Iron Mountain

Active Participant

Other Covered Entities

Crozier Fine Arts
Iron Mountain Data Centers, LLC
Iron Mountain Global, LLC
Iron Mountain Incorporated
Iron Mountain Information Management Services, Inc.
Iron Mountain Information Management, LLC
Iron Mountain Intellectual Property Management, Inc.
Iron Mountain Secure Shredding, Inc.

Industries

  • Information and Communications Technology

Participation

UK Extension to the EU-U.S. Data Privacy Framework Framework: Active

Original Certification Date: 10/19/2023
Next Certification Due Date: 10/18/2024
Data Collected: NON-HR

Swiss-U.S. Data Privacy Framework Framework: Active

Original Certification Date: 5/15/2017
Next Certification Due Date: 10/18/2024
Data Collected: NON-HR

EU-U.S. Data Privacy Framework Framework: Active

Original Certification Date: 12/7/2016
Next Certification Due Date: 10/18/2024
Data Collected: NON-HR

Purpose of Data Collection

Non-HR Data: Business/Customer Personal Data may be transferred or accessed on behalf of current, former and potential customers, suppliers, vendors and agents. It relates to e.g., sales and marketing (including providing customers and prospective customers with marketing information on services and products), analysis of customer and prospective customer data in order to provide enhanced customer service and more effective communications, website content selection, website user friendliness and navigation, for purposes of managing the Organization's inventory management systems, including potential personal data of customers recorded in such inventory management systems, for purposes of digital imaging, electronic vaulting or digital archiving or other forms of electronic storage or transmittal of data, including potential personal data stored by customers with the Organization in connection with any of the foregoing services; as well as the physical transfer of documents or media of the Organization or that of its customers that may contain personal data.

Privacy Policy

Non-HR Data

Document: US Website Privacy Notice
Description:

This notice is adopted by: Iron Mountain Incorporated, its participating subsidiaries (including former Recall entities) and joint venture partners which are part of the Iron Mountain service system, and other entities which directly or indirectly are controlled by Iron Mountain (each, an Affiliate, with Iron Mountain and its Affiliates being collectively referred to as Iron Mountain).

Effective Date: 7/1/2021

Verification Method

Self-Assessment

Dispute Resolution

Questions or Complaints?

If you have a question or complaint regarding the covered data, please contact Iron Mountain Incorporated at:

STEVE LESTER
CORPORATE COUNSEL
Iron Mountain Incorporated
1 Federal St
Boston, Massachusetts 02110-2012
steve.lester@ironmountain.com
Phone: (617) 535-4766

Privacy Shield organizations must respond within 45 days of receiving a complaint.

If you have not received a timely or satisfactory response from Iron Mountain Incorporated to your question or complaint, please contact the independent recourse mechanism listed below


NON-HR RECOURSE MECHANISM

UK Information Commissioner's Office (ICO)
ICDR-AAA DPF IRM Service
Swiss Federal Data Protection and Information Commissioner (FDPIC)
EU Data Protection Authorities (DPAs)


Appropriate statutory body with jurisdiction to investigate any claims against Iron Mountain Incorporated regarding possible unfair or deceptive practices and violations of laws or regulations covering privacy Federal Trade Commission