Privacy Shield Policy
INSZoom.com Inc., is an online product and service catering to its customers via website application portal, with a clientele in USA. In the process of service provisioning, personal information is stored or processed on the internet based cloud information technology infrastructure, which falls under the jurisdiction of United States, while the data contains personal information of individuals who may be based out of non-American /European region. INSZoom.com Inc sees this as a reason to comply to the Privacy Shield Principles framework.
INSZoom.com Inc., complies with the EU-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries. INSZoom.com Inc., adheres to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability. For all conflicts, disputes and concerns the Privacy Shield Principles shall be strictly followed. The principles are stated at http://www.privacyshield.gov
“INSZoom.com Inc.,” means INSZoom.com Inc., USA and its predecessors, and successors.
“PII” or “Personally Identifiable Information” or Personal information” means information that identifies or reasonably may identify a natural person. In addition, INSZoom.com Inc., reserves all rights to use public information or information as to which an individual has given explicit consent for use, consistent with the Privacy Shield Principles.
Customer means the law firms and corporate organizations that subscribe to the services provided by INSZoom.com Inc.,
End-user means the individuals who are customers of the customers’ of INSZoom.com Inc., who use the online product and thus give out their personally identifiable information (PII).
“Third Party” or “vendor” means any entity which is not part of INSZoom.com Inc., that processes, collects, or uses personal information pursuant to the instructions of, and solely for the benefit of, INSZoom.com Inc., or to which INSZoom.com Inc., discloses personal information for use on its behalf, under a non-disclosure agreement.
Intended use/purpose – the information collected by INSZoom.com Inc., customers’ and end-users is for the purpose of service providing, whereby the entities providing the details are applying for visa for foreign travel or the related immigration matter. All information pieces are collected solely for this usage and not for any other purpose.
INSZoom.com Inc., is contracted by its clients to leverage the products and services provided. The data processing may involve the storing and processing of customers’ personal data for the purpose of business application functionality. The reasons also may include after sales support, business application problem resolution, functionality improvement etc. During that process, information collected may include personal information about an individual. INSZoom.com Inc., collects this information purely for the application’s functionality and hence does not have control on how the clients treat their employees’ and customers’ personal information. A notice of this fact shall be included in the contracts and/or non-disclosure agreement which is signed by INSZoom.com Inc., and the customers.
As a part of service and support, INSZoom.com Inc., shall not voluntarily collect information directly, while it merely shall act as a data store, data processor for its clients. Abiding to Privacy Shield principals, INSZoom.com Inc., shall let the customers choose via an opt-in/opt-out policy, whether or not they wish to provide their personal information. Furthermore, INSZoom.com Inc., shall abide to the policy that only the required sensitive personal information shall be collected to serve the purpose of services offered, and no data, sensitive or otherwise, shall be collected other than for the required purpose.
ACCOUNTABILITY FOR ONWARD TRANSFER:
As per the nature of its business, INSZoom.com Inc., shall not transfer the collected information to any entity for any reason. Customers of INSZoom.com Inc., however, collect the information from the end-users and transfer it to USCIS only for the intended purpose of applying for visa or leverage the related services as provided by USCIS.
In the case of following situations, INSZoom.com Inc., is legally bound to allow an onward transfer of the data while still being responsible for the privacy. Those situations are –
- Law enforcement agencies (Policy, court of law) ask for information, wherein the requests are stemming out of a situation that concerns safety and security of the country.
INSZoom.com Inc., has implemented reasonable information security controls, including technical, physical, and administrative measures and training, as appropriate, to protect personal information from loss, misuse, and unauthorized disclosure, access, alteration, and destruction. Latest and widely accepted industry standards are used to create a robust framework which helps establish security standards and periodically assesses new technology for methods of protecting information. While INSZoom.com Inc., cannot guarantee the security of personal information, it ensures a continual review and improvement in the framework governance to ensure that INSZoom.com Inc., data security is at par with the latest standards and practices in the industry.
To ensure strict control on the data privacy governance, INSZoom.com Inc., has implemented following frameworks and measures.
- ISO27001:2013 Policy and Procedures for
- Designated CISO / Data Protection Officer
- Database level strong encryption for data-at-rest security
Besides above, INSZoom.com Inc., ensures adequate management support to empower their key personnel designated to manage these frameworks via formal periodic trainings and review processes, to ensure a continuous improvement.
DATA INTEGRITY AND PURPOSE LIMITATION:
INSZoom.com Inc., shall provide a mechanism to its customers, who collect data from the end-users. It shall be strictly ensured that the collected data is purely for the intended purpose and its processing as well as the general usage is relevant to the intended purpose. The data collected, shall be secured and protected by implementing a framework consisting of security policy and standard operating procedures. By managing this framework, INSZoom.com Inc., shall assure reasonable measures to ensure that personal information, maintains its relevance to for its intended use only, is reliable for its intended use, is accurate, is complete, and is current. This shall apply to the electronic data at rest (residing at INSZoom.com Inc., premises and hosting facilities), as well as data in transit (flowing between the hosting facilities and the external world including customers). This applies to the entire time limit for which the data is with INSZoom.com Inc.
The purpose limitation however shall not be applicable if the information is already made public, or is being asked for compliance and/or legal purposes, including but not limited to fraud investigation and prevention.
INSZoom.com Inc., product which stores personal information, are equipped with features which lets an individual see and know about their personal information being stored. This is achieved by providing a controlled and yet easily maneuverable access to their profiles page. Upon a request, the access is provided to the customers and end-users, which gives them an opportunity to correct, amend, or delete inaccurate information. To receive information about any disputes or grievances or escalations, the customers can use the contacts and address page of this document
This clause also applies to the personal data, which is collected by INSZoom.com Inc., customers from their customers (who are and referred to as end-users). INSZoom.com Inc., expects and contractually mandates that its customers shall sign contracts with their customers (end-users) and shall duly inform them, that their personal information or at least some part of it, is being stored at INSZoom.com Inc., via electronic and/or non-electronic means.
In situations where in an end-user approaches INSZoom.com Inc., directly, for security and business purposes, INSZoom.com Inc., shall co-ordinate such a response with the respective customer responsible for collecting the end-user’s personal data under the supervision of INSZoom direct customers whom the end user belongs to. INSZoom.com Inc., may limit or deny access to personal information where providing such access would be unreasonably burdensome or expensive under the circumstances or as otherwise permitted by the Privacy Shield Principles.
RECOURSE, ENFORCEMENT AND LIABILITY:
INSZoom.com Inc., shall follow a well defined incident management procedure to provide appropriate means of communication upon disputes regarding the access and usage of personal information. By that procedure, INSZoom.com Inc., shall escalate, content, resolve and investigate the matter and take corrective and preventive actions. Any questions, concerns, or complaints concerning the collection and use of personal information by INSZoom.com Inc., shall be directed to appropriate personnel whose contact details are available at the contacts and address page of this document
INSZoom.com Inc., shall conduct a reasonable investigation and will attempt to resolve any complaints in accordance with the principles contained in this Statement. For complaints that cannot be resolved between INSZoom.com Inc., and the complainant, INSZoom.com Inc., agrees to participate in the dispute resolution procedures pursuant to the Privacy Shield Principles.
Questions or comments regarding this Policy should be submitted to INSZoom.com Inc., by mail to:
2603 Camino Ramon, Suite 375
San Ramon, California 94583
Tel: 925 244 0600
For more information about INSZoom Privacy Shield Policy please email us at PrivacyShield@inszoom.com or submit your request here.