Diamax Information Systems Corporation (“Diamax,” “we,” “us,” or “our”) is a participant of the EU-US and Swiss-US Privacy Shield Frameworks, and adheres to the Privacy Shield Principles as designed by the U.S. Department of Commerce. To learn more about these frameworks and the associated Data Protection Authorities visit www. privacyshield.gov, and to verify our membership visit the Privacy Shield List.
In addition to demonstrating compliance with the Privacy Shield Frameworks, this policy is designed to help you understand what kinds of data is being used, how we treat that data, and some of the services and media used in capture and handling of that information. For a more thorough understanding of different laws and policies regarding your information, data, and rights, you are encouraged to visit the primary legal resource appropriate to your jurisdiction.
Data Controller- A data controller means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
Third Party-means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data.
EU Data Subjects
Scope- This section applies if you are an individual located in the European Union (“EU”) (“EU Data Subject”). For these purposes, reference to the EU also includes the European Economic Area countries of Iceland, Liechtenstein and Norway and, where applicable, Switzerland.
The rights described above may be limited by local laws. Further, your right of access and deletion is not absolute and may not be available if fulfillment of such right would, among other things:
Diamax is a Software as a Service company and Data Processor that provides data processing services to our clients, both solely and in conjunction with other data processing services. The types of Personal Data collected for processing is dependent upon what the Data Controller collects and what they send to us for Data Processing. The collection of Personal Data may not be equivalent with the data we process, so interested individuals should contact their applicable Data Controller to get specifics about collection of Personal Data.
Generally, Personal Data sent to us for processing includes data such as names, phone numbers, company name, job titles, email addresses, etc.; and is derived from customers, partners, vendors, and employees of our client.
Generally, our clients collect personal data through voluntary divulgence, third party publicly available databases or services, third party private purchases, third party nomination or submission, and automatically collected data (cookies, IP/URL tracking, etc.).
Generally, data processing is used for providing member services and support, marketing, profiling (including user experience and design), and integration with Third Parties.
Inquiries or Complaints
When you make a request, we may verify your identity to protect your privacy and security.
Mailing Address: ATTN: Data Protection Officer
Diamax Information Systems
1934 Old Gallows Road, Suite 350
Tysons Corner, VA 22182
Third Party Disclosure
Diamax uses a limited number of third-party service providers, which may include services centered around support, network and technical operations, as well as online shopping and Targeted Advertising. The specific Third Parties Diamax contracts with are dependent upon the Data Controller and the specific requirements for integrations and Third Party usage stipulated in their contract.
In these cases where an Onward Transfer of your personal data occurs, Diamax does so under the standards for EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield programs, which require us to follow the Privacy Shield Principles of notice, choice, accountability for onward transfers, security, data integrity, and purpose limitation, access, recourse, enforcement, and liability.
In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
An individual may be allowed to invoke binding arbitration to resolve disputes under certain limited conditions.
If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See: Privacy Shield Annex.
Linked Websites: Diamax provides links to third party websites operated by organizations not affiliated with Diamax. Diamax does not disclose your information to organizations operating such linked third party websites. Diamax does not review or endorse, and is not responsible for, the privacy practices of these organizations. We encourage you to read the privacy statements of each and every website that you visit. This Privacy Statement applies solely to information collected by or given to Diamax on behalf of the Data Collectors.
Rights of Individuals to Access their Data
Diamax acknowledges the rights of EU individuals to access their Personal Data and limit the use and disclosure of it. Diamax respects individual data rights and has committed to them through the Privacy Shield Frameworks. Upon reasonable request to rectify, edit, request access, or limit disclosure of your Personal Data, you may contact Diamax with your request and specific Data Controller, and we will contact them about responding to your request. Likewise, you can directly contact your Data Controller and they can contact us about your requests. We will respond to requests as required and within 30 days.
Choices for Limiting Disclosure of Personal Data
As a Data Processor Diamax is limited in its ability to delete or alter any information entrusted to us by any person organization other than the authorized Data Controller or government authority. Individuals concerned about disclosure of their Personal Data should look at the specific disclosure terms of their Data Controller. The Data Controller should have direct marketing, cookie, and other “opt-out” features to allow individuals to control the disclosure and erasure of Personal Data.
In cases where Personal Data is deemed to have been unlawfully collected or a material breech of the Data Controller’s stated policies have occurred, Diamax may be obligated to alter Personal Data to remain in compliance with the Privacy Shield Principles.
How We Secure Information
Diamax implements security measures and systems to ensure confidentiality, integrity, and availability of our data. Our team follows industry standard best practices and protocols which include, but are not limited to, Security Audits, Encryption, and Limiting Data Access. For a more comprehensive look at our security policies, please visit our Security Policy page.
Your Responsibilities: Please recognize that protecting your Personal Data is also your responsibility. We ask you to be responsible for safeguarding your password, and other authentication information you use to access our Services. You should not disclose your authentication information to any third party and should immediately notify Diamax of any unauthorized use of your password. Diamax cannot secure Personal Information that you release on your own or that you request us to release.
Your information collected through the Service may be stored and processed in the United States or any other country in which Diamax or its subsidiaries, affiliates or service providers maintain facilities and, therefore, your information may be subject to the laws of those other jurisdictions which may be different from the laws of your country of residence.
Diamax is committed to protecting the privacy of children as well as adults. While Diamax Technologies are not purchased or licensed by anyone under the age of 18, some Data Collectors target audience may be children. In these cases, a review of the site to make sure that they are COPPA (Children’s Online Privacy Protection Act) and GDPR compliant is undertaken.
Diamax’s commitments under the Privacy Shield are subject to the investigatory and enforcement powers of the United States Federal Trade Commission.
Third Party Arbitration
In the event of a complaint that requires third party arbitration, a complaint may be filed here https://www.jamsadr.com/file-an-eu-us-privacy-shield-claim with JAMS Mediation, Arbitration, and ADR Services (https://www.jamsadr.com/eu-us-privacy-shield)