Gong.io, Inc. (“Gong.io US”, “us“, “we” or “our”) has self-certified with the EU-US and Swiss-US Privacy Shield Frameworks with respect to the personal data of any individuals residing in the EU and Switzerland that we receive or process, including on behalf of any of our affiliated companies worldwide (collectively, “Gong.io Group”). To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov.
Accordingly, Gong.io US adheres to the principles of the EU-US and Swiss-US Privacy Shield Frameworks, as set forth by the US Department of Commerce regarding the collection, use, and retention of personal data transferred from the European Union and Switzerland to the United States (“Privacy Shield Principles”). If there is any conflict between this Notice and the Privacy Shield Principles, the Privacy Shield Principles shall govern.
Our participation in the Privacy Shield Frameworks applies to personal data that Gong.io US receives from and processes on behalf of our customers, business partners or any other member of the Gong.io Group, which relates to data subjects residing in the EU or Switzerland.
Gong.io US acts as a sub-processor or processor of the personal data we process on behalf of our customers, business partners or any other member of the Gong.io Group – who are each either the processor (where we act as sub-processor) or controller (where we act as processor) with respect to such personal data we process on their behalf.
2. Right to Access, Change or Delete Personal Data
EU and Swiss data subjects have the right to access personal data about them, and in some cases to limit use and disclosure of their personal data. If you would like to request access to your personal data processed by us, or to limit use and disclosure of your personal data, please contact email@example.com and provide your name and contact information. If your request pertains to data processed on behalf of another member of the Gong.io Group, or on behalf of any of our customers, we will refer your request to them, and will support them as needed in responding to your request.
3. Onward Transfers of Personal Data
We will not transfer personal data originating in the EU or Switzerland to third parties unless such third parties have entered into a written agreement with us requiring them to provide at least the same level of privacy protection to such personal data as required by the Privacy Shield Principles. In cases of such onward transfer, Gong.io US remains responsible and potentially liable, other than for events outside of its reasonable control.
4. Compelled Disclosures
Gong.io US may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
5. Recourse Mechanism
In compliance with the Privacy Shield Principles, Gong.io US is committed to resolve complaints about our collection or use of personal data. EU and Swiss individuals with inquiries or complaints regarding our privacy practices should first contact Gong.io US at firstname.lastname@example.org or by postal mail sent to:
Attn: Eilon Reshef, CTO
814 Mission St, Floor 4
CA 94103, USA
Gong.io US is committed to refer unresolved privacy complaints under the Privacy Shield Principles to the EU Data Protection Authorities and the Swiss Federal Data Protection and Information Commissioner (FDPIC). We have further committed to comply with the advice given by such authorities with regard to data transferred from the EU and Switzerland. If you do not receive timely acknowledgment of your complaint from us, or if we did not address your complaint to your satisfaction, please contact the EU or Swiss Data Protection Authorities for more information and to file a complaint, at no charge.
You may find the relevant contact details at: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm or: https://www.edoeb.admin.ch/edoeb/en/home/the-fdpic/links/data-protection—switzerland.html
Gong.io US is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC) to ensure compliance with the EU-US Privacy Shield outlined in this Notice.
Under certain conditions, more fully described on the Privacy Shield website, you may also be able to invoke binding arbitration when other dispute resolution procedures have been exhausted.