UXPin EU-U.S. Privacy Shield Framework Policy

Effective Date: Nov 25, 2016

UXPin EU-U.S. Privacy Shield Framework Policy

UXPin, Inc., a Delaware corporation and its affiliates, including UXPin Sp. z o.o. a Polish company with business address at Aleja Grunwaldzka 186, 80-266 Gdańsk, Poland, TAX ID NO: PL5862274376, KRS: 0000400136 (“UXPin”) participate with the EU-U.S. Privacy Shield Framework (the “Privacy Shield”) as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union member countries to the United States. UXPin has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in the UXPin Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit www.privacyshield.gov.

UXPin’s participation in the Privacy Shield applies to all personal data that is subject to the UXPin Privacy Policy and is received from the European Union, European Economic Area. UXPin will comply with the Privacy Shield Principles in respect of such personal data.

UXPin’s accountability for personal data that it receives under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, UXPin remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process the personal data on its behalf do so in a manner inconsistent with the Principles, unless UXPin proves that it is not responsible for the event giving rise to the damage.

As further explained in the "Contacting Us" section of the UXPin Privacy Policy, we encourage you to contact us should you have a Privacy Shield-related (or general privacy-related) complaint. For any complaints that cannot be resolved with UXPin directly, UXPin has chosen to cooperate with EU data protection authorities (“DPAs”) and comply with the information and advice provided to it by an informal panel of DPAs in relation to such unresolved complaints (as further described in the Privacy Shield Principles). Please contact us to be directed to the relevant DPA contacts. As further explained in the Privacy Shield Principles, a binding arbitration option will also be made available to you in order to address residual complaints not resolved by any other means. UXPin is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC). UXPin may be required to disclose personal information that UXPin handles under the Privacy Shield in response to lawful requests by public authorities.