EU-U.S. and Swiss-U.S. Privacy Shield Notice
Last Updated: May 5, 2020
Rocket Whale Products, LLC (“Blissbook”, “we”, “our”, or “us”) commits to conduct its business according to the EU -U.S. Privacy Shield framework and the Swiss – U.S. Privacy Shield Framework (the “Privacy Shield”) which became effective August 1, 2016 for the EU and January 12, 2017 for Switzerland. The Privacy Shield was developed by the U.S. Department of Commerce (“DOC”), the European Commission (the “EC”) and the Swiss Administration to provide companies based in the United States (U.S.), the European Union (EU) or Switzerland a mechanism to transfer data on European nationals to the U.S. and provide such European nationals the data protection available in the EU and Switzerland, in order to support transatlantic commerce. The EC and the Swiss Administration deem the Privacy Shield adequate to enable data transfers under EU and Swiss law.
Blissbook complies with the EU-U.S. Privacy Shield Framework and the Swiss – U.S. Privacy Shield Framework as set forth by the DOC regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. Blissbook has certified to the DOC that it adheres to the Privacy Shield Principles (the “Principles”). If there is any conflict between the terms in this Privacy Shield Notice and the Principles, the Principles will govern. To learn more about the Privacy Shield program, and to view Blissbook’s certification, please visit https://www.privacyshield.gov/welcome.
Blissbook collects Personal Information about Contacts who are European and Swiss nationals after they provide their consent to their employers or other entities (i.e., Blissbook’s Customers) to permit Blissbook to receive the information directly from those Customers.
Blissbook contractually requires Customers to obtain explicit authorization from Contacts in order for Blissbook to process the Personal Information of those Contacts, including by disclosing Personal Information to third parties.
Blissbook discloses Personal Information to Customers, hosting services providers, customer support providers, customer relationship management providers, and marketing automation service providers in order to provide the Services and to perform its contracts with its Customers.
Notwithstanding the above, Blissbook may disclose Personal Information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Accountability for Onward Transfer
In cases of onward transfer to third parties of Personal Information received pursuant to the EU-U.S. Privacy Shield and the Swiss-U.S. Privacy Shield, Blissbook is potentially liable.
Personal Information will be transferred from the EU or Switzerland to Blissbook in the United States where it will be processed by a processor under the direction of Blissbook. The Personal Information will be transferred only for limited and authorized specified purposes as agreed to by the applicable Customer. Blissbook will take reasonable and appropriate steps to ensure that its processor effectively processes the Personal Information transferred in a manner that is consistent with Blissbook’s obligations under the Privacy Shield.
Any transfer by Blissbook of a Contact’s Personal Information to a Processor in the EU and Switzerland will be pursuant to that Contact’s consent to processing which Blissbook contractually requires the relevant Customer to obtain.
The transfer of Personal Information will be only for limited and specified purposes. Blissbook’s processor will be obligated to provide at least the same level of data protection as is required by the Principles, and Blissbook will take steps to assure that the its processor effectively processes the Personal Information transferred in a manner consistent with Blissbook’s obligations under the Principles. The processor will be required to notify Blissbook if it makes a determination that it can no longer meet its obligation to provide the same level of protection as is required by the Principles, and upon notice, Blissbook will take reasonable and appropriate steps to stop and remediate unauthorized processing.
Blissbook and its processor maintain a comprehensive information security program designed to anticipate foreseeable threats or hazards for attacks, intrusions, unauthorized access, system failures, alteration, destruction, or breach of confidentiality through (a) using administrative, technical, and physical safeguards (“Safeguards”); (b) reasonably designing, periodically reviewing, regularly testing, monitoring, and risk assessing the Safeguards; and (c) modifying and upgrading systems, system controls, procedures (including training of employees and management).
If a Contact contacts Blissbook directly with a request to exercise his or her data protection rights, Blissbook will respond in accordance with applicable data protection laws and after providing notice of the request to the relevant Customer. Blissbook may ask the Contact to verify his or her identity in order to facilitate an efficient response to the request.
Changes in Blissbook Privacy Shield Notice
If we decide to change this Privacy Shield Notice, we will post the changes at this site and at other places we deem appropriate. We reserve the right to modify this Privacy Shield Notice at any time, so please review it frequently.
Customers with complaints about the collection or use of their Contacts’ Personal Information should contact:
If their dispute is not resolved satisfactorily, they (or their Contacts) may submit it for mediation to: https://www.jamsadr.com/eu-us-privacy-shield, an alternative dispute resolution provider located in the United States. The services of JAMS are provided at no cost to the Contact.
Blissbook is subject to regulation by the Federal Trade Commission (the “FTC”), and its investigatory and enforcement powers. Under certain circumstances, Contacts may submit their complaint to binding arbitration, see: https://www.privacyshield.gov/article?id=ANNEX-I-introduction.
Human Resources (HR) Data
Blissbook commits to cooperate with the panel established by the EU data protection authorities (DPAs) and/or the Swiss Federal Data Protection and Information Commissioner, as applicable and comply with the advice given by such panel and/or Commissioner, as applicable, with regard to human resources data transferred from the EU and/or Switzerland, as applicable, in the context of the employment relationship.