Privacy Policy For Information Received From Our European Affiliates

We at CCAA, Corporation (referred to as "CCAA", "We," "Us," or "Our") recognize the importance of protecting the privacy of certain Personal Information (as defined herein) that We may receive from Our European affiliates (the "Affiliates") about the customers or clients of Our Affiliates (referred to as "You" or "Your"). This Privacy Policy discloses the purposes for which We receive and use Your Personal Information, how We use it, how to contact Us with any inquiries or complaints, and how to correct, change, or delete it. At CCAA it is Our intention to give You a complete and accurate understanding about how We receive Your information and the use We make of it in the course of Our business. You can be assured that CCAA will not disclose Your Personal Information to third parties without Your consent, except as may be noted in this Privacy Policy.

Compliance with Safe Harbor Principles

CCAA complies with the U.S.-EU Safe Harbor Framework and the U.S.-Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland. CCAA has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view CCAA’s certification, please visit http://www.export.gov/safeharbor/.

What Does CCAA Treat as Personal Information?

"Personal Information" is any information or data about You that in itself, or as part of a unique combination of information, specifically recognizes You by unique descriptors and/or identifiers. Examples of Personal Information are name, address, credit card number, bank or financial account number, and social security number. Personal Information does not, however, include publicly available information. CCAA recognizes that You have an expectation about how Your Personal Information will be used and safeguarded. CCAA takes very seriously its commitment to ensure that such expectations are reasonably met, including the implementation of sound policies and business practices designed to diminish the unauthorized use of Personal Information for purposes such as the falsification of identity, unauthorized transactions in Your name, and/or the sale of Personal Information to third parties such as telemarketing firms. As a general rule, CCAA will not (within the scope of the European Directive 95/46/EC (the "Directive")) disclose any specific Personal Information that We receive about You from Our Affiliates in a manner that connects You with the Personal Information.

How Does CCAA Receive Your Personal Information?

CCAA acts as a data processor for Our Affiliates and supports their business offerings purely as a data processor as defined in the Directive. In doing so, We act at the specific direction of, and in accordance with written instructions provided by, the relevant Affiliate outlining the authority granted to CCAA as the data processor. The data that we receive from Our Affiliates includes customer data (such as Your Personal Information) housed in the databases of the clients of such Affiliate, which data is transmitted by the Affiliate, via a secured link (like a Virtual Private Network) using appropriate encryption mechanisms, to Our database servers. Although it is ultimately the responsibility of the Affiliate to ensure the integrity of the data it transmits to Us, We take reasonable steps to ensure that the data remains reliable, accurate, complete, and current, and that it is used solely for the intended purposes for which it was collected.

Onward Transmission:

As a general rule, CCAA will not disclose any specific Personal Information about You that We receive from Our Affiliates, except when We have Your permission or under special circumstances, as described below. We receive and use Personal Information for Our business purposes only, and as specifically instructed by Our Affiliates. The following describes some of the ways that Your Personal Information may be disclosed:

Third Party Contractors:
From time to time, We may disclose Your Personal Information to third party contractors who are acting as Our agents for the purposes of fulfilling Our data processing obligations to Our Affiliates. In such cases, We shall enter into a written agreement with such third parties requiring that the third parties provide at least the same level of privacy protection as is required by the Safe Harbor Principles.

Others:
CCAA may also disclose Personal Information in special cases when We have reason to believe that disclosing this information is necessary to identify, contact or bring legal action against someone who may be causing injury to or interference (either intentionally or unintentionally) with any of CCAA’s rights or property, other customers or clients of CCAA, or anyone else. CCAA may disclose Personal Information when We believe in good faith that the law requires it and/or as otherwise permitted by the Safe Harbor Principles.

If We become involved in a merger, acquisition, or any form of sale of some or all of Our assets, any Personal Information about You involved in such transactions will upon effectiveness of such transaction remain subject to the privacy policy that your Personal Information is subject to immediately prior to the transaction.

How Can You Control the Usage Of Your Personal Information?

Given that CCAA is only acting as a data processor on behalf of, and at the specific direction and instruction of, Our Affiliates, we are not entitled to modify, change, amend or otherwise alter Your Personal Information unless otherwise instructed directly by Our Affiliates. Accordingly, We will promptly forward to the relevant Affiliate from which We received Your Personal Information any request We may receive from You to correct, update or delete such Personal Information. We will coordinate any responses and/or inquiries that We may receive from such Affiliates in response to Your requests, and will promptly comply with any related instructions We may receive from such Affiliates relating to the processing of Your Personal Information (including any corrections, updates or deletions to such Personal Information). We will also reasonably cooperate with the applicable European Data Protection Supervisory Authority in the course of any inquiries it may have, and will reasonably comply with the advice of such Supervisory Authority, with regard to Our processing of Your Personal Information.

If, at any time, You wish to update, change, limit, or delete Your Personal Information, You may contact CCAA’s Information Protection Officer, Brian Fisher, at (203) 956-1000 (telephone), (203) 956-8789 (fax), or bfisher@affiniongroup.com, who will forward Your request to the relevant Affiliate.

Data Security

The security of all Personal Information associated with Our clients and customers is an important concern to Us. We take reasonable industry-standard precautions to safeguard the confidentiality of Your Personal Information, and to protect Your Personal Information from loss, misuse, and unauthorized access, disclosure, alteration, and destruction. We exercise care, as a data recipient, in ensuring a secure transmission of Your Personal Information from Our Affiliates to Our servers. We require that such transmissions be made via a secured link (like a Virtual Private Network ("VPN")) using appropriate encryption mechanisms. Unfortunately, no data transmission over a VPN can be guaranteed to be 100% secure. As a result, while We strive to protect Your Personal Information, CCAA and CCAA-affiliates cannot guarantee or warrant the security of any such Personal Information.

Enforcement

CCAA has instituted a self-regulatory and assessment program for ensuring verification and adherence to the Safe Harbor Privacy Principles. This may consist of regular information protection reviews including privacy information reviews, physical security reviews, disaster recovery planning, testing and reviews, internal and external audits of CCAA’s security, reviews performed by Our Affiliates, and onsite and survey reviews by Our Affiliates’ clients. Vulnerability reviews by CCAA or Our designated third party agents are also performed periodically. CCAA’s privacy polices and practices are in accordance with the aforementioned program and the Safe Harbor Principles.

If You wish to file a complaint or have any objections about the way We use or disclose Your Personal Information, please follow Our Dispute Resolution process below.

Dispute Resolution

In addition to the establishment of internal controls and dispute resolution procedures for ensuring compliance with the Safe Harbor Principles, CCAA has implemented an independent recourse mechanism whereby Your complaints and disputes can be investigated and resolved. To that end, CCAA has committed to cooperate with data protection authorities located in the European Union, or their authorized representatives.

If You wish to file a complaint or have any objections about the way We use or disclose Your Personal Information, You may contact CCAA’s Information Protection Officer, Brian Fisher, at (203) 956-1000 (telephone), (203) 956-8789 (fax), or bfisher@affiniongroup.com. We will cooperate with the appropriate regulatory authorities, including local data protection authorities, to resolve Your complaint where necessary.