The transfer of Personal Data to non-European Union nations that do not meet the European “adequacy” standard for privacy protection is prohibited by the European Commission’s Directive on Data Protection (October, 1998). In order to provide a streamlined means for U.S. organizations to comply with the Directive and to bridge these various privacy approaches, the U.S. Department of Commerce, in consultation with the European Commission, developed a “Safe Harbor” framework. The Safe Harbor, which was approved by the EU in July 2000, is a way for U.S. companies to avoid experiencing problems in their dealings with the EU or potentially facing prosecution by EU authorities under European privacy laws.
HMI INDUSTRIES, INC.
Scope and Purpose
“Agent” is a company or individual authorized to collect, process or have access to personal data on behalf of HMI.
“HMI” means HMI Industries, Inc., including its wholly-owned subsidiaries that are incorporated in any state or territory of the US.
“Personal Data” is data about an identified or identifiable individual, received by HMI in the US from the EU, and recorded in any form. Personal Data does not include publicly available data, anonymized data, encoded data or data reported in the aggregate, but does include Sensitive Personal Data.
“Safe Harbor Principles” means the principles agreed to by the European Commission and the U.S. Department of Commerce that US companies can choose to follow to protect Personal Data received from EU individuals, in compliance with the European Directive on Data Protection.
“Sensitive Personal Data” means Personal Data that reveals race, ethnic origin, sexual orientation, political opinion, religion, or philosophical beliefs, trade union membership, or personal health.
The Safe Harbor Principles
Notice. Where HMI collects personal information from individuals in the EU, HMI will inform them about the types of personal information collected, the purpose for which it collects such data, and the types of third parties to which it discloses or may disclose such data. Notice will be provided in clear and conspicuous language at the time of collection, or as soon as practicable thereafter, and in any event before HMI uses or discloses the information for a purpose other than that for which it was originally collected.
Choice. HMI will offer individuals the opportunity to decline to have their data disclosed to a non-agent third party or to be used for a purpose incompatible with the purpose for which the data was originally collected or subsequently authorized by the individual. In the event sensitive personal data is to be used for a new purpose or transferred to a non-agent third party, then the individual will be given the opportunity to expressly consent to the disclosure prior to the use or transfer of the data.
Outward Transfers. HMI will only transfer Personal Data to Agents when assurances have been provided by that Agent(s) that he will safeguard the information consistent with the same level of privacy required by the Policy. Where HMI becomes aware that an agent is using or disclosing information in a manner contrary to this Policy, HMI will take reasonable steps to prevent or stop the use or disclosure.
Security. HMI takes reasonable steps to protect Personal Data from loss, misuse disclosure, unauthorized access and destruction.
Data Integrity. HMI will use Personal Data only in ways that are compatible with the purpose for which it was collected or subsequently authorized by the individual. HMI will take reasonable steps to ensure that personal information is relevant to its intended use, accurate, complete and current.
Access. An individual has the right to inquire as to the nature of the Personal Data stored or processed by HMI about that individual. Where inaccurate, that individual may correct, amend or delete it, except where the burden or expense of providing access would be disproportionate to the risk to the individual’s privacy.
Enforcement. HMI will conduct self-assessment audits of the Policy to verify its compliance with these principles. Any employee that HMI determines is in violation of the Policy will be subject to disciplinary action.
Dispute Resolution. Any questions regarding the use or disclosure of personal information should be directed to HMI at the address given below, which will investigate and try to resolve any disputes in accordance with this Policy. HMI agrees to participate in the dispute resolution procedure administered by the European Data Protection Authorities to resolve disputes pursuant to the Safe Harbor Principles.
Limitations on Scope of Policy
Adherence by HMI to the Safe Harbor Principles and this Policy may be limited to the extent required to meet legal or ethical obligations and to the extent expressly permitted by law.
Please contact the following with questions regarding this Policy at:
HMI Industries, Inc.
Attention: Rob Kay
13325 Darice Parkway, Unit A
Strongsville, OH 44149
Changes to Policy States
This Policy may be amended from time to time, consistent with the requirements of the Safe Harbor principle. A notice will be posted on HMI’s web page (www.filterqueen.com) advising of material changes to this Policy.
Effective Date: March 31, 2009