Arise Respects and Protects Your Personal Privacy.
What information does Arise collect from you?
You can visit our site without having to tell us who you are or reveal any identifiable personal information to us. It is only when you register on this Web site as a Vendor and/or Client Support Professional that you will be asked to provide us with identifiable personal information directly relevant to registering as a Vendor and/or Client Support Professional.
Whenever you visit this Web site, even if you have not registered as a Vendor and/or Client Support Professional, our web server automatically logs your IP address. We may analyze the IP address data for trends and statistics about Web traffic to this site. We may also use this data to help diagnose any problems with our server and to administer this Web site. Unless you register as a Vendor and/or Client Support Professional, we do not link IP Addresses to a specific person, so you will remain anonymous to us.
If you register on this Web site as a Vendor and/or Client Support Professional your identifiable personal application information is also recorded alongside the anonymous information in our Web server log. Once you register as a Vendor and/or Client Support Professional, you are no longer anonymous to us.
What are cookies and does Arise use them?
Do any third parties receive or collect your Information through Arise?
Arise will not share personally identifiable information with other companies or individuals except to the extent otherwise disclosed and as authorized by you; or, to comply with subpoenas or court orders.
What security measures are in place to protect your information?
Arise operates secure data networks protected by industry standard firewall and password protection. We have stringent security measures in place to attempt to protect against the loss, misuse or alteration of your identifiable personal information.
Arise will occasionally update this privacy statement. When we do, we will also revise the "last updated" date at the bottom of this privacy statement. For material changes to this privacy statement, we will notify you by placing prominent notice on this Web site.
Arise Virtual Solutions, Inc. (hereinafter referred to as “Arise”) has joined the US-EU Program for compliance in the Safe Harbor Principles of the U.S. Department of Commerce for the protection of subcontractor data transferred from Arise locations in the European Union to the United States, as required by the EU Directive on Data Protection.
Arise uses data centers located in the US and the European Union (EU). The EU’s comprehensive privacy legislation, the Directive on Data Protection, requires that transfers of personal data take place only: (1) where a relevant basis exists upon which a transfer may be made; or (2) to non-EU countries that provide an “adequate” level of privacy protection for such data. The US Department of Commerce in consultation with the EU, has developed a “safe harbor” framework to assist U.S. companies in complying with the Directive on Data Protection. The safe harbor framework consists of “Safe Harbor Principles” with which Arise must comply if it wishes to self-certify under and enjoy the benefits of the Department of Commerce Safe Harbor.
Any questions regarding this Policy or Arise´s processing of personal data in the U.S. may be addressed to:
Arise Corporate Headquarters
Attention: Legal Counsel
3450 Lakeside Drive, 6th Floor
Miramar, FL 33027
Arise complies with the U.S.-EU Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries. The company has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view the company’s certification, please visit http://www.export.gov/safeharbor/.
This Policy sets forth Arise’s procedures for complying with the Safe Harbor Principles in regard to r data that is transferred to the United States from EU locations. Arise does not purposely process sensitive information or personal data specifying medical or health conditions, racial or ethnic origin, sexual orientation, political opinions, religious or philosophical beliefs, or union membership.
Arise collects and uses personal data for the following purposes:
- To facilitate the performance of certain administrative tasks and functions relating to general servicing as outlined in the Master Services Agreements and Statements of Work for its Vendors such as, calculating service fees, certification, performance compliance and scheduling; and
- Processing and investigating reports of fraud.
Sensitive data could include one or more of the following: name, address, other job information, location, service fee information, Arise identification number, compliance and performance status, copy of Master Services Agreement and Statement of Work. Arise may receive information about a subject’s actions or in actions relative to adherence to the Master Services Agreement or Statement of Work and any other legal or ethical issue covered by applicable procedures.
Sensitive data is only used and/or disclosed to third parties for the purposes described above. In no case does Arise use and/or disclose to third parties sensitive data for any purpose(s) incompatible with the above stated purposes without first notifying the data subject. Furthermore, the data subject is provided an opportunity to affirmatively opt-out or object to such use or disclosure. Except in limited and permissible circumstances, Arise does not use or transfer to third parties sensitive data deemed “sensitive” under the EU Directive on Data Protection without first providing the data subject with an opportunity to affirmatively opt-in and explicitly agree such use or disclosure.
A data subject may contact Arise Legal Counsel with complaints or inquiries regarding Arise’s processing of sensitive data, or, to “opt out” of the transfer of this data as described below.
In the course of their work, Vendors who are contracted with Arise, engage in phone conversations with customers of Arise’s clients. The only data collected about these customers by Arise is the actual phone conversation itself. All phone conversations are recorded for quality assurance purposes and are only retained for a limited number of days.
Any subject whose data is to be transferred to third parties or used for purposes incompatible with the purposes described above may choose not to have his or her data so used or transferred and must communicate his or her desire to “opt out” by the means described in the last paragraph above. A subject may not opt out of the transfer of his or her data which is transferred by Arise to a third party for the purpose of (1) meeting applicable legal requirements or (2) protecting the legitimate interests of Arise in making business related decisions.
Arise may also transfer sensitive data only to those third parties who: (a) have agreed, in writing, to provide at least the same level of privacy protection to this data as is required under the EU Directive on Data Protection and/or adherence with the Safe Harbor Principles. Exceptions to this limitation on onward transfer include where a subject has granted Arise express permission to transfer his or her data to the third party, or, where such transfer is necessary for the purpose of meeting an applicable legal requirement.
Customer call recordings are considered the property of Arise clients.
Arise implements a high level of data security measures to prevent loss, disclosure, unauthorized access, misuse, alteration and destruction. Arise has implemented an information security program based on the Payment Card Industry Data Security Standard (PCI-DSS). This framework is recognized internationally and provides the basis for the organizational and technical and organizational security measures used by Arise.
Arise has informed its subjects about the need, where required by their applicable data protection law, that procedures are in place to ensure that call recording data (which may contain personal data) are reliable for their intended use, accurate, complete, and current. Retention of these call recordings does not generally exceed 90 days.
A data subject whose data is processed by Arise may request access for the purpose of correcting, amending, or, deleting data that is inaccurate. Alternatively, in some cases, the data subject may also access data for the purpose of correcting, amending, or, deleting on their own. Arise may deny a data subject’s request to access his or her data where the burden or expense of providing such access would be disproportionate to the risks to the requesting subject’s privacy or where the rights of persons other than the requesting subject would be violated.
Arise US continually reviews its compliance with this Policy to verify that the assertions and practices made in it are true and are correctly implemented. Any breach of this Policy that has been reported to Arise will be duly investigated.
An individual with a complaint or dispute about the processing of its personal data should use the following procedure:
- Report any complaint(s) about such processing to the Arise Legal Counsel (see above).
- Unresolved complaints can be directed to the EU Data Protection Authority (“DPA”) or the American Arbitration Association (AAA).
- Arise is voluntarily certifying that it will comply with the Safe Harbor Principles, subjecting itself to the enforcement, dispute resolution, and sanctioning powers of the AAA or DPA and has agreed to cooperate and comply with either in regard to Arise’s processing of sensitive data.
Arise has selected a third party to serve as its independent recourse mechanism (IRM) for dispute resolution. The E.U. Data Protection Authorities (DPAs) will be used for dispute resolution which will be available to investigate unresolved complaints involving “human resources data”. In addition, the American Arbitration Association (AAA) may be used to resolve all other disputes and when selected will be available to investigate unresolved complaints involving other types of data (e.g. client and customer data).
- For materials regarding the Safe Harbor Principles, you may go to the following link: www.export.gov/safeharbor
Per the principles of the US Safe Harbor, adherence to these principles may be limited to the extent necessary to meet national security, public interest, or law enforcement requirements.
Last Updated: January 2015