Digiscribe New England US-EU Safe Harbor

Digiscribe New England transforms the way companies manage and process their documents with document scanning services, document management software and workflow automation services. Companies rely on Digiscribe New England to improve process efficiencies and reduce costs throughout their organization. Digiscribe New England’s expertise includes document scanning, cloud and in-house document management services, PO Box/mailroom scanning services, workflow automation software, full-text OCR, e-forms and business process outsourcing. Services can be outsourced to Digiscribe New England’s Kodak-Certified processing facility, located just outside of Boston, or implemented on-site. Digiscribe New England is a sister company of New York-based Digiscribe International.

Digiscribe New England complies with the US-EU Safe Harbor Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries. Digiscribe New England has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view our certification page, please visit http://www.export.gov/safeharbor/

If there is any conflict between the policies in this privacy policy and the Principles, the Principles shall govern. This privacy policy outlines our general policy and practices for implementing the Principles, including the types of information we gather, how we use it and the notice and choice affected individuals have regarding our use of and their ability to correct that information. This privacy policy applies to all personal information received by Digiscribe New England whether in electronic, paper or verbal format.

Notice:

Digiscribe New England does not directly collect and use personal identifiable information (“PHI”). We may find ourselves in possession of PHI as a result of work for our clients. Our possession of such PHI is incidental to our primary tasks of document imaging. Digiscribe New England does not disclose PHI that might come into our possession in the course of processing and collecting document images.

When Digiscribe New England receives personal information from the EU (and other locations) for processing purposes, and does not directly control the collection of the information, Digiscribe New England does not typically provide notification to those individuals. However, Digiscribe New England is usually mandated by our client to hold that information in the strictest confidence. In those cases, Digiscribe New England reserves the right to process personal information in the course of providing services to our client without the knowledge of the individual(s) involved. Digiscribe New England never uses the information for a purpose other than it was provided to the company.

The above notwithstanding, personal information captured and contained in the Digiscribe New England servers and databases is never sold, licensed or distributed to any third parties except to vendors and suppliers for the purposes of processing the data on behalf of our clients.

When specifically requested to do so, Digiscribe New England will inform affected individuals about the purposes for which it receives and uses personal information about them, how to contact the company with any inquiries or complaints, the types of third parties to which it may disclose the information, and any choices that Digiscribe New England may offer individuals for limiting the information’s use and disclosure.

Choice:

Since Digiscribe New England does not collect personal information directly from individuals, we do not offer an opportunity to choose (opt out) whether their personal information is (1) to be disclosed to a third party or (2) to be used for a purpose other than the purpose for which it was originally collected.

Onward Transfer:

Digiscribe New England will only transfer personal information to third parties where we have Non Disclosure Agreements or other contracts in place, and where they have given assurances that they provide at least the same level of privacy protection as required by these Principles. Where Digiscribe New England has knowledge that a contracted third party is using or sharing personal information in a way that is contrary to the Principles, Digiscribe New England will take reasonable steps to prevent or stop such processing.

Security:

Digiscribe New England takes reasonable precautions to protect personal information from loss, misuse and unauthorized access, disclosure, alteration and destruction. Digiscribe New England has put in place appropriate physical, electronic and managerial procedures to safeguard and secure the information from loss, misuse, unauthorized access or disclosure, alteration or unwanted destruction. Digiscribe New England cannot guarantee the security of information on or transmitted via the Internet.

Data Integrity:

Digiscribe New England shall only process personal information in a way that is compatible with and relevant for the purpose for which it was collected or authorized by our corporate client. To the extent necessary for those purposes, Digiscribe New England shall take reasonable steps to ensure that personal information is accurate, complete, current and reliable for its intended use.

Access:

Digiscribe New England processes information under the guidance and direction of our corporate clients. Where appropriate, and with written permission from our corporate clients, Digiscribe New England will grant individuals reasonable access to correct, amend or delete inaccurate information, except where the burden or expense of providing access would be disproportionate to the risks to the privacy of the individual in the case in question or where the rights of persons other than the individual would be violated.

Enforcement:

Digiscribe New England utilizes the self-assessment approach to assure its compliance with its Safe Harbor privacy policy. Digiscribe New England periodically verifies that the policy is accurate, comprehensive for the information intended to be covered, prominently displayed, completely implemented, and accessible and in conformity with the Safe Harbor principles. Appropriate employee training is in place and internal procedures for periodically conducting objective reviews of compliance are in place. A statement verifying this self-assessment is signed by a corporate officer or other authorized representative of the organization at least once a year.

In compliance with the US-EU Safe Harbor Principles, Digiscribe New England commits to resolve complaints about your privacy and our collection or use of your personal information. European Union citizens with inquiries or complaints regarding this privacy policy should first contact Digiscribe New England at: mtaube@digiscribe.info or by calling Mitch Taube, President at (800) 686-7577.

Digiscribe New England has further committed to refer unresolved privacy complaints under the US-EU Safe Harbor Principles to an independent dispute resolution mechanism, the BBB EU SAFE HARBOR, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed by Digiscribe New England, please visit the BBB EU SAFE HARBOR web site at http://www.bbb.org/council/eusafeharbor/bbb-eu-safe-harbor-dispute-resolution-program for more information and to file a complaint.

Limitation on Application of the Safe Harbor Principles:

Digiscribe New England’s adherence to the Safe Harbor Principles may be limited to the extent expressly permitted by applicable law, rule or regulation.

Information Subject to Other Policies:

Digiscribe New England is committed to the above Safe Harbor principles for all personal information within the scope of the Safe Harbor agreement. However, certain information is subject to policies of Digiscribe New England that may differ in some respects from the general policies set forth in this privacy policy.