Privacy Policy Compliant with the EU-U.S. Data Privacy Framework Program (EU-U.S. DPF)
Privacy Policy Disclaimer:
At EPY Host ("EPY Host LTD"), we uphold the highest ethical standards in our business practices. We carefully collect, use, and disclose personal information in accordance with the laws of the countries where we operate.
This Privacy Policy, in line with the EU-U.S. Data Privacy Framework program (EU-U.S. DPF), details the privacy principles followed by EPY Host LTD regarding the transfer of personal information from the European Economic Area (EEA) – including the twenty-eight member states of the European Union (EU) and Iceland, Liechtenstein, and Norway – to the United States.
EPY Host LTD follows the guidelines of the EU-U.S. Data Privacy Framework program (EU-U.S. DPF) established by the U.S. Department of Commerce. Our certification affirms our commitment to complying with the EU-U.S. Data Privacy Framework program Principles (EU-U.S. DPF Principles) regarding the processing of personal data received from the European Union under the EU-U.S. DPF. In case of any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles, the Principles will take precedence. For more information about the Data Privacy Framework (DPF) program or to view our certification, please visit https://www.dataprivacyframework.gov/.
EPY Host LTD proudly certifies its commitment to the EU-U.S. Data Privacy Framework program (EU-U.S. DPF) principles, including Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement, and Liability under its EU-U.S. Data Privacy Framework program (EU-U.S. DPF) certification. In case of any conflict between the terms in this privacy policy and the EU-U.S. Data Privacy Framework program (EU-U.S. DPF) Principles, the EU-U.S. Data Privacy Framework program (EU-U.S. DPF) Principles will take precedence. To learn more about the EU-U.S. Data Privacy Framework program (EU-U.S. DPF) or view EPY Host LTD’s certification, please visit the https://www.dataprivacyframework.gov/ page.
EPY Host LTD is fully committed to the EU-U.S. Data Privacy Framework program (EU-U.S. DPF), covering all personal data regulated by the EPY Host LTD Privacy Agreement and received from the European Union and European Economic Area. We adhere strictly to the EU-U.S. Data Privacy Framework program (EU-U.S. DPF) principles governing the treatment of such personal data. For a comprehensive understanding of data collection and use, please refer to the EPY Host LTD Privacy Agreement. Moreover, specific personal information may be subject to EPY Host LTD's more detailed privacy policies, all designed to align with the requirements of the EU-U.S. Data Privacy Framework program (EU-U.S. DPF).
EPY Host collects the following data and lists the purpose of collection
| Data | Purpose |
|---|---|
| First name | Marketing, Billing/Account Provisioning, Biometric Enrolment |
| Last name | Marketing, Billing/Account Provisioning, Biometric Enrolment |
| Company name | Marketing, Billing/Account Provisioning, Biometric Enrolment |
| Corporate physical address | Billing/Account Provisioning, Biometric Enrolment |
| Corporate phone number | Billing/Account Provisioning, Biometric Enrolment |
| Iris scan | Biometric Enrolment |
| Vascular scan | Biometric Enrolment |
| Driver’s license/Photo ID | Facility Access |
EPY Host LTD may share its marketing data with partners in its ecosystem, which includes companies such as VMware, Microsoft, Veeam, Brocade, Intel, Nimble, SuperMicro, and Micron. This data sharing process may involve the use of third-party automation and CRM systems, with Salesforce and Hubspot being the primary platforms.
Moreover, EPY Host LTD may reveal an individual’s personal information if compelled by legal requirements from public authorities, such as fulfilling national security or law enforcement obligations.
If EPY Host LTD decides to share personal data with third parties for purposes beyond the initial collection or subsequent authorization, individuals will be provided with the option to opt-out. This allows them to limit the use and disclosure of their data.
EPY Host LTD takes responsibility for personal data received under the EU-U.S. Data Privacy Framework program (EU-U.S. DPF) and transferred to a third party, as detailed in the EU-U.S. Data Privacy Framework program (EU-U.S. DPF) Principles. In essence, EPY Host LTD remains accountable and liable under these principles if third-party agents, processing personal data on its behalf, fail to adhere to the Principles. This accountability persists unless EPY Host LTD can prove that it is not responsible for the incident causing the damage.
EPY Host LTD respects the rights of individuals in the EU concerning their personal information. To access, correct, amend, or delete inaccurate data, individuals can submit a written request to the Chief Legal Officer, whose contact details are provided below. We will respond promptly to data removal requests.
As part of our commitment to the EU-U.S. Data Privacy Framework program's Principles, EPY Host LTD is committed to addressing privacy-related complaints. EU individuals with inquiries or complaints regarding the DPF can initially contact:
EPY Host LTD,
611 Gateway Blvd South San Francisco
CA 94080 United States
Additionally, EPY Host LTD has committed to redirecting unresolved privacy complaints under the DPF Principles to an independent dispute resolution mechanism called Data Privacy Framework Services, managed by BBB National Programs. If your complaint doesn't receive timely acknowledgment or a satisfactory resolution, please visit https://bbbprograms.org/programs/all-programs/dpf-consumers/ProcessForConsumers for further information and to file a complaint. This service is provided at no cost to you.
If, after going through the above channels, your DPF complaint remains unresolved, you may, under specific conditions, have the option to pursue binding arbitration for certain claims. Details are available at https://www.dataprivacyframework.gov/s/article/G-Arbitration-Procedures-dpf?tabset-35584=2.
If your complaint is not fully resolved after being reviewed by EPY Host LTD, BBB National Programs Data Privacy Framework Services, and the relevant Data Protection Authority (DPA), you may, under specific conditions, opt for binding arbitration before the EU-U.S. Data Privacy Framework program (EU-U.S. DPF) Panel. Additional details can be found at https://www.dataprivacyframework.gov/.
It's important to mention that EPY Host LTD operates under the investigative and enforcement authorities of the U.S. Federal Trade Commission (FTC).
Effective Date: January 2024.