Privacy Shield Policy
Last updated: August 6, 2020
Privacy Shield Principles
If you are a User, Custodia may act as an agent for you in relation to the Personal Data that you provide or make available to Custodia.
In its role as a controller and as required by applicable law, Custodia generally offers any individual, regardless of geography (“Users”) the opportunity to choose whether their Personal Data may be (i) disclosed to third-party controllers or (ii) used for a purpose that is materially different from the purposes for which the information was originally collected or subsequently authorized by the relevant User. To the extent required by the Privacy Shield Principles, Custodia obtains opt-in consent for certain uses and disclosures of sensitive data. Users may contact Custodia as indicated below regarding Custodia’s use or disclosure of their Personal Data. Unless Custodia offers Users an appropriate choice, Custodia uses Personal Data only for purposes that are materially the same as those indicated in this Policy.
3. Data Integrity and Purpose Limitation
We only collect Personal Data that is relevant to providing our Services. We process Personal Data compatible with us providing the Services or as otherwise notified to you. We take reasonable steps to ensure that the Personal Data received under the Privacy Shield is needed for Custodia’s Services, accurate, complete, and current.
4. Accountability for Onward Transfers
Except as permitted or required by applicable law and in accordance with Custodia’s role as a controller or processor, Custodia provides Users with an opportunity to opt out of sharing their Personal Data with third-party controllers. Custodia requires third-party controllers to whom it discloses the Personal Data of Users to contractually agree to (a) only process the Personal Data for limited and specified purposes consistent with the consent provided by the relevant User, (b) provide the same level of protection for Personal Data as is required by the Privacy Shield Principles, and (c) notify Custodia and cease processing Personal Data (or take other reasonable and appropriate remedial steps) if the third-party controller determines that it cannot meet its obligation to provide the same level of protection for Personal Data as is required by the Privacy Shield Principles.
We may also need to disclose Personal Data in response to lawful requests by public authorities, for law enforcement or national security reasons, or when such action is necessary to comply with a judicial proceeding or court order, or when otherwise required by law. We do not offer an opportunity to opt out from this category of disclosure.
5. Data Security
We use reasonable and appropriate physical, electronic, and administrative safeguards to protect Personal Data from loss, misuse and unauthorized access, disclosure, alteration and destruction, taking into account the nature of the Personal Data and the risks involved in processing that information.
6. Access to Personal Data
When Custodia acts on behalf of its Users, Custodia will assist Users in responding to individuals exercising their rights under the Privacy Shield Principles.
7. Recourse, Enforcement and Dispute Resolution
In compliance with the Privacy Shield Principles, Custodia commits to resolve complaints about our collection or use of your personal information. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Custodia by email at firstname.lastname@example.org, or please write to the following address:
ATTN: Data Collection and Privacy
143 W. 20th Street, #10S
New York, NY 10011
Custodia has further committed to refer unresolved Privacy Shield complaints to JAMS, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please visit https://www.jamsadr.com/submit/ for more information or to file a complaint. The services of JAMS are provided at no cost to you. A binding arbitration option may also be available to you in order to address residual complaints not resolved by any other means. Custodia is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (“FTC”) and Custodia acknowledges liability in cases of onward transfers to third parties.
If you have any questions or concerns, please write to us at the address listed above. We will investigate and attempt to resolve complaints and disputes regarding use and disclosure of Personal Data in accordance with the Privacy Shield Principles.
In the event we are unable to resolve your concern, you may contact JAMS, which provides an independent third-party dispute resolution body based in the United States.
Changes to this Privacy Shield Policy