US/EU Safe Harbor Notice

Global Digital Forensics (“GDF”) is a United States-based corporation which adheres to the US/EU Safe Harbor Framework for personally identifiable information (“PII”) relating to its clients and its work. This Safe Harbor Notice (the “Notice”) sets forth the privacy principles followed by GDF in connection with the transfer and protection of PII received from the European Union (“EU”) or Switzerland.

Mission Statement

GDF is a self-certifying company which complies with the U.S.-EU Safe Harbor Framework and the U.S.-Swiss Safe Harbor Framework (collectively the “Framework”) as set forth by the U.S. Department of Commerce. GDF conforms to the Framework regarding the collection, use, and retention of personal information from European Union member countries and Switzerland. GDF has certified that it adheres to the Safe Harbor Privacy Policy of notice, choice, onward transfer, security, data integrity, access, and enforcement. Information regarding the Framework and information regarding GDF’s certification are available at http://www.export.gov/safeharbor

About the Safe Harbor Framework

Established in June 2000, the “Safe Harbor” was a joint project of the United State Department of Commerce and the European Commission. The goal of Safe Harbor was to provide a regimen for transferring personal information from the EU to companies in the Unites States. Since certain EU privacy standards are more stringent than those in the United States, companies which adhere to the Safe Harbor Framework take on additional responsibilities with respect to PII.

“PII” relates to natural persons and includes such information as: name, address, telephone number, email address, photograph, or other identifying characteristic. PII does not include encrypted, coded or otherwise “neutral” data which cannot be tied to a particular person.

Scope

PII transferred from countries in the EU or Switzerland to the United States in connection with GDF is covered by this notice. It applies to PII in any format, electronic or otherwise.

Safe Harbor Privacy Principles

The following privacy principles apply to the transfer, collection, use or disclosure of personal information from the EU by GDF.

Operations Notice:

GDF conducts its business pursuant to a contract called a Client Services Agreement (“CSA”). GDF does not specifically collect information regarding individuals pursuant to the work performed under a CSA. GDF does not share PII with any third parties and does not collect information for any purposes other than those outlined in its CSA (or an accompanying Statement of Work pursuant to a CSA). GDF’s CSA provides specific descriptions of its responses to governmental and/or judicial demands for information and GDF complies with all municipal, state and federal laws regarding its collection and use of PII.

Data Security:

GDF employs all reasonable and prudent safeguards with respect to its data, its clients’ data and any other data GDF receives in the course of business.
Access and Correction: Upon written request to GDF, GDF will provide EU individuals with reasonable access to their PII. GDF will also take reasonable steps to allow EU individuals to review their information for the purposes of correction. GDF adheres to all grants and limitations of access, as set forth in the US Department of Commerce’s Safe Harbor website: http://www.export.gov/safeharbor/

Recourse:

GDF maintains internal protocols to verify its compliance. GDF’s privacy officer will address any questions or concerns and will seek to resolve any disputes. GDF has committed to further dispute resolution proceedings as necessary and proper under the Framework and as required by US/EU law.

Contact Information:

Questions or comments about this Notice should be directed to:
GDF, Inc.
2838 Long Beach Rd.
Oceanside, NY 11572
Attn: Michael P. Reynolds, JD