BIS Computer Solutions Privacy Shield Policy
BIS Computer Solutions, Inc. (BIS) complies with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of Personal Information as defined below that is transferred from European Union member countries (“EEA”) to the United States pursuant to Privacy Shield. BIS Computer Solutions, Inc. has certified to the Department of Commerce that it adheres to the Privacy Shield Principles with respect to such data.
If there is any conflict between this Policy and the Principles, the Principles will govern. To learn more about the Framework please visit www.privacyshield.gov. You can view our certification at www.privacyshield.gov/list. This Privacy Shield Policy applies to BIS Computer, Inc which is subject to the investigatory and enforcement powers of the Federal Trade Commission.
Personal Information Received from the European Economic Area
Personal Information, Data Integrity and Purpose Limitation
In our business application software (“the application”) that we develop for our clients, there may be private information (Human resource and other personal data) that is necessary to be collected by our clients for their business purposes. The Cloud Server Facilities and Oracle database that BIS utilizes provides a very high level of security for stored data. (256 bit encryption is included) Both our clients and our programming staff at BIS can access data that is stored within these systems. Such data may include a person’s name and address, phone, email address and other data specific to the application. Other data that our client’s customers may also provide are included in order to complete the transaction. In this process, such things as customer purchases, how much they pay for products and services, and other information, such as their pet name, may also reside in the Oracle database. This data is only used for contact purposes and conducting business between BIS and the client.
BIS does not provide any personal information collected to any other non-agent or non affiliated third party. Any information shared with anyone is only for the benefit of our client data processing and used in conjunction with that data processing. Any information shared, with a third party is only in accordance with doing business and is authorized by customer, as in the case of a credit card charge. During our customer’s business, it is possible that the customer is providing information such as name, address, for the purposes of transacting business. This is not collected by BIS.
Any personal data that is entered by customers on their systems can be retrieved, viewed, edited, or deleted at any time at the customer discretion. It is never entered by BIS, only by the customer.
BIS does not use or disclose any personal information collected on our computers about our customers on our customer accounts to any other non-agent third party except in the case of a lawful request by public authorities, including to meet national security or law enforcement requirements.
BIS has no control on cyber-attacks on customer equipment resulting in the confiscation of data, and therefore assumes no liability for this.
BIS’s accountability for personal data that it receives in the United States under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, BIS remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process the personal data on its behalf do so in a manner inconsistent with the Principles, unless BIS proves that it is not responsible for the event giving rise to the damage.
BIS nor its employees have any interest in the data that the application generates. BIS assures that credit card numbers are not stored in the application, as it utilizes a two-step process of sending the credit card number to the credit card processing firm and receives in return a ‘token’ that identifies that transaction. This method removes the actual credit card number from the process when it is transacted and avoids the need to store the credit card data itself.
BIS Employees sign non-disclosure forms that prevent them from using data obtained during the course of work they do for BIS, for their own private use. Each employee signs that they agree to all terms of the Handbook. Visitors do not have access to any of BIS’ computers.
BIS never transfers such data to anyone outside of the company, with the exception of payments made to credit card processing providers.
Individuals have a right to access or retrieve their personal data. This is done by contacting the European company where they placed their order. When information is deleted from the company database, it is deleted from BIS servers as well.
The choice is given to customers for limiting the use and disclosure of their personal data directly on the order form. Customers can indicate on this form what information is being stored on our data base. This is the only data stored on the data base. This is also identified to the customer in the terms and conditions signed by the customer.
BIS does not collect and therefore does not store any HR data for any clients, or clients’ employees on their software. This software does not include any HR modules and therefore is not applicable for purposes of this policy.
Recourse and Enforcement
In compliance with the Privacy Shield Principles, BIS Computer Solutions, Inc. commits to resolve complaints about our collection or use of your personal information. EU individuals with inquiries or complaints regarding our Privacy Shield policy should first contact:
BIS Computer Solutions, Inc
5500 Alta Canyada Rd
La Canada, CA 91011
Attn: Marian Macho
BIS Computer Solutions, Inc. has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by BBB National Programs. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit: https://link.edgepilot.com/s/64b9fdf7/ZsIzQdKwJkCLdb7mACoZ7Q?u=https://bbbprograms.org/privacy-shield-complaints/ for more information and to file a complaint. This service is provided free of charge to you.
If you have any questions or concerns, please write to us at the address listed below. If you are an EEA resident, we will investigate and attempt to resolve reasonable complaints and disputes regarding our use and disclosure of Personal Information in accordance with the stated principles. If an issue cannot be resolved via our internal dispute resolution mechanism, EEA individuals may contact or submit a complaint to the European Union Privacy Shield Panel.
If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction.
If you have questions, concerns, or complaints about this Privacy Shield Policy or our privacy practices, please contact us.
Bis Computer Solutions, Inc.
c/o Macho 5500 Alta Canyada Rd. La Canada, CA 91011 818.248.5023
Attn: Marian Macho