How We Obtain Personal Information As a data controller, we collect and process EEA Personal Information directly from individuals, either through our publicly available website, www.ximasoftware.com, or in connection with our relationships with our partners, customers, resellers and vendors.
As a data processor, we process and store EEA Personal Information obtained from our customers when providing our customers software and related technical and customer support services (Xima’s software and all related services may be referred to hereinafter collectively as the “Services”). In this context, we process Personal Information on behalf of and at the instructions of our customers, which are the data controllers.
Xima commits to subjecting to the Principles all Personal Information received form the EEA in reliance on the Privacy Shield (which includes both types of activities).
Data Security We have instituted appropriate and reasonable measures to protect your Personal Information from loss, misuse and unauthorized access, destruction, alteration and/or disclosure, taking into account the inherent risks involved in the processing and the nature of the Personal Information.
Access to Personal Information As appropriate, Xima provides you with access to the Personal Information that we maintain about you and the ability to correct, amend or delete that information when it is incorrect or has been processed in violation of the Principles by sending a written request as indicated in the contact information provided below. We will review all requests in accordance with the Principles, and may limit or deny access to Personal Information where providing such access is unreasonably burdensome or expensive given the circumstances, or as otherwise permitted by the Principles. To the extent that we use your Personal Information for a purpose that is substantially different from the purposes listed in this policy or if we intend to disclose it to a third party acting as a controller not previously identified, we will offer you the opportunity to opt-out of such uses and disclosures where is involved non-sensitive information or opt-in where sensitive information is involved.
When we process Personal Information in the context of our Services, we only process and disclose the data as necessary to provide the Services. If you wish to request access, to limit use, or to limit disclosure of Personal Information uploaded to the Services by one of Xima’s customers, please contact the customer who submitted your data to our Services. If you provide us with the name of our customer that is processing your Personal Information, we will refer your request to that customer and will support the customer as needed in responding to your request.
Enforcement If you have any questions or concerns regarding Xima’s Personal Information practices or compliance with the Principles, we encourage you to write to us as indicated below. We will investigate and attempt to resolve complaints and disputes regarding use and disclosure of Personal Information in accordance with the Principles. If an issue cannot be resolved, individuals may contact or submit a complaint, at no cost, to the JAMS EU-US Privacy Shield Program, which is based in the United States. We will cooperate with JAMS pursuant to the JAMS International Mediation Rules, which are accessible on the JAMS website at www.jamsadr.com. For residual complaints not fully or partially resolved by other means, individuals may be able to invoke binding arbitration as detailed in the Principles.
Xima, LLC Attn: Jeff Jorgensen 10653 S. River front Parkway, Suite 200 South Jordan, Utah 84095 (p): 888-944-9462 (e): firstname.lastname@example.org