Other Covered Entities
Industries
- Design and Construction
- Design and Construction Services
- Engineering Services
Participation
UK Extension to the EU-U.S. Data Privacy Framework Framework: Active
EU-U.S. Data Privacy Framework Framework: Active
Purpose of Data Collection
Brand Industrial Services, Inc. and its U.S. subsidiaries and affiliates listed in this certification (collectively, "Brand") may obtain and process certain personal data of individuals located in the EU and UK in connection with: (1) supplying goods or services; (2) processing business transactions and related activities; (3) managing enterprise customer, supplier and vendor relationships; (4) responding to individuals' inquiries or communicating with individuals about questions or comments; (5) individuals' use of the company's website; (6) enforcing contractual terms and conditions or defending against claims and lawsuits; (7) marketing services; (8) operating, evaluating and improving Brand's business (including developing new services; enhancing and improving services; managing communications; analyzing services; and performing accounting, auditing, financial and economic analyses, and other internal functions); (9) protecting against, identifying and preventing fraud and other unlawful activity, investigating incidents or defending claims and other liabilities; and (10) complying with and enforcing applicable legal requirements, relevant industry standards and Brand policies. The types of relevant personal data Brand collects about individuals include: (1) name, contact information and other business identification details; and (2) information obtained via the company's website, such as IP address. In addition, Brand obtains and processes personal data about its employees and the employees of its subsidiaries and affiliates, located in the EU and UK, when carrying out and supporting administrative and human resources functions and activities. Brand may disclose the relevant personal data to recipients such as (1) the company's affiliates and subsidiaries, including those listed in this certification, (2) third-party controllers and (3) third-party processors the company has retained to perform services on its behalf and pursuant to its instructions. Brand also may disclose the relevant personal data if it is required to do so by law or legal process or in response to lawful requests from public authorities, including to meet national security, public interest or law enforcement requirements.
Privacy Policy
HR Data
The Brand Data Privacy Framework Employee Privacy Policy describes how the company implements the DPF Principles for relevant employee personal data. The Policy is available to employees on the company’s Intranet.
Non-HR Data
The Brand Data Privacy Framework Covered Person Privacy Policy describes how the company implements the DPF Principles with respect to the personal data of certain individuals who are covered by the company’s DPF certification.
Verification Method
Self-Assessment
Dispute Resolution
Questions or Complaints?
If you have a question or complaint regarding the covered data, please contact Brand Industrial Services, Inc. at:
EVP, Chief Legal Officer
Atlanta, Georgia 30339
Privacy Shield organizations must respond within 45 days of receiving a complaint.
If you have not received a timely or satisfactory response from Brand Industrial Services, Inc. to your question or complaint, please contact the independent recourse mechanism listed below
HR RECOURSE MECHANISM
NON-HR RECOURSE MECHANISM
Appropriate statutory body with jurisdiction to investigate any claims against Brand Industrial Services, Inc. regarding possible unfair or deceptive practices and violations of laws or regulations covering privacy Federal Trade Commission