Safe Harbor - Organization Information

Organization Information:

Aasonn, LLC
184 Shuman Blvd, Suite 530
Naperville, Illinois- 60563
Phone: 630-718-1562
Fax: 630-718-1564
www.aasonn.com

Organization Contact:

Contact Office: US Headquarters
Name: Nate Peterson , Vice President Operations
Phone: 630-718-1562 x113
Fax: 630-718-1564
Email: npeterson@aasonn.com

Corporate Officer:

Corporate Officer: Allen Peterson , CEO
Phone: 630-718-1562 x111
Fax: 630-718-1564
Email: apeterson@aasonn.com

Safe Harbor Information:

Original Certification: 11/25/2011
Next Certification: 11/25/2012

Personal Information Received from the EU/EEA and/or Switzerland:
Aasonn has adopted the seven Safe Harbor principles of notice, choice, onward transfer (transfer to third parties), access, security, data integrity and enforcement with respect to personal information to be transferred to Aasonn Operations in the U.S. from the EEA and from Switzerland. Notice - Aasonn will notify person's in the EU about the purposes for which personal data will be collected and used. Information will be provided on how individuals can contact Aasonn with inquiries or complaints regarding personal data. Aasonn will give notice to people regarding third parties to which it discloses the information, and restrictions that limit the information's use and disclosure. Choice - Prior to releasing personal data to a third party, Aasonn will give an individual employee the opportunity to choose whether their personal data is disclosed to that third party or used for a purpose incompatible with the purpose for which it was originally collected or subsequently authorized by that individual. For sensitive data, an affirmative choice will be given to the individual if the personal data is to be disclosed to a third party or used for a purpose other than its original purpose or the purposes authorized subsequently by the individual. Transfers to third parties - Aasonn will obtain assurances from its agents that they will safeguard personal information consistently with this Policy. Examples of appropriate assurances that may be provided by agents include: a contract obligating the agent to provide at least the same level of protection as is required by the relevant Safe Harbor Principles, being subject to EU Directive 95/46/EC (the EU Data Protection Directive), Safe Harbor certification by the agent, or being subject to another European Commission adequacy finding. Where Aasonn has knowledge that an agent is using or disclosing personal information in a manner contrary to this Policy, Aasonn will take reasonable steps to prevent or stop the use or disclosure. Access - Person's covered under this policy will have access to personnel information about them that Aasonn holds and will be able to correct, amend or delete information if it is inaccurate (the exception is when the burden or expense of providing access would be disproportionate to the risks of the individual privacy in the case in question or the rights of persons other than the individual would be violated.) Retention - Aasonn will retain personal information for a period that suits the business purpose of maintaining that information. If such personal information is for the purposes of our consulting work with a customer, that information will be destroyed immediately after any business need for that information ceases to exist. In on case will personal information be kept for more than 3 years. Security - Aasonn will take reasonable precautions to protect personal information from loss, misuse and unauthorized access, disclosure, alteration and destruction. Data Integrity - Personal data kept by Aasonn will be relevant for the purposes for which it is to be used. Aasonn will take reasonable steps to ensure that the data is reliable and that it is applied to its intended use. Aasonn will also ensure that the information is accurate, complete and correct. Enforcement - To ensure compliance with these Safe Harbor Principles, Aasonn will: 1) Commit to cooperate with the Data Protection Authorities (DPAs) of the EU countries and the Swiss FDPIC (for information received from Switzerland) in the investigation and resolution of complaints and will comply with any advice given by DPAs; 2) Employ a procedure for verifying that the commitment the company has made to adhere to the Safe Harbor Principles has been implemented; and 3) Remedy issues arising out of any failure to comply with the Principles. Aasonn acknowledges that its failure to provide an annual self-certification to the Department of Commerce will remove it from its list of participants and the transfers of information will not be allowed unless Aasonn otherwise complies with the EU Data Protection Directive and Swiss FDPIC. Aasonn executive management will be the internal mechanism for ensuring compliance with the Safe Harbor Principles and facilitating the independent recourse mechanism referenced in the Enforcement provision of this Policy.
Privacy Policy Effective: 11/23/2011
Location: http://www.aasonn.com/privacy-policy.html

Regulated By: Federal Trade Commission

Privacy Programs:
Electronic Trust foundation (eTrust)

Verification: In-house

Dispute Resolution:
All disputes arising out of or in connection of the handling of personal information by Aasonn will be handled swiftly by Aasonn executive management. Employees located in the EEA should forward any complaints or disputes regarding personal data protection to their local HR representatives. All other questions or concerns regarding the use or disclosure of personal information should be directed to Aasonn at the address given below in the Responsibilities and Contact Information section of this Privacy Policy. Aasonn will investigate and attempt to resolve complaints and disputes regarding use and disclosure of personal information in accordance with the principles contained in this Policy. For complaints that cannot be resolved between Aasonn and the individual complainant, Aasonn commits to cooperate with the European Data Protection Authorities (for personal information received from the EEA) and the Swiss FDPIC (for information received from Switzerland) and comply with any advice given by them.

Personal Data Covered: Human Resources, Employee, and Company Data for the purposes of Software configuration and implementation
Organization Human Resource Data Covered: Yes
Do You Agree to Cooperate and Comply with the EU and/or Swiss Data Protection Authorities? Yes

Relevant Countries from which Personal Information is Received:
Austria, Belgium, Bulgaria, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Liechtenstein, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, United Kingdom

Industry Sectors:
Computer Services - (CSV)
Computer Software - (CSF)
Information Services - (INF)
General Services - (GSV)

Certification Status: Not Current
Compliance Status: