PRIVACY SHIELD POLICY
This Privacy Shield Policy (“Policy”) applies to all personal information received by New Horizons Computer Learning Centers, Inc. (“New Horizons”, “we”, “our”, or “us”) in the United States from the European Economic Area (EEA) (which includes the member states of the European Union (EU) plus Iceland, Liechtenstein and Norway) and from Switzerland. This Policy also applies to all personal information previously received under the U.S.-EU Safe Harbor Framework and still held by New Horizons. This Policy sets out our practices for collecting, using, maintaining, protecting and disclosing that personal information.
For purposes of this Policy, the following definitions shall apply:
“Agent” means any third party that collects or uses personal information under the instructions of, and solely for, New Horizons or to which New Horizons discloses personal information for use on New Horizons’ behalf.
“New Horizons” means New Horizons Computer Learning Centers, Inc., New Horizons Franchising Group, Inc., and any predecessors and successors in the United States.
“Personal information” means any information or set of information that identifies or could be used by or on behalf of New Horizons to identify (together with other information) a living individual. Personal information does not include information that is anonymized or aggregated.
“Sensitive information” means any personal information that reveals race, ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, information that concerns health or sex life, and information about criminal or administrative proceedings and sanctions.
EU-U.S. PRIVACY SHIELD
New Horizons participates in and complies with the EU-U.S. Privacy Shield Framework (“Privacy Shield”) as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries. New Horizons has certified that it adheres to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfers, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement, and Liability, which are the basis for the principles of this Policy. If there is any conflict between this Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view New Horizons’ certification, please visit https://www.privacyshield.gov/.
U.S.-SWISS SAFE HARBOR
New Horizons complies with the U.S.-Swiss Safe Harbor Framework (“Safe Harbor”) as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from Switzerland. New Horizons has certified that it adheres to the Safe Harbor Privacy Principles of Notice, Choice, Onward Transfers, Security, Data Integrity, Access, and Enforcement, which are the basis for the principles of this Policy. If there is any conflict between this Policy and the Safe Harbor Principles, the Safe Harbor Principles shall govern. To learn more about the U.S.-Swiss Safe Harbor, and to view New Horizons’ certification, please visit http://www.export.gov/safeharbor.
New Horizons receives personal information about individuals in the EEA and Switzerland collected by New Horizons and its franchisees. This personal information may include basic contact information like name and email address, billing information, and courses and training taken by students.
New Horizons uses this information to provide our educational and training-related services to franchisees, customer support for such services, to bill customers, and to correspond with customers. This information also facilitates our affiliates’ and franchisees’ services.
New Horizons also receives information about employees of New Horizons who are located in the European Union, and which is transferred in the context of the employment relationship. New Horizons uses this information for internal employment and human resources purposes. New Horizons commits to cooperate in investigations by and to comply with the advice of competent EU authorities.
New Horizons will subject all personal information received via the Privacy Shield and U.S.-Swiss Safe Harbor Framework to their respective Privacy Principles.
New Horizons is subject to the investigative and enforcement authority of the Federal Trade Commission (FTC), is obliged to disclose personal information in response to lawful requests by public authorities, for law enforcement, and national security purposes, and has potential liability for onward transfers to third parties.
Additionally, an individual may be allowed to invoke binding arbitration to resolve disputes under certain limited conditions.
New Horizons will offer individuals the opportunity to choose whether their information is to be used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual. An individual may opt-out of such uses of their personal information by contacting us at the address given below. New Horizons does not disclose personal information to non-agent third parties. If this changes, New Horizons will offer an opt-out to individuals.
New Horizons will not use sensitive personal information for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual unless New Horizons has received the individual’s affirmative and explicit consent (opt-in). New Horizons will treat as sensitive any personal information received from a third party where the third party identifies and treats it as sensitive.
New Horizons will use personal information only in ways that are compatible with the purposes for which it was collected or subsequently authorized by the individual. New Horizons will take reasonable steps to ensure that personal information is relevant to its intended use, accurate, complete and current.
Transfers to Agents
New Horizons contracts with third parties who perform business functions on our behalf. New Horizons uses these third parties to manage its IT system infrastructure, provide live, online support to customers, and to manage email lists. These entities may have access to personal information if needed to perform their functions for New Horizons. New Horizons does not disclose personal information to non-agent third parties.
For information received under the Privacy Shield, New Horizons will require its agents to safeguard personal information consistent with this Policy by contract, obligating the agent to provide at least the same level of protection as is required by the Privacy Shield Principles.
Under certain circumstances, New Horizons may bear liability for onward transfers of personal data where its agent processes personal data inconsistent with the Privacy Shield Principles, unless New Horizons proves that it is not responsible for the event giving rise to the damage.
For information received under the U.S.-Swiss Safe Harbor, New Horizons will obtain appropriate assurances from its agents that they will safeguard personal information consistent with this Policy. Examples of appropriate assurances that may be provided by agents include the following: a contract obligating the agent to provide at least the same level of protection as is required by the relevant Privacy Shield and U.S.-Swiss Safe Harbor Principles, the Swiss Federal Act on Data Protection, its own Privacy Shield or Safe Harbor certification, or another European Commission or Swiss FDPIC adequacy finding.
Access and Correction
Upon request, New Horizons will grant individuals reasonable access to personal information that it holds about them. In addition, New Horizons will take reasonable steps to permit individuals to correct, amend, or delete information that is demonstrated to be inaccurate or incomplete. An individual may request to access their information, or otherwise correct, amend, or delete their information by contacting us at the address given below.
New Horizons will take reasonable and appropriate precautions to protect personal information in its possession from loss, misuse and unauthorized access, disclosure, alteration and destruction.
New Horizons will conduct compliance audits of its relevant privacy practices to verify adherence to this Policy. Any employee that New Horizons determines is in violation of this policy will be subject to disciplinary action.
New Horizons is subject to the investigative and enforcement authority of the FTC.
Dispute Resolution—Privacy Shield
In compliance with the Privacy Shield, New Horizons commits to resolve complaints about your privacy and our collection or use of your personal information. EU individuals with inquiries or complaints regarding this Policy should first contact New Horizons at the address given below. New Horizons will investigate and attempt to resolve complaints regarding use and disclosure of personal information by reference to the principles contained in this Policy.
New Horizons commits to cooperating with European Data Protection Authorities (“DPAs”).
New Horizons has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to the International Centre for Dispute Resolution (“ICDR”), the international division of the American Arbitration Association (“AAA”), a non-profit alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit the ICDR web site at http://info.adr.org/safeharbor for more information and to file a complaint. Under certain limited conditions, an individual may be able to invoke binding arbitration as provided under the Privacy Shield to address an otherwise unresolved complaint.
Dispute Resolution—U.S.-Swiss Safe Harbor
In compliance with the U.S.-Swiss Safe Harbor Principles, New Horizons commits to resolve complaints about your privacy and our collection or use of your personal information. Swiss citizens with inquiries or complaints regarding this Policy should first contact New Horizons at the address given below. New Horizons will investigate and attempt to resolve complaints regarding use and disclosure of personal information by reference to the principles contained in this Policy.
New Horizons has further committed to refer unresolved privacy complaints under the U.S.-Swiss Safe Harbor Principles to the ICDR/AAA. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit the ICDR web site at http://info.adr.org/safeharbor for more information and to file a complaint.
Questions regarding this Policy should be submitted to New Horizons by mail to:
New Horizons Computer Learning Centers, Inc.
1900 S. State College Blvd. Suite 450
Anaheim, CA 92806-6135
+1 (714) 940-8000
Or by e-mail to: firstname.lastname@example.org
LIMITATIONS & CHANGES
We may also be required to disclose an individual’s personal information in response to a lawful request by public authorities or in connection with a legal obligation. Adherence by New Horizons to these Privacy Shield and Safe Harbor Principles may also be limited to the extent necessary to meet national security, public interest or law enforcement obligations, and to the extent expressly permitted by an applicable law, rule or regulation.
This Policy may be amended from time to time, consistent with the requirements of the Privacy Shield and Safe Harbor Principles. The amended Policy will be made publicly available via New Horizons’ website.
Effective Date: 12/15/2016