Switzerland and to participate in the dispute resolution procedures of the panel established by the European/Swiss data protection authorities (“DPAs”);

• For all other disputes involving personal information received by from the EEA/Switzerland, has agreed to formal mediation with JAMS pursuant to the JAMS International Mediation Rules, which are accessible on the JAMS website at Individuals who submit a question or concern to and who do not receive acknowledgment from of the inquiry, or who think their question or concern has not been satisfactorily addressed, should then contact JAMS on the Internet at JAMS will act as a liaison to to resolve these disputes. will assume the costs of the administrative fees if the mediator makes a written recommendation that finds in breach of its duties pursuant to the Safe Harbor. The JAMS dispute resolution process shall be conducted in English.

Limitation of Appliance of Principles

Adherence by to these Safe Harbor Principles may be limited (a) to the extent required to respond to a legal or ethical obligation; (b) to the extent necessary to meet national security, public interest or law enforcement obligations; and (c) to the extent expressly permitted by an applicable law, rule or regulation.

Internet Privacy sees the Internet and the use of other technology as valuable tools to communicate and interact with consumers, employees, business partners, and others. recognizes the importance of maintaining the privacy of information collected online and has created a specific Internet Privacy Policy (the “IPP”) governing the treatment of personal information collected through web sites that it operates. With respect to personal information that is transferred from the EEA or Switzerland to the U.S., the IPP is subordinate to this Policy. However, the IPP also reflects additional legal requirements and evolving standards with respect to Internet privacy.’s Internet Privacy Policy regarding its product and service can be found at

Contact Information

Questions or comments regarding this Policy should be submitted to the Support Group by mail to:

Predictablely Inc.

c/o Jeffrey Neu

1601 Broadway

Suite 200

New York, New York 10001

Changes to this Safe Harbor Privacy Policy

This Policy may be amended from time to time, consistent with the requirements of the Safe Harbor Principles. A notice will be posted on the web page for 60 days whenever this Safe Harbor Privacy Policy is changed in a material way.

Definitions – Means Predictablely Inc., its predecessors, successors, parents, subsidiaries, divisions, and groups in the United States.

European Union – The European Union (“EU”) consists of 27 independent sovereign states: Austria, Belgium, Bulgaria, Cyprus, the Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, the Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden and the United Kingdom.

European Economic Area – The European Economic Area (“EEA”) unites the EU Member States and the three EEA EFTA States (Iceland, Liechtenstein, and Norway).

Personally Identifiable Information (“PII” or “Personal Data”, for the purposes of this Policy) – Any personal information relating to an identified or identifiable natural person who is a customer and who can be identified, directly or indirectly, in particular by a reference to an identification number or to one or more factors specific to his or her physical, physiological, mental, economic, cultural or social identity.

Self-Certification to the Department of Commerce – must certify to the U.S. Department of Commerce that it will abide by the Safe Harbor Principles. must also state annually in its published privacy policy statement that it adheres to the Safe Harbor principles.

Sensitive Data – Sensitive data is data that pertains to racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, income records, health, sexual orientation or alleged commission of any offense. This data may not be transferred to a third party unless an individual gives explicit consent.

This Privacy Policy complies with the US-EU/Swiss Safe Harbor Framework and certifies its adherence to the Safe Harbor Privacy Principles.