Effective Date: October 05, 2023
For purposes of enforcing compliance with the Data Privacy Framework, Volt is subject to the investigatory and enforcement authority of the US Federal Trade Commission. For more information about the Data Privacy Framework, see the US Department of Commerce’s Data Privacy Framework website located at: https://www.dataprivacyframework.gov/
In this Data Privacy Framework Policy:
“Customer” means any individual or entity that purchases Services from Volt.
“Customer End User” means an individual whose information is stored on a Customer’s systems.
“EU Personal Data” means any information relating to a User that identifies or can be used to identify that User, either separately or in combination with other readily available data that is received by Volt in the U.S. from the EEA or Switzerland in connection with the Services.
“Sensitive Personal Data” means EU Personal Data regarding an individual’s racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, physical or mental health, or sexual life.
“Services” means a Volt website, mobile application, and related support services.
“Standard Contractual Clauses” means the standard data protection clauses for the transfer of EU Personal Data to processors established in third countries which do not ensure an adequate level of data protection, as described in Article 46 of the GDPR.
“User” means an individual authorized by a Customer to access and use the Services or a Customer End User whose personal data is processed by the Services.
Volt commits to comply with the Data Privacy Framework Principles with respect to the EU Personal Data received from Customers and Users in connection with the use of the Services. This Data Privacy Framework Policy does not apply to EU Personal Data transferred under Standard Contractual Clauses or any approved derogation under EU data protection law.
3. Data Privacy Framework Principles
Volt commits to processing EU Personal Data in accordance with the Data Privacy Framework Principles as follows:
All EU Personal Data is collected to operate, send marketing, manage and improve the Services, and ensure the technical functionality and security of the Services. Before Volt uses EU Personal Data for a purpose that is materially different from the purpose for which Volt collected it or that was later authorized, Volt will provide Users with the opportunity to opt out.
Volt shares EU Personal Data collected through the Services with third parties that Volt engages to help us operate the Services, improve our business or the Services, to provide Services to us (such as web hosting, data storage and similar administrative services), and to market to current and prospective Customers.
When Volt collects Sensitive Personal Data, Volt will obtain opt-in consent if Data Privacy Framework requires, including before Sensitive Personal Data is used for a different purpose than that purpose for which it was collected or later authorized.
Please send requests to opt out of uses or disclosures of EU Personal Data to email@example.com
3.3. Accountability for Onward Transfer
If Volt transfers EU Personal Data covered by this Data Privacy Framework Policy to a third party, Volt takes reasonable and appropriate steps to ensure that each third party transferee processes EU Personal Data transferred in a manner consistent with Volt’s obligations under the Data Privacy Framework Principles. Volt will ensure that each transfer is consistent with any notice provided to Customers and Users and any consent they have given. Volt requires a written contract with any third party receiving EU Personal Data that ensures that the third party (i) processes the EU Personal Data for limited and specified purposes consistent with any consent provided by Customers and Users, (ii) provides at least the same level of protection as is required by the Data Privacy Framework Principles, (iii) notifies Volt if it cannot comply with Data Privacy Framework; and (iv) ceases processing EU Personal Data or takes other reasonable and appropriate steps to remediate.
Under certain circumstances, Volt may be required to disclose EU Personal Data in response to valid requests by public authorities, including for national security or law enforcement requirements.
Volt remains liable under the Data Privacy Framework Principles if an agent processes EU Personal Data covered by this Data Privacy Framework Policy in a manner inconsistent with the Data Privacy Framework Principles unless Volt is not responsible for the event giving rise to the damage.
Volt takes reasonable and appropriate measures to protect EU Personal Data covered by this Data Privacy Framework Policy from loss, misuse and unauthorized access, disclosure, alteration and destruction. In determining these measures, Volt takes into account the risks involved in the processing and the nature of the EU Personal Data.
3.5. Data Integrity and Purpose Limitation
Volt takes reasonable steps to ensure that such EU Personal Data is reliable for its intended use, accurate, complete and current. Volt adheres to the Data Privacy Framework Principles for as long as it retains EU Personal Data in identifiable form. Volt takes reasonable and appropriate measures to comply with the requirement under the Data Privacy Framework to retain EU Personal Data in identifiable form only for as long as it serves a purpose of processing.
Volt limits the collection of EU Personal Data covered by this Data Privacy Framework Policy to information that is relevant for the purposes of processing. Volt does not process EU Personal Data in a way that is incompatible with the purpose for which it was collected or subsequently authorized by a Customer or User.
A User whose EU Personal Data is covered by this Data Privacy Framework Policy has the right to access his or her EU Personal Data and to correct, amend or delete the EU Personal Data if the EU Personal Data is inaccurate or processed in violation of the Data Privacy Framework Principles. Volt is not required to grant the rights to access, correct, amend and delete EU Personal Data if the burden or expense of providing access, correction, amendment or deletion is disproportionate to the risks to the User’s privacy or if the rights of persons other than the User are or could be violated.
Please send requests for access, correction, amendment or deletion to firstname.lastname@example.org.
3.7. Recourse, Enforcement, and Liability
In compliance with the Data Privacy Framework Principles, Volt commits to resolve complaints about your privacy and our collection or use of your EU Personal Data. Please first contact Volt with inquiries or complaints regarding this Data Privacy Framework Policy at email@example.com.
Volt has further committed to refer unresolved privacy complaints under the Data Privacy Framework Principles to the International Centre for Dispute Resolution, an independent dispute resolution mechanism operated by the American Arbitration Association. If your complaint is not satisfactorily addressed, please visit https://go.adr.org/privacyshield.html for more information and to file a complaint. Please contact us at firstname.lastname@example.org to be directed to the relevant Data Protection Authority contacts.
Under certain conditions detailed in the Data Privacy Framework, a User may be able to invoke binding arbitration before the Data Privacy Framework Panel created by the U.S. Department of Commerce and the European Commission. To learn more, please see Data Privacy Framework Annex I: Arbitral Model at https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf.
Volt commits to periodically review and verify its compliance with the Data Privacy Framework Principles and to remedy any issues arising out of failure to comply with the Data Privacy Framework Principles. Volt acknowledges that its failure to provide an annual self-certification to the U.S. Department of Commerce will remove it from the Department’s list of Data Privacy Framework participants.
4. Changes to this Data Privacy Framework Policy
Volt may amend this Data Privacy Framework Policy consistent with the requirements of the Data Privacy Framework, including notice about any amendment.
5. How to Contact Volt
If you have any questions about this Data Privacy Framework Policy or would like to request access to your EU Personal Data, please contact us by:
Mail: Volt Athletics, Inc.
Attn: Data Protection Officer
1752 NW Market St., #4410
Seattle, WA 98107