Last Revised: April 21, 2017
EU-US Privacy Shield
The U.S. Federal Trade Commission has jurisdiction over QuisLex’s compliance with the Privacy Shield.
“Personal Information” is information that can be used to identify you. Such information might include your name, social security number, mailing address, email address, telephone number, company, title, username and password. Personal Information does not include data that is de-identified, anonymous or publicly available.
“Sensitive Information” is Personal Information specifying medical or health conditions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership or sexual orientation.
Application of Policy
In connection with the services provided by QuisLex, QuisLex may receive, store and/or process Personal Information on behalf of clients and business partners. In such cases, QuisLex will process such Personal Information pursuant to the terms of any contracts with such client or business partner. In the event of a conflict between such contracts and the Privacy Shield with respect to EU/Swiss Personal Information, the Privacy Shield shall prevail. Any questions, comments or complaints about the data practices of one of QuisLex’s clients or business partners should be addressed to that client or business partner.
QuisLex’s website contains links to other websites. QuisLex is not responsible for the content or privacy practices of such other websites. Be aware when you leave QuisLex’s website and read the privacy policies of other websites that may collect your Personal Information.
QuisLex will not sell or rent to any third party any Personal Information that QuisLex collects.
QuisLex reserves the right to use Personal Information collected for any legitimate business purpose, including, but not limited to: (i) providing you the services you requested, (ii) communicating information about products or services, (iii) offering opportunities to become a QuisLex Personnel, (iv) responding to requests, (v) tracking compliance with the Terms and Conditions of Use of QuisLex’s website, (vi) analyzing the characteristics of visitors to our website, including applicants and clients/potential clients, and (vii) improving the services we offer.
Personal Information collected from QuisLex Personnel solely in the context of employment or contractor relationships is solely used for employment- or contractor- related purposes, as applicable.
Sensitive Information is generally only collected from QuisLex Personnel as (a) required by law (e.g., equal opportunity/anti-discrimination statutes) or (b) for employment purposes (e.g., offering of benefits), and will be used strictly for such purposes.
Disclosures of Information
QuisLex discloses Personal Information to third parties who reasonably need to know such Personal Information in connection with a contracted task or QuisLex business purpose, e.g., processing of benefits/payroll through third-party providers or credit/background checking. Such third parties contractually agree to similar protection of your Personal Information and limitation on the use of your Personal Information as QuisLex provides. To the extent the Privacy Shield applies, the following also apply: (i) such third parties contractually agree to at least the level of protection as QuisLex is required by the Privacy Shield to obtain from such third parties, (ii) QuisLex will obtain your prior approval for disclosure to third parties of any Sensitive Information where such approval is required under the Privacy Shield, and (iii) QuisLex remains liable under the Privacy Shield if its agent processes Personal Information in a manner inconsistent with the Privacy Shield, unless QuisLex proves that it is not responsible for the event giving rise to the damage.
Other Data Received from Website Visitors
QuisLex collects the domain names and IP addresses of the visitors to its website. This information is generally used for purposes such as measuring the number of visitors to QuisLex’s website, average time spent by each visitor, pages viewed by each visitor, tracking each visitor’s use of the website, and ensuring compliance with the Terms and Conditions of our website.
QuisLex uses “cookies” on its website. A cookie is a piece of data stored on a website visitor's system that helps improve your access to the website and identify repeat visitors. Cookies can also enable QuisLex to track and target the interests of users to enhance their experience on QuisLex’s website. You can disable or remove any cookies already stored on your computer, but these may stop QuisLex’s website from functioning properly.
QuisLex has reasonable and appropriate measures in place to protect against the loss, misuse and unauthorized access, disclosure, alteration, and destruction of Personal Information.
QuisLex is ISO/IEC 27001 certified for its information security, is audited under the SSAE16 standard and employs various physical, administrative, and technical measures to maintain the confidentiality and security of Personal Information and other confidential information, including by (i) educating and training QuisLex Personnel and keeping QuisLex Personnel up-to-date on its security and privacy practices, (ii) keeping such information in its offices and storing such information on its servers in a secure environment, with appropriate security measures, and (iii) only granting access to such information to individuals who need the information to perform a specific, authorized task.
“Biometric Data” is Personal Information stored by QuisLex about an individual’s physical characteristics that can be used to identify that person. Biometric Data can include fingerprints, voiceprints, facial shape, retinal scans, or scans of hand or face geometry.
QuisLex’s policy is to protect and store Biometric Data in accordance with applicable laws including, but not limited to, the Illinois Biometric Information Privacy Act.
QuisLex does not obtain Biometric Data from any individual in the State of Illinois or use the Biometric Data of any individual to access a QuisLex location in the State of Illinois without the prior written consent of the individual. QuisLex will inform such individuals of the reason Biometric Data is being collected and the length of time the data will be stored.
QuisLex will not sell, lease, trade or otherwise profit from an individual’s Biometric Data.
Biometric Data of an individual will not be disclosed by QuisLex to any third party unless (i) consent of the individual is obtained, (ii) disclosure is necessary to complete a financial transaction requested or authorized by the individual, (iii) disclosure is required by law, or (iv) disclosure is required by subpoena.
Biometric Data will be stored using a reasonable standard of care for QuisLex’s industry and in a manner that is the same or exceeds the standards used to protect other non-encrypted confidential information held by QuisLex.
With respect to Biometric Data of individuals that QuisLex believes in good faith may require future access to QuisLex biometrically-protected locations, QuisLex destroys such Biometric Data within 3 years of the individual's last interaction with QuisLex. QuisLex destroys other Biometric Data when the initial purpose for obtaining or collecting such Biometric Data has been fulfilled (e.g., an employee is terminated by QuisLex).
You may request to opt out from QuisLex’s use of your Personal Information that you previously provided to QuisLex by sending such request to firstname.lastname@example.org. QuisLex may comply with such requests to the extent that QuisLex does not have a legitimate business purpose for continuing to use such Personal Information, such as maintaining employment records.
Access, Change or Delete Information
To protect your privacy and security, QuisLex will take reasonable steps to verify your identity before granting access to your Personal Information. In addition, QuisLex may limit or deny access to Personal Information, including, without limitation where providing such access would be burdensome or expensive or where such information is legally privileged, in each case other than with respect to EU/Swiss Personal Information where such access is required under the Privacy Shield.
QuisLex’s website is not intended for use by children. QuisLex does not knowingly solicit or collect Personal Information from children under the age of 13. If you are under the age of 18, you must obtain the consent of your parent or guardian to use QuisLex’s website. QuisLex encourages parents and guardians to take an active role in their children’s online activities and interests.
Enforcement and Dispute Resolution
With regard to Personal Information that is human resource data and transferred from the EU or Switzerland, as applicable, in the context of the employment relationship, QuisLex is committed to cooperating with competent EU data protection authorities and the Swiss Federal Data Protection and Information Commissioner’s authority, as applicable, and to complying with the direction given by such authorities with regard to such Personal Information.
In compliance with the Privacy Shield, QuisLex commits to (i) respond to questions and resolve complaints sent to email@example.com about your privacy under the Privacy Shield and QuisLex’s collection/use of your EU/Swiss Personal Information, and (ii) refer unresolved complaints under the Privacy Shield to an independent dispute resolution mechanism operated by JAMS. If (a) you do not receive a timely acknowledgement to such a question/complaint submitted to QuisLex or (b) such question/complaint is not satisfactorily addressed by QuisLex, visit https://www.jamsadr.com/eu-us- privacy-shield for more information and to file a complaint. If you reside in the EU or Switzerland, you may pursue binding arbitration in certain circumstances as described in the Privacy Shield.
For Personal Information not covered by the Privacy Shield, you should address any concerns you have to firstname.lastname@example.org.
When required under the Privacy Shield, QuisLex will notify you if your EU/Swiss Personal Information will be used for a purpose that is materially different from the purposes for which it was originally collected or subsequently authorized by you and you may opt out of such usage. QuisLex will not use your Sensitive Information that is EU/Swiss Personal Information for a purpose that is different from the purposes for which it was originally collected or subsequently authorized by you until any opt in from you to such usage that is required under the Privacy Shield is obtained.