TR Miller adheres to the “EU-U.S. Privacy Shield Framework” framework developed by the U.S. Department of Commerce with respect to personal information we receive from the European Union. This Statement outlines TR Miller's policy and practices for implementing the “EU-U.S. Privacy Shield Framework Privacy Principles,” including the type of information to which this Statement applies, how we use personal information, and the choices individuals have regarding our use of, and their ability to correct, that personal information. If there is any conflict between the policies in this statement and the “EU-U.S. Privacy Shield Framework” framework, TR Miller will follow the “EU-U.S. Privacy Shield Framework” framework.
Scope
This statement applies to all Personally Identifiable Information (“PII”) we receive from an TR Miller subsidiary in the European Union that transfers PII to TR Miller in the United States.
Notice
Notice will be provided in clear and conspicuous language when individuals are first asked to provide personal information to us, or as soon as practicable thereafter, and in any event before we use the information for a purpose other than that for which it was originally collected.
We may disclose personal information if required to do so by law or to protect and defend our rights or property. We obtain personal information only as permitted by the “EU-U.S. Privacy Shield Framework” framework. Before we allow an individual to obtain or use our products or services, we may require the individual to provide consent for personal information to be collected, used, and/or disclosed in certain ways.
Choice
We offer individuals the opportunity to choose whether their personal information is: (a) to be disclosed to a nonagent third party or (b) to be used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual. We disclose your personal information only to an affiliated third party that receives PII from TR Miller within a binding legal relationship pursuant to our instructions or on our behalf.
We provide individuals with reasonable mechanisms to exercise their choices should requisite circumstances arise.
Data Integrity
We use personal information only in ways compatible with the purposes for which it was collected or subsequently authorized by the individual. We take reasonable steps to ensure that personal information is accurate, complete, current, and relevant to its intended use.
We process personal information in ways compatible with the purpose for which the personal information was collected, or as otherwise authorized by the individual. To the extent necessary for such purposes, we take reasonable steps to make sure that personal information is accurate, complete, current, and otherwise reliable with regard to its intended use.
Disclosures and Onward Transfers
We do not transfer onward or disclose personal information received from the EU to third parties except when one or more of the following conditions is true:
- We have the individual's permission to make the disclosure.
- The disclosure is reasonably related to the sale or other disposition of all or part of our business or assets.
- The disclosure is permitted by law or required pursuant to subpoena.
- The personal information to be disclosed is publicly available.
Data Security
TR Miller has institutionalized industry-standard security practices, including encryption, and is constantly implementing reasonable precautions to protect personal information in our possession from loss, misuse, unauthorized access, disclosure, alteration, and destruction. We protect data in many ways. Physical security is designed to prevent unauthorized access to database equipment and hard copies of personal information. Electronic security measures continuously monitor access to our servers and provide protection from hacking or other unauthorized access from remote locations. This protection includes the use of firewalls, restricted access, and encryption technology. We limit access to personal information and data to those persons in our organization, or as our agents, that have a specific business purpose for maintaining and processing such personal information and data. We inform individuals who have been granted access to personal information and data of their responsibilities to protect the security, confidentiality, and integrity of that information, and we provide training and instruction on how to do so.
Access
If an individual becomes aware that personal information we maintain about that individual is inaccurate, or if an individual would like to update or review his or her personal information, the individual may contact us using the contact information provided below. We will take reasonable steps to permit individuals to correct, amend, or delete information demonstrated to be inaccurate or incomplete.
Accountability and Enforcement
TR Miller has established a Data Protection Program to monitor our adherence to the “EU-U.S. Privacy Shield Framework” principles, and to address questions and concerns regarding our adherence. This program will include conducting compliance audits of our relevant privacy practices to verify compliance with this policy and the “EU-U.S. Privacy Shield Framework” principles. Additionally, we provide a statement, at least once a year, signed by our authorized representative, verifying our adherence to the “EU-U.S. Privacy Shield Framework” principles. We encourage interested persons to raise any concerns to us using the contact information below.
We will investigate and attempt to resolve complaints and disputes regarding use and disclosure of personal information in accordance with the principles contained in this Statement. For any dispute that cannot be resolved through our internal processes, TR Miller will engage the services of an unaffiliated neutral party such as TrustE to act as the dispute-resolution mediator as permitted by the “EU-U.S. Privacy Shield Framework” framework. In the event that we or the dispute-resolution mediator determines that we did not comply with this policy, we will take appropriate steps to address any adverse effects and to promote future compliance.
Contact Information (EU-U.S. Privacy Shield Framework Only)
TR Miller Co, Inc.
Attn: Privacy Officer
290 South Street
Walpole, MA 02081
Effective Date of EU-U.S. Privacy Shield Framework Statement: May 23, 2011