Clearbit has certified to the EU-U.S. and Swiss-U.S. Privacy Shield frameworks (“Frameworks”) as set forth by the U.S. Department of Commerce regarding the processing of personal data transferred by Clearbit customers and end users from the European Union (“EU”) or Switzerland to Clearbit in the U.S. (“Personal Data”). (For these purposes, reference to the EU also includes the European Economic Area countries of Iceland, Liechtenstein and Norway). Clearbit has certified that it adheres to the Privacy Shield Principles, which include the Supplemental Principles (collectively, “Privacy Shield Principles”), with respect to Personal Data. If there is any conflict between the policies in this Privacy Shield Policy (“Policy”) and the Privacy Shield Principles, the Privacy Shield Principles shall govern with respect to Personal Data transferred pursuant to the Frameworks. To learn more about the Frameworks and to view our certification page, please visit https://www.privacyshield.gov.
When Clearbit receives Personal Data from enterprise customers in the EU or Switzerland and processes that Personal Data on the customer’s behalf, Clearbit acts as a processor (“Processor”). When Clearbit collects and uses Personal Data on its own behalf or otherwise makes independent decisions about how the Personal Data will be used, Clearbit acts as a controller (“Controller”).
We reserve the right to amend this Policy from time to time consistent with the Privacy Shield’s requirements.
We maintain reasonable and appropriate security measures to protect Personal Data from loss, misuse, unauthorized access, disclosure, alteration or destruction, taking into account the nature of the Personal Data and the risks inherent in processing that Personal Data. We will take reasonable steps to ensure that Personal Data is reliable for its intended use, accurate, complete and current for as long as we retain it. We will not use the Personal Data for a purpose that is incompatible with the purposes for which it has been collected or subsequently authorized by you. We will also retain Personal Data about you in a form identifying or making you identifiable only for as long as it serves a purpose of the data processing.
If you are a data subject whose data is transferred pursuant to the Frameworks, you have the right to request to access, correct, amend, or delete Personal Data where it is inaccurate, or has been processed in violation of the Privacy Shield Principles. We provide you with choices in your Personal Data, specifically to limit certain uses or disclosures. To exercise these rights or review these choices, please claim your profile or address your requests to the following email address: email@example.com. We will make good faith efforts to accommodate these requests within a reasonable time frame. When we are acting as a Processor on behalf of an enterprise customer, we will assist that customer in responding to individuals who contact that customer in exercising their rights under the Privacy Shield Principles.
In compliance with the Privacy Shield Principles, Clearbit commits to resolve complaints about our processing of your Personal Data. Individuals in the EU or Switzerland with inquiries or complaints regarding this Policy should first contact Clearbit at: firstname.lastname@example.org or by mail at: APIHub Inc., dba Clearbit, 90 Sheridan Street, San Francisco, CA 94103.
We have further committed to refer unresolved privacy complaints under the Privacy Shield Principles to TRUSTe, an alternative dispute resolution provider located in the U.S., at no cost to you. If you do not receive timely acknowledgment of your complaint from us, or if we have not resolved your complaint, please visit TRUSTe's online dispute resolution form for more information or to file a complaint.
In addition, if your complaint is not resolved through these channels, under certain conditions a binding arbitration option may be available before a Privacy Shield Panel. For additional information, please visit: https://www.privacyshield.gov/article?id=ANNEX-I-introduction.
We are subject to the investigatory and enforcement powers of the Federal Trade Commission with respect to Personal Data received or transferred pursuant to the Frameworks. Please note that we may share Personal Data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.