EU-US & Swiss-US Privacy Shield Certification

https://www.privacyshield.gov/welcome/Program-Overview

The EU-U.S. and Swiss-U.S. Privacy Shield Frameworks were designed by the U.S. Department of Commerce, and the European Commission and Swiss Administration, respectively, to provide companies on both sides of the Atlantic with a mechanism to comply with data protection requirements when transferring personal data from the European Union and Switzerland to the United States in support of transatlantic commerce. On July 12, 2016, the European Commission deemed the EU-U.S. Privacy Shield Framework adequate to enable data transfers under EU law (see the adequacy determination). On January 12, 2017, the Swiss Government announced the approval of the Swiss-U.S. Privacy Shield Framework as a valid legal mechanism to comply with Swiss requirements when transferring personal data from Switzerland to the United States. See the statements from the Swiss Federal Council and Swiss Federal Data Protection and Information Commissioner.

Section 4 of NinjaOne’s Global Privacy Policy: Cross-Border Transfer / Privacy Shield

NinjaOne is a global company, and while we strive to ensure personal data is stored and processed in the same region in which it is collected, such data may occasionally be transferred across international borders. To the extent such cross-border transfers occur, personal data will be protected under one of the GDPR’s approved mechanisms to ensure personal data is adequately protected.

With respect to personal data transferred from the European Union and Switzerland to the United States, NinjaOne complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S Privacy Shield Framework as set forth by the U.S. Department of Commerce. NinjaOne, LLC has certified to the Department of Commerce that it adheres to the Privacy Shield Principles.

If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/welcome/.

Throughout this Privacy Policy, we have described the types of personal data collected (Section 2), the purposes for which such data is collected (Section 3), the types of organizations with which we share that personal data (Section 6), and your choices regarding our use or disclosure of your personal data, as well as other data subject rights that may be applicable (Section 9).

NinjaOne commits to resolve complaints about our collection or use of your personal information. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact NinjaOne at: .

NinjaOne, LLC has further committed to cooperate with the panel established by the EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commission (FDPIC) with regard to unresolved Privacy Shield complaints concerning data transferred from the EU and Switzerland. In some cases, you may be able to invoke binding arbitration through the Privacy Shield Panel (for more information please visit https://www.privacyshield.gov/welcome/article?id=ANNEX-I-introduction).

As part of our participation in the Privacy Shield Program, we are subject to the investigatory and enforcement powers of the Federal Trade Commission.

In response to lawful requests by public authorities, including to meet national security or law enforcement requirements, we may be required to disclose personal information.

In cases of onward transfers of personal information to third parties we may remain liable under the Privacy Shield Principles if the third party processes personal information in a manner inconsistent with the Principles.