EU Safe Harbour Policy

Definitions

The follow definitions apply to the Safe Harbor Privacy Policy:

Personal Information:
Information provided by registered users to Gyst, Inc. from the European Union about an individual or could be used to identify an individual.

Sensitive Information:
Information that reveals race, ethnic origin, sexual orientation, political opinions, religious or philosophical beliefs, or trade union membership, or that concerns an individual’s health.

Data Controller:
The entity that alone or jointly with others determines the purposes and the means of the processing of Personal Information.

Data Processor:
The entity that processes Personal Information on behalf of a Data Controller in accordance with the instructions from or contractual obligations with the Data Controller.

Notice
Gyst, Inc. does collect a limited set of Personal Information directly from subscribers during the product registration process. Gyst, Inc. has informed its subscribers based in the European Union on the applicable data protection laws. Gyst, Inc. Safe Harbor certification does not extend beyond its direct relationship with the registered party.

Choice
Gyst, Inc does use the limited subscriber Personal information for its own internal marketing / product update email campaigns but offers the subscribers the opportunity, during the registration process to choose (opt out) whether their personal information is to be used for this purpose.

Gyst, Inc. does not share or disclose any information received from its subscribers and hosted in the SaaS environment. Gyst, Inc. treats all information received from its subscribers as sensitive.

Transfer To Third Parties
Gyst, Inc. does not disclose, offer or distribute for use, any Personal Information to any third party companies

Security
Gyst, Inc implements reasonable security measures and precautions to protect Personal and Sensitive Information from loss, misuse and unauthorized access, disclosure, alteration and destruction. Security includes logical and physical access controls for user access to Personal Information

Data Integrity
Gyst, Inc. does not process Personal Information in a way that is incompatible with the instructions provided by the subscriber, the Data Owner. Gyst, Inc. takes reasonable steps to ensure that data is reliable for its intended use, accurate, complete, and current, pursuant to the SaaS services.

Access
Gyst, Inc. will provide reasonable assistance to its subscribers to provide access to Personal Information that it holds on behalf of its subscribers and will take reasonable steps to assist in permitting the individuals the ability to correct, amend, or delete any Personal Information which is inaccurate or incomplete. We will respond to any requests for Personal Information within 30 days.

Enforcement
Annual compliance reviews of the Privacy Policy will be performed by an independent, external third party as part of the certification process with the U.S. Department of Commerce.

If a complaint regarding Gyst, Inc, use of Personal Information is raised by an individual protected by the European Union data protection laws Gyst Inc. will investigate and try to resolve any dispute. If the dispute cannot be resolved, you can contact TRUSTe at http://watchdog.truste.com/pvr.php?page=complaint


Certification
The United States Department of Commerce and the European Commission have agreed on a set of data protection principles and frequently asked questions to enable U.S. companies to satisfy the requirement under European Union law that adequate protection be given to personal information transferred from the EEA to the United States (the “U.S.-EU Safe Harbor”).

The EEA also has recognized the U.S.- EU Safe Harbor as providing adequate data protection (OJ L 45, 15.2.2001, p.47). The United States Department of Commerce and the Federal Data Protection and Information Commissioner (FDPIC) of Switzerland have agreed on a similar set of principles and frequently asked questions to enable U.S. companies to satisfy the requirement under Swiss law that adequate protection be given to personal information transferred from Switzerland to the United States (the “U.S.-Swiss Safe Harbor”).

Consistent with its commitment to protect personal privacy, Gyst, Inc. adheres to the principles set forth in the U.S.- EU Safe Harbor and the U.S.-Swiss Safe Harbor (the “Safe Harbor Principles”).