Other Covered Entities

Octiv, Inc.

Participation

EU-U.S. Privacy Shield Framework: Active

Original Certification Date: 8/29/2016
Next Certification Due Date: 6/14/2018
Data Collected: HR, NON-HR

Swiss-U.S. Privacy Shield Framework: Active

Original Certification Date: 6/14/2017
Next Certification Due Date: 6/14/2018
Data Collected: NON-HR

Purpose of Data Collection

NON-HR DATA: Depending on who you are and how you interact with us we may collect different data about you. Regardless, we will only collect information if we have a reason to do so and only to the extent necessary for that specific business purpose. Conga collects data regarding its current customers (“Customers”), potential customers (“Prospects”) and website visitors (“Visitors”) or event attendees (“Attendees”). An overview of the categories of information we collect is outlined below: We collect information that you voluntarily provide, such as by subscribing to Conga marketing communications, registering for events, or providing testimonials for our use on our Websites or other promotional materials. Information you directly provide to us include your personal identification data (for example, name, surname) and contact information (phone, email, address, country). Additional transaction and billing information is also required when procuring Conga Services or registering for Conga fee-based events. We also collect information automatically when you visit our Websites our use our Services. This information may include things such as your Internet protocol (IP) address, browser type, internet service provider, referring/exit pages, operating system, date and time stamp and clickstream data. HUMAN RESOURCES DATA: In the normal course of human resources and business activities, Conga will process the following categories of personal information about its employees: • Personal identification information, such as your name, home address, date of birth, gender, work- related photographs, and phone number(s); • Government-issued identification numbers, such as national ID or passport for payroll and travel purposes; • Immigration, right-to-work and residence status; • Family and emergency contact details; • Job-related information, such as years of service, work location, employment ID, work record, vacation absences, and contract data; • Educational and training information, such as your educational awards, certificates and licenses, vocational records and in-house training attendance; • Recruitment and performance-related data, such as resumes, objectives, ratings, comments, feedback results, career history, work equipment, career and succession planning, skills and competencies and other work-related qualifications; • Information related to your usage of Conga’s assets, in particular its computers and telecommunication systems, and traffic generated on Internet; • Voicemails, e-mails, correspondence, documents, and other work product and communications created, stored or transmitted using our networks, applications, devices, computers or communications equipment; • Acknowledgements regarding our policies, including employee handbooks, ethics and/or conflicts of interest policies and computer and other corporate resource usage policies; • Information needed for compliance and risk management, such as disciplinary records, background check reports and security data; and • Payroll and payment or benefits related information, such as salary and insurance information, dependents, government identifier or tax numbers, bank account details, and employment related benefits information, family and dependent information.

Privacy Policy

HR Data

HR Data Privacy Policy
Description:

The HR policy pertaining to EU data is the same as what is here: www.getconga.com/privacy except internally there is this language: "Where applicable for employee matters, Conga commits to cooperation with the panel of the EU Data Protection Authorities (DPAs), the state or national data protection authority where the employee works or the Swiss Federal Data Protection and Information Commissioner (FDPIC), as applicable, to investigate unresolved complaints. “ The HR policy is contained within our Employee Handbook.

Effective Date: 5/2/2017

HR and Non-HR Data

Description:

This notice explains how Conga handles the personal information of European Union employees, applicants, interns, former employees, dependents, beneficiaries, contractors, consultants and temporary agency workers in the course of its activities.

Effective Date: 5/25/2018

Non-HR Data

Description:

The Conga Privacy Policy describes how the organization implements the Privacy Shield Principles with respect to the personal data of individuals who are covered by the company's non-HR Privacy Shield certification.

Effective Date: 5/2/2017

Verification Method

Self-Assessment

Dispute Resolution

Questions or Complaints?

If you have a question or complaint regarding the covered data, please contact AppExtremes, LLC DBA Conga at:

Alev Viggio
Compliance and Privacy Manager
AppExtremes, LLC DBA Conga
390 Interlocken Crescent, Suite 500
Broomfield, Colorado 80021

Privacy Shield organizations must respond within 45 days of receiving a complaint.

If you have not received a timely or satisfactory response from AppExtremes, LLC DBA Conga to your question or complaint, please contact the independent recourse mechanism listed below


HR RECOURSE MECHANISM

NON-HR RECOURSE MECHANISM



Appropriate statutory body with jurisdiction to investigate any claims against AppExtremes, LLC DBA Conga regarding possible unfair or deceptive practices and violations of laws or regulations covering privacy Federal Trade Commission