Minitab commits to comply with the Privacy Shield Principles with respect to the EU Personal Data received from Customers and Users in connection with the use of the Services. This Privacy Shield Policy does not apply to EU Personal Data transferred under Standard Contractual Clauses or any approved derogation under EU data protection law.
Privacy Shield Principles
Minitab commits to processing EU Personal Data in accordance with the Privacy Shield Principles as follows:
- 1. Notice
- 2. Choice
Before Minitab uses EU Personal Data for a purpose that is materially different than the purpose for which Minitab collected it or that was later authorized, we will provide Users with the opportunity to opt out. When we collect Sensitive Personal Data, we will obtain opt-in consent if Privacy Shield requires, including if we disclose Sensitive Personal Data to third parties or before Sensitive Personal Data is used for a different purpose than that purpose for which it was collected or later authorized.
To request to limit the use and disclosure of your EU Personal Data, please submit a written request to DPO@minitab.com.
- 3. Accountability for Onward Transfer
Under certain circumstances, Minitab may be required to disclose EU Personal Data in response to valid requests by public authorities, including for national security or law enforcement requirements.
Minitab remains liable under the Privacy Shield Principles if an agent processes EU Personal Data covered by this Privacy Shield Policy in a manner inconsistent with the Principles unless Minitab proves that it is not responsible for the event giving rise to the damage.
- 4. Security
Minitab takes reasonable and appropriate measures to protect EU Personal Data covered by this Privacy Shield Policy from loss, misuse and unauthorized access, disclosure, alteration and destruction. In determining these measures, Minitab takes into account the risks involved in the processing and the nature of the EU Personal Data.
- 5. Data Integrity and Purpose Limitation
Minitab takes reasonable steps to ensure that such EU Personal Data is reliable for its intended use, accurate, complete and current. Minitab adheres to the Privacy Shield Principles for as long as it retains EU Personal Data in identifiable form. Minitab takes reasonable and appropriate measures to comply with the requirement under the Privacy Shield to retain EU Personal Data in identifiable form only for as long as it serves a purpose of processing.
Minitab limits the collection of EU Personal Data covered by this Privacy Shield Policy to information that is relevant for the purposes of processing. Minitab does not process EU Personal Data in a way that is incompatible with the purpose for which it was collected or subsequently authorized by a User.
- 6. Access
A User whose EU Personal Data is covered by this Privacy Shield Policy has the right to access his or her EU Personal Data and to correct, amend or delete the EU Personal Data if the EU Personal is inaccurate or processed in violation of the Privacy Shield Principles. Minitab is not required to grant the rights to access, correct, amend and delete EU Personal Data if the burden or expense of providing access, correction, amendment or deletion is disproportionate to the risks to the User’s privacy or if the rights of persons other than the User are or could be violated.
Please send requests for access, correction, amendment or deletion to DPO@minitab.com.
- 7. Recourse, Enforcement, and Liability
With respect to personal data received or transferred pursuant to the Privacy Shield Frameworks, Minitab is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission.
In compliance with the Privacy Shield Principles, Minitab commits to resolve complaints about your privacy and our collection or use of your EU Personal Data transferred to the United States pursuant to Privacy Shield. European Union and Swiss individuals with Privacy Shield inquiries or complaints should first contact Minitab with inquiries or complaints regarding this Privacy Shield Policy at DPO@minitab.com.
Minitab has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers for more information and to file a complaint. This service is provided free of charge to you.
If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction
Minitab commits to periodically review and verify its compliance with the Privacy Shield Principles and to remedy any issues arising out of failure to comply with the Privacy Shield Principles. Minitab acknowledges that its failure to provide an annual self-certification to the U.S. Department of Commerce will remove it from the Department’s list of Privacy Shield participants.
Changes to this Privacy Shield Policy
Minitab may amend this Privacy Shield Policy consistent with the requirements of the Privacy Shield, including notice about any amendment.
How to Contact Minitab
If you have any questions about this Privacy Shield Policy or would like to request access to your EU Personal Data, please contact us as follows:
Attention: Data Protection Office
1829 Pine Hall Road
State College, PA 16801 USA