Enprecis Safe Harbor Privacy Policy

Enprecis, Inc.

Safe Harbor Privacy Policy

Enprecis, Inc. ("Enprecis") has elected to self-certify to the U.S. Department of Commerce that it adheres to the Safe Harbor Privacy Principles and the Frequently Asked Questions (collectively, the "Safe Harbor Principles") established by the U.S. Department of Commerce. Enprecis' compliance under the Safe Harbor Principles assures our clients who transmit personal information from the European Union to Enprecis that Enprecis provides "adequate" privacy protection for covered data, as defined and required by the European Commission's Directive on Data Protection.

Enprecis performs software implementations, data conversions and other services for its clients. Enprecis also hosts vehicle sales and quality information in the United States for its hosted and subscription clients. Enprecis acts as a data processor and does not control or monitor its clients' data. Enprecis' clients determine which data elements are included in their vehicle sales information systems and whether each data element is populated for customers in various countries. With the exception of performing data imports or as otherwise directed by its clients, Enprecis does not collect or enter data into its clients' software systems. At the direction of its clients, Enprecis may transmit data to third parties for interfacing or integration purposes with third-party software products. Any access to or use of client data by Enprecis is incidental to Enprecis performing its contractual obligations to its clients as a processor.

The Safe Harbor is governed by seven main principles. Enprecis complies with each principle in the following manner:

1. Notice. In instances where demographic information is collected by Enprecis, Enprecis displays an informational message about this data collection prior to the customer being asked any questions.

2. Choice. In any instances where personal information is requested by Enprecis, all such requests for personal information are presented as "optional," and these requests do not need to be answered. This gives individuals the choice to provide or not to provide personal information.

3. Onward Transfer. Enprecis occasionally transfers personal information to third parties that act as agents for its clients (with regard to interfacing or integration with third-party software products) or as agents for Enprecis (with regard to software implementations). When Enprecis transfers personal information in a situation as described above, Enprecis either ascertains that the third party subscribes to the Safe Harbor Principles or is subject to the European Union's Directive on Data Privacy or another adequacy finding, or enters into a written agreement with the third party requiring the third party to provide at least the same level of privacy protection as is required by the relevant principles.

4. Access. Enprecis' clients' customers may access and change their personal information using access control procedures established by Enprecis' clients. Enprecis maintains a 'read-only' interface regarding any personal information that is maintained about our clients' customers.

5. Security. Security is important to Enprecis and its clients. Accordingly, Enprecis takes significant security precautions to protect personal information from loss, misuse and unauthorized access, disclosure, alteration and destruction. Enprecis employs the security measures prescribed by each client, including various encryption methodologies and encrypted transfer protocols (https, ftps, etc.).

6. Data Integrity. Enprecis does not access or use the personal information provided by its clients or clients' customers for any purposes other than those stated in contractual obligations with its clients.

7. Enforcement. Individuals who believe that Enprecis has violated any Safe Harbor Principles or this Safe Harbor Privacy Policy should send a written notice to Enprecis' Chief Executive Officer at 1424 4th Avenue, Suite 1015, Seattle, WA 98101, USA, or by emailing info@enprecis.com. The notice should detail the nature of the suspected violation. If a complaint is not adequately addressed by Enprecis, the individual may contact the appropriate European Data Authorities for resolution.

Enprecis reserves the right to change this Safe Harbor Privacy Policy at any time in accordance with the Safe Harbor Principles.

For more information about our commitment to privacy, please see our Privacy Policy.

Enprecis complies with the U.S.-EU Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries. Enprecis has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view Enprecis’s certification, please visit http://www.export.gov/safeharbor/.