OVERSEAS MILITARY SALES GROUP PRIVACY SHIELD COMPLIANCE POLICY
Protecting Our Customers
1. Overseas Military Sales Corporation - OMSC Ltd and its affiliates, OMSO SA, Priority Assist, Inc. and Military Car Sales Inc. affirm their participation EU-US and Swiss-US Privacy Shield. For more information on the Privacy Shield you may go to https://www.privacyshield.gov/.
2. (a) OMSC and its affiliates collect the following data from their customers:
- Information about the customer provided directly to us by the customer, such as their name, mailing address, phone number, and e-mail address.
- Information provided on applications, orders or other forms or transactions, which may include but is not limited to a customer’s name, address, social security number, income information and sources that is not publicly available.
- Information on any list, description, or other grouping of consumers (and publicly available information pertaining to them) derived from using any personally identifiable financial information that is not publicly available.
- Information about a customer’s transactions with us, our affiliates, or others, such as balance and payment history.
- Information obtained from the consumer’s employer or other employment-related sources to verify financial information.
- Information obtained from consumer reporting agencies, such as one’s credit history, credit score, and information that we obtain to verify employment history or that insurance coverage is in place.
- Information obtained through Internet “cookies” in connection with an inquiry about a financial product or service.
All information is used exclusively for the processing of sales of our products to our customers.
(b) OMSC and its affiliates collect the following data from their employees: employment and health related information.
(c) OMSC and its affiliates commit to cooperate with EU data protection authorities (DPAs) and comply with the advice given by such authorities with regard to human resources data transferred from the EU in the context of the employment relationship
4. The point of contact is James Black, General Counsel for OMSC and its affiliates. 516-496-1825, email@example.com.
5. Third parties to whom OMSC and its affiliates will disclose personal information to automobile manufacturers, banks and other lenders and the US DoD, Army, Air Force and Navy Exchanges. All disclosures are to facilitate the sale and marketing of their products to their customers. If OMSC and its affiliates ever were to engage in any onward transfers of your data with third parties for a purpose other than which it was originally collected or subsequently authorized, we would provide you with an opt-out choice to limit the use and disclosure of your personal data. OMSC and its affiliates may have liability for disclosures resulting from onward transfer to third parties.
6. OMSC and their affiliates will advise customers whose personal data they are processing of their right under Privacy Shield to access correct or delete their personal data. A customer who seeks access, or who seeks to correct, amend, or delete inaccurate data, should direct their query to firstname.lastname@example.org. If requested to remove data, we will respond within a reasonable timeframe.
8. OMSC and its affiliates have further committed to refer unresolved privacy complaints under the EU-US and Swiss-US Privacy Shield Principles to BBB EU PRIVACY SHIELD, a non-profit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information and to file a complaint. OMSC and its affiliates have further committed to cooperate with EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved Privacy Shield complaints concerning human resources data transferred from the EU and Switzerland in the context of the employment relationship. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact the EU DPAs or the Swiss FDPIC for more information or to file a complaint. The services of EU DPAs and the Swiss FDPIC are provided at no cost to you.
Under certain limited conditions, individuals may invoke binding arbitration before the Privacy Shield Panel to be created by the U.S. Department of Commerce and the European Commission.
OMSC is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).
OMSC and its affiliates may be required to disclose personal information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements.
If an employee believes that his or her privacy rights have been violated, or that customer or confidential company information has been misused, he or she may complain in writing addressed to MAS's Legal Department, 175 Crossways Park West, Woodbury, NY 11797. Complaints relating to personal privacy violations may also be made in writing to the Secretary of the US Department of Health and Human Services, 200 Independence Avenue SW, Washington DC 20201, within 180 days after the employee knows or should have known about the act or omission that is the subject of the complaint. MAS will not retaliate against an employee who files such a complaint.
Dated as of __________________, ________
ACKNOWLEDGEMENT OF RECEIPT
ACKNOWLEDGED AND AGREED: