GROUPON, INC. GENERAL EEA/CH SAFE HARBOR NOTICE
EFFECTIVE DATE: JUNE 1, 2012
SCOPE OF SAFE HARBOR CERTIFICATION
Groupon, Inc. ("we") recognize(s) that the European Community has established a data protection regime pursuant to Directive 95/46/EC (the "Directive"). The Directive applies to the European Economic Area ("EEA"). Switzerland has also established a data protection regime pursuant to the Federal Act on Data Protection ("FADP"). These regimes restrict companies in the EEA and Switzerland (collectively, "EEA/CH") from transferring personal data about individuals in the EEA/CH to the United States, unless there is "adequate protection" for such personal data when it is received in the United States.
To create such "adequate protection" and allow its subsidiaries and business partners to overcome the restriction on international data transfers established by the Directive and the FADP, Groupon, Inc. adheres to the Safe Harbor Privacy Principles published by US Department of Commerce ("Safe Harbor Principles") with respect to personal data about individuals in the EEA/CH that subsidiaries, customers and other business partners in the EEA/CH send to Groupon, Inc. ("EEA/CH Data"). More information on the Safe Harbor Principles and Groupon, Inc.’s scope of participation is available at http://export.gov/safeharbor/.
SCOPE OF THIS NOTICE
This Notice applies to EEA/CH Data relating to data subjects residing in the EEA/CH ("EEA/CH Persons") Groupon, Inc. receives from affiliated and unaffiliated companies, except personal data that we receive in the context of employment with Groupon, Inc. or one of our subsidiaries. Separate notices address such excepted situations. Groupon, Inc.’s Safe Harbor Certification does not extend to data that Groupon, Inc. receives directly through www.groupon.com.
CATEGORIES OF EEA/CH DATA
We receive certain information related to individual independent contractors, and employees and individual representatives of Groupon, Inc.’s corporate business partners (including vendors and advertising customers). Such EEA/CH Data includes, without limitation, names, addresses, work phone numbers, work email addresses, and any other personal data that are affirmatively provided to Groupon, Inc. in order to manage our business relationship.
We also provide data processing services to affiliated and unaffiliated entities, including Groupon International GmbH. We process any information that such entities instruct us to process, on their behalf and subject to their direction. When we receive EEA/CH Data from another company in the EEA/CH for processing, the categories of data sent and the purposes of processing depend on such other company (the data controller) and on the relationship the data controller has with the relevant data subjects.
We collect and use EEA/CH Data in order to manage business relationships with other companies or to process EEA/CH data on behalf of affiliated and unaffiliated entities.
We share EEA/CH Data with our subsidiaries, affiliates and contractors. We also share EEA/CH Data with other third parties as instructed by us and in order to comply with our binding contracts and as required or permitted by law. With respect to marketing e-mails from Groupon, Inc., EEA/CH Persons may opt-out by submitting an e-mail request to firstname.lastname@example.org with "Opt-Out" in the subject line, or by following opt-out instructions that are contained in each marketing email. EEA/CH Persons may also send an email to this address to ask to opt-out of disclosures to third parties, but such a limitation on data sharing may make it difficult or impossible for Groupon, Inc. to provide services. We may also disclose EEA/CH Data if legally required or permitted by law and we have a legitimate business interest in such disclosure.
ACCESS AND REVIEW
EEA/CH Persons whose EEA/CH Data Groupon, Inc. holds as a data controller may request access to, and the opportunity to update, correct or delete some or all of the EEA/CH Data that Groupon, Inc. holds about them. To submit such requests or raise any other questions, please contact the Groupon, Inc. Safe Harbor Contact as described below. Groupon, Inc. reserves the right to take appropriate steps to authenticate an applicant’s identity, charge an adequate fee before providing access and deny requests, except as required by the Safe Harbor Principles. EEA/CH Persons whose EEA/CH Data Groupon, Inc. holds as a data processing service provider for affiliated or unaffiliated corporate business partners must direct access requests to the data controller to whom they originally provided consent and the relevant EEA/CH Data.
SAFE HARBOR CONTACT
Please e-mail any comments or questions regarding our safe harbor compliance to email@example.com. If you have a comment or question that cannot be resolved with Groupon, Inc. directly, you may contact the competent local data protection authority in your EEA/CH Member State if it falls within the scope of this Notice.