PRIVACY SHIELD POLICY
Last Updated on May 25, 2019
Document Version 1.0
Effective Date 3/21/2019
MercuryGate International, Inc.’s (“MercuryGate”) software and related systems may record and collect customer’s and driver’s name, address, phone number, email address, billing address, Social Security numbers, Driver License numbers, Passport numbers, VISA numbers, and Green Card numbers (collectively “Personal Data”) for business purposes. MercuryGate protects this Personal Data and will not disclose it to unauthorized individuals. If you have personally identifiable information stored or transmitted through MercuryGate systems, you may have the right to request your Personal Data be amended or deleted.
This Privacy Shield Policy (the “Policy”) establishes general privacy rights for personal data transferred through MercuryGate software and systems for business purposes; including systems and devices involved in the transmission and storage of personally identifiable information. The policy further defines the conditions under which Personal Data may be disclosed.
This Policy applies to all MercuryGate Customers (the users of MercuryGate’s Fleet products) and individual Drivers who provide their personally identifiable information to MercuryGate customers to use in MercuryGate’s Fleet product. MercuryGate customers may require the collection of Personal Data for carrier management and driver/carrier compliance processes.
MercuryGate complies with the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland transferred to the United States pursuant to Privacy Shield. MercuryGate has certified it adheres to the Privacy Shield Principles with respect to such data. If there is any conflict between the policies in this Policy and data subject rights under the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view MercuryGate’s certification page, please visit https://www.privacyshield.gov.
The Federal Trade Commission has jurisdiction over MercuryGate’s compliance with the Privacy Shield.
CUSTOMER DATA AND PERSONAL DATA
It is the general policy of MercuryGate to treat Customer and Driver data as private. Personally identifiable information may be obtained, stored, and reported for legitimate business purposes but shall not be exposed to unauthorized individuals except as specifically set forth below.
Personal data collected from individual Drivers may include:
- Phone Number
- Email Address
- Social Security Numbers
- Driver License Numbers
- Passport Numbers
- VISA Numbers
- Green Card Numbers
Personally identifiable data is only used for MercuryGate Fleet Customer’s carrier management and driver/carrier compliance qualification processes. Personally identifiable information is not stored in any transactional data, enabling the data to be amended or deleted without impact to transactions.
Personal data collected from Customers may include:
- Phone Number
- Email Address
- Billing Address
Customer and Driver data may be exposed or disclosed under the following circumstances:
- Audit process compliance.
- In response to a lawful request by public authorities; including to meet national security or law enforcement requirements.
To exercise these rights, contact us at:
Email – firstname.lastname@example.org
Mailing address – 200 Regency Forest Dr, Cary, NC 27518
Phone number – (919) 469-8057
For individual Drivers: Because MercuryGate personnel have limited ability to access data our Customers submit to our services, if you wish to request access, to limit use, or to limit disclosure, please provide the name of the MercuryGate Customer who submitted your data to our services. We will refer your request to that customer, and will support them as needed in responding to your request.
For Customers: if you, as a user of the Service, are an individual in the EU or Switzerland and wish to request access, to limit use, or to limit disclosure, contact us at: email@example.com.
We will provide an individual opt-out choice, or opt-in for sensitive data, before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your personal information, please submit a written request to firstname.lastname@example.org.
Individual Drivers electing to opt-out of the data collection of personally identifiable information should contact the specific MercuryGate Customer(s) that are requesting the data collection in the MercuryGate Fleet product. MercuryGate is only a processor but has Customers that may require collection of specific personally identifiable information for carrier management and driver/carrier compliance processes. If you reach out to MercuryGate, please include the name of the Customer that controls your data in your request.
MercuryGate integrates with third-party partners who provide additional outside functionality. MercuryGate does not share personal data with these third-party partners.
MercuryGate’s accountability for personal data that it receives in the United States under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, MercuryGate remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process the personal data on its behalf do so in a manner inconsistent with the Principles, unless MercuryGate proves that it is not responsible for the event giving rise to the damage.
REQUESTS TO AMEND OR DELETE PERSONAL DATA
In compliance with the Privacy Shield Principles, MercuryGate commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to Privacy Shield. European Union and Swiss individuals with Privacy Shield inquiries or complaints should first contact MercuryGate at: email@example.com
MercuryGate has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu- consumers for more information and to file a complaint. This service is provided free of charge to you. If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction.
Only MercuryGate customers will be notified that there is a request for carrier management and driver/carrier compliance processes business data. This notification shall be provided within twenty-four (24) hours of delivery of the court order to MercuryGate’s Legal Department unless prohibited by a legal court order.