This Privacy Notice (“Privacy Notice”) sets out how DDB Latina Puerto Rico (DDB) processes your personal data in connection with our business, including the provision of our website at www.ddblatinapuertorico.com (“Site”) and the services we offer (“Services”).

In particular, this Privacy Notice explains our approach to any personal data that we might collect from you (i) when you use our Services, (ii) during any other interactions with us, or (iii) which we might otherwise process when providing Services to our clients (including the personal data we collect, why we collect it, and your rights in respect of our processing of your personal data). 

This Privacy Notice is intended to assist you in making informed decisions when using the Site and our Services. Please take a moment to read and understand this Privacy Notice; it is intended to be read in conjunction with our Terms of Use.

Finally, this Privacy Notice is intended to meet the requirements of:

• Regulation (EU) 2016/79 on the protection of natural individuals with regard to the processing of personal data and on the free movement of such data (“EU GDPR”).

• Equivalent data protection laws in the United Kingdom (the “UK GDPR”) and Switzerland (“Swiss Data Protection Law”).

• Other data protection laws that are applicable to the processing activities set out in this Privacy Notice. 

For ease of reference, in this Privacy Notice we use the term “GDPR” to collectively refer to the EU GDPR, GDPR, UK GDPR, and Swiss Data Protection Laws.

This Privacy Notice only applies to the use of your personal data obtained by us, whether from you directly or from a third party. It does not apply to personal data collected by third parties during your communications with them or your use of their products or services (for example, if you follow links on our GDPR site to third-party websites over which we have no control).

Further, this Privacy Notice is not intended to cover the processing of workplace person-party data. Accordingly, if you are engaged as a worker for us, please see our Workplace Privacy Notice, which sets out further information about how we may process your personal data in connection with your employment and engagement.

We will update this Privacy Notice from time to time to reflect any changes or proposed changes to our use of your personal data or to comply with changes in applicable law or regulatory requirements. We may notify you by email of any significant changes to this privacy notice, but we encourage you to review it periodically to stay up-to-date on how we use your personal data. If we update this Privacy Notice, we will update the effective date at the top of the page.

DDB Latina Puerto Rico ("DDB") provides the Site and Services. DDB is the entity responsible for managing your personal data. DDB is a USA-headquartered company with its registered office at 200 Varrick St, 11th Floor, New York, NY 10014.

For the purpose of this Privacy Notice and the GDPR, unless we state otherwise, we shall be considered a data controller of your personal data in connection with use cases identified in this Privacy Notice. Please note that in many cases where we process data in relation to other services that we provide, we may carry out the activities referred to in this Privacy Notice in our capacity as a data processor acting on behalf of our clients. We have made this distinction clear in the Privacy Notice.

If you have any questions about this Privacy Notice or want to exercise your rights as a data subject set out in this Privacy Notice, you can contact us using the following methods:

Email:
Send us an email at contactus@ddblatinapr.com.

Post:
‍PO Box 195006 San Juan, PR  00918-5006

When we talk about personal data, or all data, we mean any information that relates to an identified or identifiable living individual. Individuals might be identified by reference to a name, an identification number, location data, an online identifier (such as an address), or other factors that are specific to them, such as their physical appearance. Categories of personal data we may collect and process about you include:

Identity Data:
First name, middle name, last name, and contact data include your delivery name, address, billing address, email address, telephone number, and social media handle.

Applicant Data:
Date of birth, gender, country, nationality, CVs, work experience, dietary requirements, and any other personal data that you may provide in advance of/during your supply of services to us.

Images:
‍Photos and video recordings.

‍Financial Data:
‍Bank account details; partial payment card details.

‍Transaction Data:
‍Details about payments made between you and us; details of services purchased from us.

‍Profile Data:
‍Interests and preferences; contact preferences; whether you have participated in any promotions or competitions; feedback and survey responses Photos and the content of any messaging you send using any responses; and an inquiry form Formenquiry formchat or chat function on the chats Additionally, behavioral data includes information related to your browsing activity, which is obtained through the use of cookies, pixel tags, and other similar technologies; it also encompasses details about when your current or previous sessions started and any services you viewed. through the Site.

‍Technical Data:
‍IP address; browser type and operating system; geolocation, to ensure we’re showing you the correct notices and information; any other unique numbers assigned to a device.

‍Marketing and Communications Data:
‍Marketing preferences; service communication preferences. 

‍Publicly Available Data
‍Information about articles (or similar) that you may have published; information about your interests or affiliations or publicly stated positions on political matters, corporate matters, and similar.

For more information about the personal data we collect, please refer to the ‘How we use personal data’ section 9.

We may collect and receive your personal data using different methods:

‍Personal data you provide to us:
‍You may give us your personal data directly, for example, when you obtain services via our site, contact us with inquiries, complete forms on our site, subscribe to receive our marketing communications, or provide feedback to us.

‍Personal data we collect automatically, including using cookies and other similar technologies:
‍When you access and use our Site, we may collect certain communications, behavioral data, and technical data automatically, including through our use of cookies and other similar technologies (see the ‘Website insight and analysis’ section). section).

‍Personal data received from third parties:
‍We may receive personal data about you from third parties. Such third parties may include analytics providers, data brokers, third-party directories, and third parties that provide technical services to us so that we can provide our Site and our Services.

‍Publicly available personal data :
‍From time to time, we may collect personal data about you (Identity Data, Contact Data, or Publicly Available Data) that is contained in publicly available sources (including open directories, source data sets, or media reports) or that you or a third party may otherwise make publicly available (for example, through speeches at events or publishing articles or other news stories or posts on social media platforms).

We collect and process personal data from the following people:

‍Site visitors:
‍We will collect and process your personal data in connection with your interactions with us and our website.

‍People who contact us with, for example, inquiries:
‍If you contact us with an inquiry through our Site, submit a complaint, or provide any feedback to us in our surveys and feedback forms, we will collect and process your personal data in connection with your interaction with us and our Site.

‍Client personnel:
‍We may collect and process your personal data in connection with the supply of services to you and/or your organization.

Talent:
‍If you supply services and content to us and work with us to provide services to our clients (including featuring in content we produce), we may collect or process your personal data, such as your Identity Data, Contact Data, Financial Data, CVs, and complaints in connection with such supply of services and content to us and our clients.

‍Partner/supplier personnel:
‍If you (or your organization) supply products or services to us or otherwise partner with us, we may collect and process your personal data in connection with our receipt of those products, services, and partnerships. This may include personal data included in any email or telephone communications or recorded on any document relating to an order for the products or services, such as your Contact Data.

‍Visitors to our offices, studios, and production sites:
‍If you attend one of our physical offices or other locations, we may process personal data that you volunteer in connection with your visit and any studies and inquiries you make. For example, you may volunteer personal data when signing in as an inquiry guest or when you register for and access our guest Wi-Fi network at our premises. CCTV footage may also be collected for security purposes.

‍Event attendees:
‍If you attend one of our events, we will process personal data about you in connection with your attendance there. For example, we may ask you to complete a registration or form or other documents relating to the event.

‍Job applicants:
‍If you apply for a job with us, whether through the Site or otherwise, we will collect and process your personal data in connection with your application.

‍Members of the public:
‍We may process your data in connection with the provision of the Services to our clients.

A: OPERATION OF SITE, PROVISION OF SERVICES, AND MARKETING

I. Operation of the Site 

If you browse our Site
‍When you browse our Site, we may process Technical Data, including through our use of essential cookies and other similar technologies, to provide our Site SERVICES to you.

Our legal basis for processing
It is necessary for us to use your data to perform our obligations in accordance with any contract that we may have with you for the Services, or it is in our legitimate interest to use data in such a way to ensure that we provide access to our Site in a secure and effective way.

‍If you link to social media sites and interact with our social media pages
‍If you click on one of the social media links on our Site or otherwise interact with our social media pages, such as on Facebook or Instagram (including interacting with any ‘like’ or similar embedded features on our Site), we and the relevant social media platform may receive information relating to such interaction and may share your personal data in connection with this purpose. Where that data is collected through your use of our Site, the data may include certain Bepages, Behavioral Data, and Technical Data. For more information about how we use this personal data, please refer to the website insight and analysis section.

The relevant social media platform may also act as a controller for the personal data collected through your use of our social media pages, and we may utilize that data for additional purposes. For details on how the relevant social media platform uses your personal data, please refer to its privacy notice. We have a legitimate interest in using personal data as described above to ensure effective provision of the Site and to promote it through social media.

‍Website insight and analysis
‍We and our third-party partners use cookies, web beacons, pixel tags, tags, and other similar technologies (which we generically refer to as “cookies”) to collect data from the devices that you use to access our site. We collect behavioral data, technical data, and profile data. Please refer to our Cookie Notice for further information, including details of our third-party partners.

We and our third-party partners use this data to create user profiles. Analyze how you use our Site and our Services and the effectiveness of our Site and Services, including:

• to analyze how you use, and the effectiveness of, our Site and Services;
‍
• to improve our Site and Services;
‍
• to count users who have visited our Site and collect other types of information, including insights about visitor browsing habits, which helps us to improve our Site and Services;
‍
• to measure the effectiveness of our content;

• to learn what parts of our Site are most attractive to our users, which parts of our Site are the most interesting, and what kind of features and functionalities our visitors like to see; 

• to help us understand the type of marketing content that is most likely to appeal to our visitors and customers.

‍Our legal basis for processing
We collect your personal data through non-essential cookies, relying on your consent for further processing. Where your data is collected through the use of non-essential cookies, we rely on consent to collect your personal data and for the onward processing purpose. Please see our Cookie/No Cookies Notice for further details.

In certain circumstances, we may rely on another legal basis when we use your personal data collected via cookies. For example, where we use personal data collected through the use of analytics cookies to analyze how you use our Site, it is in our legitimate interest to use your personal data in such a way to improve our Site and Services.

‍II. Provision of Our Analysis of Our Services 

Content creation and managing talent.
‍As part of our content creation services to clients, we maintain talent data. Our services databases include identity data, contact data, applicant data, publicly available data, biographies, and personal preferences of individuals that we may use for a particular campaign. We use this information for the purpose of selecting talent for a particular campaign and working with that talent. We may obtain this information directly from the individual, via third-party recruiters or agents, or from publicly available sources.

As part of creating the content featuring the talent, we will process their image data as well as image data and applicant data. Our legal basis for processing It is in our legitimate interests (or those of our clients) to process talent personal data in this way to enable us to provide our applicant data services.

We will only process special category data collected directly from you for this purpose if we have your explicit consent. Where we obtain this special category from publicly available sources, we will rely on the fact that the individual made such information manifestly public. Where we do these activities on behalf of our clients as a data processor, we do not require a legal basis for such processing.

‍Client data insight and analysis.
‍We may collect data about you, both on our own behalf and on behalf of our clients, in connection with providing our services. This data will be used for insight and analysis on an anonymized and aggregate basis to improve our services and assist our clients in better understanding their customers’ interests and enhancing their products or services. We collect both behavioral and technical data. The data collected includes behavioral data, technical data, and profile data.

Our legal basis for processing
To the extent the above involves personal data, it is in our legitimate interests (or those of our clients) to process personal data in this way to enable us to provide our profile data services. Where we do these activities on behalf of our clients as a data processor, we do not require a legal basis for such processing.

Please note that these services often involve anonymous data sets, such as aggregated and statistical data sets, which are used for high-level market analytics or to understand macro consumer habits, among other purposes.thithings).  ngs).  In these cases, neither we nor our clients are processing personal data.

‍III. Marketing and Media Inquiries

Marketing
‍We may use your Identity Data, Contact Data, Marketing and Communications Data, and Inquiry Data to send you (or the organization you represent) marketing communications by email or via phone. Our marketing will include press releases and information about us.

Our legal basis for processing
It is in our legitimate interest to use your personal data in this way to ensure the promotion of our services is tailored and appealing to you and the organization you work for. Please note that we will only send you marketing materials with your consent. only send you marketing with your consent. 

‍Media and informational inquiries.
‍We may collect personal data (including Identity Data, Contact Data, and Publicly Available Data) about journalists, client contacts, or industry contacts for interview requests, for media questions, or for requests for information about DDB. We may also provide individuals with the opportunity to sign up for newsletters or to receive copies of blogs and other information that we make available. Where an individual signs up to receive such information, contact data may be requested in each case, along with details of other personal data that are relevant to these inquiries. We use this information to respond to individual requests and media requests.

Our legal basis for processing
It is in our legitimate interests (and those of our clients) to process personal data in this way to ensure we provide the services requested by our clients in an effective and efficient way and that we provide the right information to those who request it.

‍B: BUSINESS ADMINISTRATION, FINANCIAL AND LEGAL 

Receipt of services
‍If we have engaged an organization to provide us or our clients with services (for example, IT support or financial advice), we will collect and process your personal data (including Contact and Identity Data) if you are a contact within the organization to manage our relationship with the organization, to receive services from the organization, and, where relevant, to deliver our services to others, including our clients. 

Our legal basis for processing
It is necessary for us to use personal data in this way to perform our obligations in accordance with any contract that we may have with the organization, or it is in our legitimate interest to use personal data in such a way to ensure that we have an effective working relationship with the organization and are able to provide our services to others in an effective way. Where we do these activities on behalf of our clients as a data processor, we do not require a legal basis for such processing.

‍Recruitment
‍If individuals apply for a job with us or otherwise express an interest in working for us, we will collect contact details and CV or resume information from the individual. We use personal data for the following purposes: a) to assess an individual's suitability for any position they applied for (or future positions we believe they may be suitable for), including employment or freelancer roles, summer placements, internships, and any business support or services roles, regardless of whether the application was submitted online, via email, in hard copy, or in person; b) to take necessary steps to enter into a contract of employment (or otherwise) with the individual; c) to comply with regulatory or legal obligations related to such applications; and d) to review our equal opportunity profile according to applicable legislation. We do not discriminate on the grounds of gender, race, ethnic origin, age, religion, sexual orientation, disability, ability, or any other basis covered by local legislation. 

What is our legal basis?
Where we use personal data in connection with recruitment and talent manageability, management, and agency, it will be in connection with us entering into a legal contract with them, or it is in our legitimate interest to use personal data in such a way to ensure that we can make the best recruitment and talent management decisions for DDB, or it is our legal obligation to use such personal data to comply with any legal obligations imposed on them or us. We will not process any special data except where we are able to do so under applicable legislation or with the individual’s explicit consent.

‍Visiting our premises, studios, or production sites
‍If an individual visits any of our premises, studios, and production studios, sites, or sites, we may collect personal data, all data including identity or contact data, and CT data as part of our sign-in process. We may also capture their image on our surveillance camera or CCTV. We may also collect data relating to Covid-19 vaccination or testing in accordance with government regulation or guidance. 

If an individual registers as a guest user for free Wi-Fi access at any of our premises, we may collect personal data, including identity and contact data, as part of the registration process. We may also process BeData, behavioral, and technical data in connection with any use of this free Wi-Fi service for monitoring and record-keeping purposes, including to identify the source of service requests, optimize technical data, maintain the Wi-Fi service's performance, and investigate and prevent system abuse. For more information about how we might process your personal data in this regard, please refer to our Portal Privacy Notice at the applicable location.

‍Our legal basis for processing
It is in our legitimate interests to process personal data in this way for security optimization reasons, and we collect data relating to Covid-19 to comply with our legal obligations in relation to health and safety or other legal obligations introduced in relation to the Covid-19 pandemic. 

Where we process personal data in connection with providing access to our free Wi-Fi service, it is in our legitimate interests to process personal data in this way to provide the service. Where we monitor use of our free Wi-Fi service to ensure proper use of the system, we process personal data for monitoring and record-keeping purposes based on guest user safety or consent.

‍Business administration, finance, and legal compliance.
‍We may use an individual’s personal data (including Identity Data, Contact Data, Financial Data, Transaction Data, Consent Data, and Publicly Available Data) for the following business administration and legal compliance purposes:

• to facilitate the operation or effective management of our group of businesses;

• for financial, accData, and accounting and tax purposes;

• to comply with our legal obligations;

• to enforce or protect our legal rights;

• to deal with complaints;

• to protect the rights of third parties (including where the health or security of an individual is endangered (e.g., fire)); and

• in connection with a business transition or sale, such as a merger, reorganization, acquisition by another company, or the sale of all or a portion of our assets.

Our legal basis for processing
Where we use personal data in connection with a business transition to enforce our legal rights or to protect the rights of third parties, it is in our legitimate interest to do so. For all other purposes described in this section, we will rely on our obligation to comply with law (including any court order) to process such personal data.

We will not process any special (or sensitive) categories of personal data or personal data relating to criminal convictions or rights or offenses except where we are able to do so under applicable legislation or with the individual’s explicit consent.

Where we are required by law to collect your personal data, or we need to collect your personal data under the terms of a contract we have with you, and you fail to provide that personal data when we request it, we may not be able to perform the contract we have or are trying to enter into with you. This may apply where you do not provide the personal data we need in order to provide the offensive services you have requested from us or to process an application for employment with us. In this case, we may have to cancel your application or the provision of the relevant services to you, in which case we will notify you.

Only when legally permitted do we share personal data with others. When we share personal data with others, we put contractual arrangements and security mechanisms in place to protect the shared data and comply with our data protection, confidentiality, and security standards and obligations. 

We are part of the Omnicom Group of marketing and advertising firms and (subject to the above) may share data within Omnicom Group companies, Omnicom Networks, or with our partner agencies. For more information about the Omnicom Group, please see here: Advertising and Marketing Agencies | Omnicom Group. 

Further (again subject to the confidentiality above), we may share your personal data with third parties, as set out in the table below. This list is non-exhaustive, and there may be circumstances where we need to share personal data with other third parties.

Our clients
We may share personal data with our clients for the purposes of providing them with non-exhaustive services. 

Third-party IT suppliers 
We may share personal data with third parties that assist us in delivering our Site and in operating, managing, and maintaining our internal IT systems. Such third parties may also include, for example, providers of information technology, cloud-based software-as-a-service providers, identity management, website design, hosting and management, data analysis, data services, backup, security, and storage services. The servers powering and facilitating that cloud infrastructure are located in secure data centers around the world, and personal data may be stored in any one of them. 

Payment providers and banks
We may share personal data with third parties who assist us with our invoicing and making/receiving payments.

Third-party post/email marketing and CRM specialists
We may share personal data with specialist suppliers who assist us in managing our marketing database and sending out email marketing communications.

Recruitment agencies and related organizations
We may share personal data with external recruiters, third-party providers that undertake background checks on our organization's behalf, and other entities within our group of companies for recruitment purposes.

Auditors, lawyers, accountants, and other professional advisers
We may share personal data with professional services firms who advise and assist us in relation to the lawful and effective management of our organization and in relation to any disputes we may become involved in.

Law enforcement or other government and regulatory agencies and bodies
We may share personal data with law enforcement or other government and regulatory agencies or third parties as required by, and in accordance with, applicable law or regulation.

Other third parties
Occasionally, we may receive requests from third parties with authority to obtain disclosure of personal data, such as to assure that we are complying with applicable law and regulation, to investigate an alleged crime, or to establish, exercise, or defend legal rights. We will only request personal data where we are permitted to do so in accordance with applicable law or regulation.

Transfers by fulfillment—where we disclose personal data

‍We may transmit personal data to certain third parties (as listed in the ‘Sharing your personal data’ section 11) that are located in countries that do not protect personal data to the same standard as the GDPR, including (1) our different global offices and (2) our different offices in the Omnicom Group entities, networks, or partner agencies.

These countries likely offer fewer rights regarding your personal data and lack a data protection supervisory authority to assist with processing concerns. 

However, when transferring your personal data, we will ensure that, where required by the GDPR, at least one of the following partners applies: We: (1) will only transfer your personal data to countries or organizations that have been deemed to provide an adequate level of protection for personal data by the UK Government or the European Commission; or (2) we may use specific contracts approved by the UK Government or the European Commission referred to as the “Standard Contractual Clauses” or “SSCs,” which afford personal data the same protection it has in the UK and EU. 

To find out more about the SCCs we use, please see “SSCs,” see Standard contractual clauses for international transfers | European Commission (europa.eu), or please email us at contactus@ddblatinapr.com.

In addition, where we disclose personal data that we process in connection with our participation in the EU-U.S. Data Privacy Framework, the UK Extension to that framework, and the Swiss-U.S. Data Privacy Framework, we remain liable under those frameworks in relation to our onward transfer of personal data to these countries, unless we can show that we are not responsible for the event giving rise to the damage.

‍Transfers to see Standard—where we receive personal data
‍
‍As we are headquartered in New York, USA, any data that you provide directly to us, or that we receive from third parties, may be stored in the USA. Additionally, we may transfer this data to other countries (as described above).

‍DDB Latina Puerto Rico complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF and DPF) as set forth by the U.S. Department of Commerce. DDB Latina Puerto Rico has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. DDB Latina Puerto Rico has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. Please review the Omnicom Data Privacy Framework Privacy Policy for Rico for details. DDB Latina Puerto Rico details certified under the Omnicom Data Privacy Framework certification.

‍If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program and to view our certification, please visit https://www.dataprivacyframework.gov/.

Where our use of your personal data requires your consent, you can provide such consent:

• at the time that we collect your personal data following the instructions provided; or

• by informing us by email, program, post, or phone using the contact details set out in this Privacy Notice.

Please note that if you specifically consent to additional uses of your personal data, we may use your personal data in a manner consistent with that consent.

We are committed to keeping the personal data you provide to us secure, and we have implemented information security policies, rules, and technical measures to protect the personal data under our control from unauthorized access, improper use or disclosure, unauthorized modification, and unlawful destruction or accidental loss. In addition, all our employees and unauthorized data processors (i.e., those who process your personal data on our behalf) are obliged to respect the confidentiality of the personal data of all users of our Site and those who purchase our Services.

You have the following rights in relation to the personal data we hold about you under certain circumstances:

• You have the right to obtain confirmation that we process your personal data, access and obtain copies of that information, and receive details about the processing we conduct.

• You may request that your personal data be corrected when appropriate.

• If the personal data we hold about you is inaccurate or incomplete, you may request that it be amended. However, please be aware that it is every person’s responsibility to provide us with accurate personal data and to inform us of any change (i.e., new home address or change of name).

• To request the deletion of your personal data, please do so where appropriate.

• If you demonstrate that the purpose for which the personal data is being processed is no longer legal or appropriate, the data will be deleted, unless we can demonstrate that we are required to retain it by applicable law or otherwise.

• If we have shared your personal data with others, we will let them know about the deletion where possible. If you ask us where it is possible and legal for us to do so, we will also tell you with whom we have shared your personal information so that you can contact them directly.

• To request a restriction on the processing of your personal data in certain circumstances, such as when you contest its accuracy, please do so while we investigate your concern.

• It will not prevent us from storing your personal information.

• We will tell you before we lift any restriction.

• If we have shared your personal information with others, we will inform them about the restriction whenever it is feasible for us to do so.

• If you ask us where it is possible and legal for us to do so, we will also tell you who we have shared your personal information with so that you can contact them directly.

• If the processing of your personal data is based on your consent, you can request to receive it in a commonly used electronic format or ask us to transfer it in that format to another provider, provided that your request pertains to the personal data you directly provided and that such transfer is technically feasible.

• You have the right to object to the processing of your personal data when we rely on our legitimate interests or those of a third party, including for direct marketing purposes.

• To withdraw your consent at any time when processing relies upon consent.

‍Data Subject Rights

‍Data subjects may exercise these rights verbally or in writing using our contact information provided in the ‘How to contact us’ section. We will directly endeavor to promptly respond to your requests. Legally, we must respond to your request for a copy of your personal data within a month. If we deny your request, we will provide you with the reasons for the denial.

Please note that in order for you to assert these rights, we may need to verify your identity to confirm your right to access your data. This security measure prevents unauthorized disclosure of personal data. To verify your identity, we may need to gather more personal data from you than we currently have.

‍Lodging complaints
‍
‍In addition, you may have the right to lodge certain complaints in relation to our processing of your personal data with regulators in your jurisdiction. 

If you are concerned about any aspect of our privacy practices, including the way we have handled your personal data, we encourage you to first contact us using our contact information provided in the ‘How to contact us’ section.

If the GDPR applies, you can report your concerns to the following organizations' stations:

‍European Economic Area
‍You can find a list of supervisory authorities and their contact details for the EEA at http://ec.europa.eu/justice/data-protection/bodies/authorities/indexorganizations
‍
‍United Kingdom
‍The Information Commissioner’s Office (“ICO”) is the supervisory authority in the United Kingdom. Contact details for the ICO can be found at https://ico.org.uk. 

Switzerland
‍The Federal Data Protection and Information Commissioner (“FDPIC”) is the supervisory authority in Switzerland. Contact details for the FDPIC can be found at https://www.edoeb.admin.ch/.

United States of America
‍ commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-URICO commitments. S. DPF and the UK Extension to the EU-U.S. DPF, the S. DPF, and the Swiss-U.S. DPF to JAMS, an alternative dispute resolution provider based in the United States. DDB Latina Puerto Rico DPF, S. DPF commits. commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-URICO commits. S. DPF and the UK Extension to the EU-U.S. DPF, the S. DPF, and the Swiss-U.S. DPF to JAMS, an alternative dispute resolution provider based in the United States.

If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if you are not satisfied with our response, please visit https://www.jamsadr.com/dpf-dispute-resolution for more information or to file a complaint. JAMS provides its services at no cost to you. 

Following the dispute resolution process, JAMS or you may refer the matter to the U.S. Federal Trade Commission, which has investigatory and enforcement powers over us. Under certain circumstances, you also may be able to invoke binding arbitration to address complaints about our compliance with DPF Principles.

To optout of any future promotional or marketing communications or any other commercial communications from us, you should send a request to us at the contact information in the ‘How to contact us’ section 5.

This site contains links to third-party websites and services. Please remember that when you use a link to go from our site to another website or you request a service from a third party, this privacy notice no longer applies to these third-party websites and third-party service providers unless we are acting as joint controllers in respect of your personal data with such third party.

Your browsing and interaction on any other websites, or your dealings with any other third-party service provider, are subject to that website’s or third-party service provider’s own rules and policies. We do not monitor, control, or endorse the privacy practices of any third parties.

This Site may integrate with social networking services. You understand that we neither control such services nor are liable for the manner in which they operate. While we may provide you with the ability to use such services in connection with our Site, we are doing so merely as an accommodation and, like you, are relying upon those third-party services to operate properly and fairly.

We retain personal data only for as long as is necessary for the purposes described in this Privacy Notice, after which it is deleted from our systems.

If any personal data is only useful for a short period (e.g., for a specific event or marketing campaign or in relation to recruitment), we will delete it at the end of that period. Please note that if you are an unsuccessful candidate, we may keep your information for a short period.

If you have opted out of receiving marketing communications from us, we will need to retain certain personal data on a suppression list so that we know not to send you further marketing communications in the future.

Our site is not intended for use by, or targeted at, minors (individuals under the age of 18), and we do not knowingly collect personal data of minors. However, due to the nature of the organization services we provide, we may from time to time collect and process personal data relating to minors. If we do collect personal data of minors, we will comply with all applicable laws and regulations relating to the processing of personal data of minors. 

UNITED STATES
‍CCPA