IPS EU-U.S. Data Privacy Framework Principles

    Image Processing Systems, Inc.

    EU-U.S. Data Privacy Framework Principles

    Image Processing Systems, Inc. (“IPS”) is a leading provider of document scanning, indexing, conversion, and archiving services for organizations large and small, in a wide variety of industries. We work with applications ranging from human resources and accounts payable to contracts and government records. Our document scanning services transform information recorded on paper, micrographics and other media into an almost endless variety of digital formats on a wide range of media, including ImageServ™ our own Web-based document repository.

    This privacy policy outlines our general policy and practices for implementing the Principles, including the types of information we gather, how we use it and the notice and choice affected individuals have regarding our use of and their ability to correct that information. This privacy policy applies to all personal information received by the Company whether in electronic, paper or verbal format.

    Definitions

    “Personal Information” or “Information” means information that (1) is transferred from the EU or Switzerland to the United States; (2) is recorded in any form; (3) is about, or pertains to a specific individual; and (4) can be linked to that individual.

    “Sensitive Personal Information” means personal information that reveals race, ethnic origin, sexual orientation, political opinions, criminal record, religious or philosophical beliefs, membership in a political association, trade union or other professional association or that concerns an individual’s health.

    Principles

    Notice

    Under most circumstances, IPS does not collect Personal Information directly from individuals, but may receive that information from our corporate clients. Therefore, when IPS receives Personal Information from the EU or Switzerland (and other locations) for processing purposes, and does not directly control the collection of the Information, IPS does not typically provide notification to those individuals. However, IPS is usually mandated by our client to hold that Information in the strictest confidence. In those cases, IPS reserves the right to process Personal Information in the course of providing services to our client without the knowledge of the individual(s) involved. IPS never uses the Information for a purpose other than it was provided to the Company.

    The above notwithstanding, Personal Information captured and contained in the IPS servers and databases is never sold, licensed or distributed to any third parties except to vendors and suppliers for the purposes of processing the data on behalf of our clients.

    When specifically requested to do so, IPS will inform affected individuals about the purposes for which it receives and uses Personal Information about them, how to contact the Company with any inquiries or complaints, the types of third parties to which it may disclose the Information, and any choices that IPS may offer individuals for limiting the Information’s use and disclosure.

    Choice

    Since IPS does not collect Personal Information directly from individuals, we do not offer an opportunity to choose (opt out) whether their Personal Information is (1) to be disclosed to a third party or (2) to be used for a purpose other than the purpose for which it was originally collected. Individuals can omit personal data from all material sent to IPS for processing.  These items can be redacted from all PDFs and other documents.

    Onward Transfers

    IPS will only transfer Personal Information to third parties where we have Non-disclosure Agreements or other contracts in place, and where they have given assurances that they provide at least the same level of privacy protection as required by these Principles. Where IPS has knowledge that a contracted third party is using or sharing Personal Information in a way that is contrary to the Principles, IPS will take reasonable steps to prevent or stop such processing.

    Access

    IPS processes Information under the guidance and direction of our corporate clients. Where appropriate, and with written permission from our corporate clients, IPS will grant individuals reasonable access to correct, amend or delete inaccurate information, except where the burden or expense of providing access would be disproportionate to the risks to the privacy of the individual in the case in question or where the rights of persons other than the individual would be violated.

    Data Security

    IPS shall take reasonable steps to protect the Information from loss, misuse and unauthorized access, disclosure, alteration and unwanted destruction. IPS has put in place appropriate physical, electronic and managerial procedures to safeguard and secure the Information from loss, misuse, unauthorized access or disclosure, alteration or unwanted destruction. IPS cannot guarantee the security of Information on or transmitted via the Internet. IPS does not disclose personal information to anyone other than the client to which the information belongs. IPS serves as a custodian to this data.

    Commitment

    Image Processing Systems, Inc. also complies with the EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) and comply with the advice given by such authorities with regard to human resources data and non-human resource data transferred from the EU and Switzerland in the context of the employment relationship. 

    An individual may be allowed to invoke binding arbitration to resolve disputes under certain limited conditions.

    Data Integrity

    IPS shall only process Personal Information in a way that is compatible with and relevant for the purpose for which it was collected or authorized by our corporate client. To the extent necessary for those purposes, Company shall take reasonable steps to ensure that Personal Information is accurate, complete, current and reliable for its intended use. IPS is required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

    Enforcement

    IPS uses a self-assessment approach to assure compliance with this privacy policy and periodically verifies that the policy is accurate, comprehensive for the information intended to be covered, prominently displayed, completely implemented and accessible and in conformity with the Principles. We will investigate and attempt to resolve any complaints and disputes regarding use and disclosure of Personal Information in accordance with the Principles.

    If a complaint or dispute cannot be resolved through our internal process, we agree to dispute resolution using an independent dispute resolution mechanism as a third party resolution provider. IPS is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).

    IPS complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce.  IPS has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF.  IPS has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF.  If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern.  To learn more about the Data Privacy Framework (DPF) Program, and to view our certification, please visit https://www.dataprivacyframework.gov/

    In compliance with the EU-U.S. DPF and the Swiss-U.S. DPF, IPS commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the Swiss-U.S. DPF.

    In compliance with the EU-U.S. DPF and the Swiss-U.S. DPF, IPS commits to resolve DPF Principles-related complaints about our collection and use of your personal information.  EU individuals and Swiss individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF and the Swiss-U.S. DPF should first contact IPS at:

     

    Thomas Nappi

    Thomas.Nappi@edenred.com

    Information Subject to Other Policies

    The Company is committed to following the Principles for all Personal Information within the scope of the EU-U.S. Data Privacy Framework Principles. However, certain information is subject to policies of the Company that may differ in some respects from the general policies set forth in this EU-U.S. Data Privacy Framework Principles policy.

    Contact Information

    Questions, comments or complaints regarding the Company’s DPF Policy or data collection and processing practices can be mailed or emailed to:

    Image Processing Systems, Inc.

    Attn: Legal Department

    150 Meadowland Parkway

    Secaucus, NJ 07094

    info@ipsmailbox.com

     

    Last Update/Review: August 15, 2023

    GET IN TOUCH WITH AN IPS EXPERT.
    CALL 201-710-2417 OR CLICK HERE
    SCHEDULE A DEMO
    Website by Delia Associates.