RedCAT Systems, LLC EU-U.S. Privacy Shield Notice
Distribution, Collection, and Disclosure
RedCAT will not share or distribute any customer data except as provided in the contractual agreement between RedCAT and customer, or as may be required by law. All Personal Data that received by RedCAT from the EEA is subject to the Privacy Shield Principles. RedCAT may also receive data that utilizes other compliance mechanisms, including data processing agreements based on the EU Standard Contractual Clauses. RedCAT collects personal data about EEA personnel that customers and their authorized users either enter into RedCAT's Cloud-Based Enterprise Applications; or provide to RedCAT under a professional services agreement to be input into or accessed within the Service (collectively, "Personal Data"). RedCAT acts as a data processor with respect to this data. RedCAT processes Personal Data to provide and support the Service for which the customer has engaged RedCAT. As a data processor, RedCAT will disclose Personal Data only as instructed by the data controller. RedCAT processes Personal Data only as instructed by its Customers, and does not control or own the Personal Data it processes. RedCAT may be required to disclose Personal Data in special cases when we have a good faith belief that such action is necessary to conform to legal requirements or to respond to lawful requests by public authorities, including to meet national security or law enforcement requirements. RedCAT will notify Customer of such request unless prohibited by law.
In some cases we may share Personal Data with our subcontractors to provide the RedCAT service to our Customers. If RedCAT goes through a business transition, such as a merger, acquisition by another company or sale of all or a portion of its assets Personal Data may only be transferred in accordance with the Customer agreement.
Where RedCAT is a data processor, individuals who seek access or who seek to correct, amend or delete inaccurate Personal Data, should contact the RedCAT Customer directly (the data controller). The Customer may have optionally enabled the individual to perform these updates themselves through the RedCAT Service. If the Customer requests RedCAT to remove the Personal Data to comply with data protection regulations, RedCAT will respond to the Customer's request within 30 days.
RedCAT retains Personal Data according to the timeframes set forth in the relevant Customer agreement. Individuals who would like to request that their personal data not be used for specific purposes or disclosed should contact the RedCAT Customer directly.
RedCAT is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission and is also committed to cooperating with EEA DPAs. If you are located in the EEA and have exhausted all other means to resolve your concern regarding a potential violation of RedCAT obligations under the Privacy Shield Principles, you may seek resolution via binding arbitration. RedCAT has registered with JAMS to provide independent third party dispute resolution at no cost to the complaining party. To contact JAMS and/or learn more about the company's dispute resolution services, including instructions for submitting a complaint, please visit: https://www.jamsadr.com/eu-us-privacy-shield. Complaining parties may also, in absence of a resolution by RedCAT and JAMS, seek to engage in binding arbitration through the Privacy Shield Panel. For additional information about the arbitration process please visit the Privacy Shield website: www.privacyshield.gov
RedCAT's accountability for personal data that it receives under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. RedCAT remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process the personal data on its behalf do so in a manner inconsistent with the Principles, unless RedCAT proves that it is not responsible for the event giving rise to the damage.
Inquiries or Complaints
Please refer any inquiries or complaints regarding RedCAT's Privacy Practices to firstname.lastname@example.org
or by regular mail addressed to:
RedCAT Systems, LLC
2344 Spruce Street, STE A
Boulder, CO 80302
The security of Client Data (including personal data) is very important to RedCAT. RedCAT maintains a comprehensive information security policy that contains industry standard, administrative, technical, and physical safeguards designed to prevent unauthorized access to Client Data. RedCAT designs its applications to allow Clients to customize their applications, enforce user access controls, and manage data that may be populated and/or made accessible by user role, geographic location, business unit, reporting relationship or other variable. Appropriate configuration of these settings is the Client's sole responsibility. Additional information regarding security and configuration is made available to Clients (RedCAT Documentation).
Last Updated: March 9, 2018