Section I. EU-US and Swiss-US Privacy Shield Framework
The Federal Trade Commission has jurisdiction over Emigra USA LLC’s compliance with the Privacy Shield.
Section II. Scope
Section III. Personal Data Purpose and Limitation
Emigra Worldwide provides comprehensive home and host immigration and consulting services to over 700 companies around the world, processing over 50,000 transactions across 110 countries annually.
As part of the contracted service engagement with our Individual Clients, Emigra Worldwide must submit information and documentation to immigration or municipal authorities. This process requires that we collect Personal Data. Emigra Worldwide collects Personal Data only when voluntarily provided by the Corporate Client or the Individual Client.
Types of Personal Data collected by Emigra Worldwide in the course of immigration case processing may include, but are not limited to:
- Biographical data (country of origin, nationality, racial or ethnic origin, marital status, spousal information, education, health or medical information, criminal record, bank account balance, address history, etc.)
- Employment or Human Resources data (employer(s), job title, salary and benefits, duration of employment, etc.)
Emigra Worldwide confirms and affirms that all such information will be held in strict confidence and will not be sold, re-marketed, or disclosed to any public or private entity for any reason except to the extent required in the provision of the requested services. Emigra Worldwide also may retain records of any correspondence and documents.
If an Individual Client wishes to limit the use and disclosure of his or her Personal Data, or wishes to withhold his or her Personal Data, or requests that their personal information be physically stored in a location other than Emigra Worldwide’s data center in the United States, the Individual Client may do so at any time by making a request to his or her immigration consultant. However, please be aware that such a decision may affect the ability of Emigra Worldwide to provide effective services and affect the client’s ability to enter, live or work in a location outside of his or her home or national residence.
Section IV. Access
Individual Clients have the right to access the Personal Data Emigra Worldwide holds about them. If such Personal Data is inaccurate or processed in violation of the Privacy Shield Principles, an Individual Client may request that Personal Data be corrected, amended, or deleted.
When Emigra Worldwide receives Personal Data, it does so on its Individual Clients’ or prospective Individual Clients’ behalves. To request access to, or correction, amendment or deletion of, Personal Data, Individual Clients should contact the Emigra Worldwide Immigration Consultant who collected their Personal Data. Emigra Worldwide will cooperate with its Individual Clients’ reasonable requests to exercise their rights under the Privacy Shield.
Section V. Third Party Disclosure and Accountability for Onward Transfer
In performing the services for which we have been engaged, there may be a need for Emigra Worldwide to solicit the services of a third party vendor. Third party vendors we may retain and with whom we may share information collected may be located in the United States or in other countries.
When Emigra Worldwide transfers Personal Data to a third party vendor, we do so with the contractual limit that such data may only be processed for limited and specified purposes consistent with the services authorized by the Corporate Client and the Individual Client. The third party vendor will provide the same level of protection as the Privacy Shield Principles and, if it makes a determination that it can no longer meet this obligation, will notify Emigra Worldwide, cease processing, and take other reasonable and appropriate steps to remediate.
Please be aware that Emigra Worldwide may be required to disclose an Individual Client’s Personal Data in response to a lawful request by public authorities, including to meet national security or law enforcement requirements. Emigra Worldwide is liable for appropriate onward transfers of personal data to third parties.
Section VI. Security
Emigra Worldwide takes reasonable and appropriate measures to protect personal data from loss, misuse and unauthorized access, disclosure, alteration and destruction, taking into due account the risks involved in the processing and the nature of the personal data.
Our datacenter is housed on servers located in the United States of America, in the state of Virginia. The data center is SSAE 16 certified. This environment provides physical security twenty-four hours per day, seven days per week, multiple redundant electrical generators, air conditioning, and other equipment required to provide the infrastructure needed for continuous operations. All users must be registered, provide appropriate credentials and have pre-determined access credentials for access. The network perimeter is protected by firewalls and monitored by intrusion detection systems. Emigra uses strong encryption products to protect all data.
Section VII. Recourse, Enforcement, and Liability
In compliance with the Privacy Shield Principles, Emigra USA LLC commits to resolve complaints about our collection or use of your personal information. European Union or Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Emigra USA LLC at email@example.com.
Emigra USA LLC commits to cooperate with the panel established by the EU data protection authorities (DPAs) and/or the Swiss Federal Data Protection and Information Commissioner and comply with the advice given by the panel and/or Commissioner with regard to data transferred to the United States from the EU and/or Switzerland.
Individuals may, under certain conditions, invoke binding arbitration for complaints regarding Privacy Shield compliance not resolved by any of the other Privacy Shield mechanisms. For more information regarding eligibility for binding arbitration, please consult Annex I of the Privacy Shield framework.
Section VIII. Renewal and Verification
Emigra Worldwide will renew its EU-US Privacy Shield and Swiss-US Privacy Shield certifications on an annual basis.
Prior to re-certification, Emigra Worldwide will conduct an in-house verification to ensure the attestations and assertions it makes about its Privacy Shield privacy practices are true and those privacy practices have been implemented as represented and in accordance with the Privacy Shield Principles. Specifically, as part of the verification process, Emigra Worldwide will undertake the following:
- Review this Privacy Shield Policy to ensure that it accurately describes Emigra Worldwide’s practices regarding the collection of Personal Data.
- Ensure that the publicly posted Privacy Shield Policy informs clients of Emigra Worldwide’ s participation in the EU-US Privacy Shield and Swiss-US Privacy Shield programs.
- Ensure that this Privacy Shield Policy continues to comply with the EU-US Privacy Shield and Swiss-US Privacy Shield Principles.
- Confirm that Individual Clients are made aware of the process for addressing complaints.
- Review its processes and procedures for training employees in the EU-US Privacy Shield and Swiss-US Privacy Shield Principles and the appropriate handling of Individual Clients’ Personal Data.
- Prepare an internal verification statement on an annual basis describing the findings of the in-house verification, any necessary corrective or preventive actions taken as a result of the in-house verification, and the outcome of these actions.
How to Contact Us
If you have any questions or comments about our Privacy Shield policy, please contact us by email at firstname.lastname@example.org.
This Policy was last revised on March 09, 2017.