DATA PRIVACY FRAMEWORK POLICY
Global Outsource Services, LLC ("Global") is a leading provider of banking systems to the financial services industry. Global has adopted this Privacy Shield Policy ("Policy") in order to maintain an adequate level of protection concerning the transfer of its serviced financial institutions (“Clients”) customers’ Personal Information from the European Union (EU) member countries to Global’s facilities in the United States of America.
Global complies with the EU-US Data Privacy Framework Principles as set forth by the US Department of Commerce (DOC) regarding the collection, use, and retention of Personal Information from our Customers. Global has certified that it adheres to the EU-US Data Privacy Framework Principles of notice, choice, accountability for onward transfer, security, data integrity and purpose limitation, access, recourse, enforcement and liability. If there is any conflict between Global’s Policy and the EU-US Privacy Shield Framework Principles, the EU-US Data Privacy Framework Principles shall govern. To learn more about the US DOC Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov.
The Federal Trade Commission (FTC) has jurisdiction over Global's compliance with the EU-US Privacy Shield Framework.
​
SCOPE
​
Global’s Policy applies only to Personal Information that is processed, maintained or stored on behalf of Global’s Clients. "Personal Information" for purposes of this policy means information relating to an identified or identifiable natural person. An "Identifiable Person" is one who can be identified, directly or indirectly, by reference to an identification number or to one or more factors specific to the individual's physical, physiological, mental, economic, cultural or social identity that are within the scope of the EU-US Data Privacy Framework Principles, recorded in any form and that is received by a participant from the EU. For the purposes of this Policy, our Clients may use Global’s systems to store Personal Information on their customers that includes name, address and date of birth. “Processing” of personal data means any operation or set of operations which is performed upon Personal Information, whether or not by automated means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure or dissemination, and erasure or destruction.
​
NOTICE
​
Global acts as a service provider to its Clients who use its banking products and services. Any Personal Information sent to us by our Clients is used exclusively for the purposes for which we were contracted.
​
CHOICE
​
The use of Personal Information from our Clients is governed by the service agreements with our Clients and this Policy. We do not rent or sell our Personal Information to any third parties. We do not collect sensitive information (e.g., Personal Information specifying medical or health conditions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership or information specifying the sex life of the individual).
ACCOUNTABILITY FOR ONWARD TRANSFER
​
Except as otherwise provided herein, Global discloses Personal Information only to Third Parties who reasonably need to know such data and only for the scope of the services contracted and not for other purposes. Such recipients of Personal Information must agree to abide by confidentiality agreements.
Please be aware that Global may be required to disclose Personal Information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements. Global is liable for appropriate onward transfers of Personal Information to Third Parties.
​
DATA INTEGRITY AND SECURITY
​
Global takes reasonable steps to ensure that Personal information we Process is reliable for its intended use, accurate, complete, and current to the extent necessary for the purposes for which we use the Personal Information. Additionally, Global has implemented physical, technical and administrative safeguards to protect Personal Information from loss, misuse, and unauthorized access, disclosure, alteration and destruction.
​
ACCESS TO PERSONAL INFORMATION
​
Global acknowledges that individuals have the right to access their Personal Information. Global maintains Personal Information solely as a processor on behalf of its Clients and, as a result, has no direct relationship with the individuals whose Personal Information we Process. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data should first contact their financial institution in the European Union.
​
ENFORCEMENT AND DISPUTE RESOLUTION
​
Global uses a self-assessment approach to assure compliance with its Privacy Shield Policy and periodically verify that the Policy is accurate, comprehensive for the information intended to be covered, prominently displayed, completely implemented and accessible and in conformity with the principles. In compliance with the EU-US Data Privacy Framework Principles, Global commits to resolve complaints about your privacy and our collection or use of your Personal Information. EU individuals with questions or concerns regarding our Privacy Shield Policy should contact us at:
Global Outsource Services, LLC
c/o Governance and Compliance Officer
770 Ponce de Leon Blvd. - Penthouse
Coral Gables, Florida USA 33134
Office: (305) 441-0417 / Fax: (305) 441-0418
Global has further committed to refer unresolved EU-US Privacy Shield Framework complaints to the JAMS, an alternative dispute resolution provider. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact or visit the JAMS website for more information or to file a complaint. The services of JAMS are provided at no cost to you. If claims are not remedied, under certain limited conditions, individuals may invoke binding arbitration as a last resort before the EU-US Privacy Shield Framework Panel.
​
AMENDMENTS / RENEWALS
​
Global’s Policy may be amended from time to time consistent with the requirements of the EU-US Data Privacy Shield Framework Principles. Global also reviews this policy annually as part of the re-certification process.
Policy Effective Date: March 15, 2017
ADDENDUM
​
Refer to attached EU-US Privacy Shield Framework Principles Issued by the US Department of Commerce for complete information on the Framework, along with announcement of October 27, 2022 regarding President Biden’s Signing of Executive Order to Implement the European Union – US Data Privacy Framework.