Effective September 2, 2013 (updated September 5, 2018)
1. About this document – who we are
1.1 During the course of providing our services to you we, TheMIGroup, will process personal data (which may be held on paper, electronically, or otherwise) about you and we recognize the need to treat it in an appropriate and lawful manner, in accordance with all applicable data protection laws (“Data Protection Laws”). The purpose of this notice is to make you aware of how we will handle your personal data and this policy (including any documents referred to in it) sets out the basis on which any personal data we collect from you, or you provide to us, or we are provided by third parties, will be processed.
1.2 For the purposes of the Data Protection Laws, the data controller is TheMIGroup of 1625 State Route 10, Morris Plains, NJ 07950–2900 USA. Contact details for our various local offices can be found at www.themigroup.com/publicsite/about/office-locations/.
2. Fair and lawful processing
We will usually only process your personal data where we have a legal basis for doing so, such as (but not limited to) where you have given your consent, the performance of a contract between you and us or where the processing is necessary to comply with our legal obligations. Please be informed our organization is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).
3. Compliance with EU-U.S. Privacy Shield Principles
TheMIGroup commits to cooperate with EU data protection authorities (DPAs) with regard to human resources data transferred from the EU in the context of the employment relationship.
In compliance with the Privacy Shield Principles, TheMIGroup commits to resolve complaints about our collection or use of your personal information. Individuals in the European Union with inquiries or complaints regarding our Privacy Shield policy should first contact Chris Shull, Chief Information Security Officer, at email@example.com or Privacy Officer, TheMIGroup, 1625 State Route 10, Morris Plains, NJ 07950–2900 USA.
TheMIGroup has further committed to refer unresolved Privacy Shield complaints to American Arbitration Association – International Centre for Dispute Resolution, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact or visit American Arbitration Association – International Centre for Dispute Resolution for more information or to file a complaint, please contact:
American Arbitration Association
International Centre for Dispute Resolution
120 Broadway, 21st Floor
New York, NY 10271
Customer Service (ICDR within the United States): 212.484.4181 or 888.855.9575
Customer Service (ICDR outside the United States): 212.484.4181
Hours of Operation 9:00 AM EST – 8:00 PM EST- Monday through Friday
The services of American Arbitration Association – International Centre for Dispute Resolution are provided at no cost to you.
Under certain limited conditions, individuals may invoke binding arbitration as a last resort before the Privacy Shield Panel.
4. How we are likely to use your personal data
We use information held about you in the following ways:
4.1 Information you give us. You may give us information about yourself by filling in forms on our site www.themigroup.com (our site) or by corresponding with us by phone, e-mail or otherwise. This includes information you provide when you register to use our site, subscribe to or use our services, information you give us when we handle your relocation or assignment and when you report a problem with our site. The information you give us may include your name, address, e-mail address and phone number, financial and credit card information, personal description and photograph, work visa and immigration information, and any medical information required as part of your relocation or assignment.
4.2 Information we collect about you. With regard to each of your visits to our site we may automatically collect the following information:
- (a) technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
- (b) information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service number.
4.3 Information we receive from other sources. We may receive information about you if you use any of the other websites we operate or the other services we provide. In this case we will have informed you when we collected that data that it may be shared internally and combined with data collected on our site or through the provision of our services. We are also working closely with third parties (including, for example, your employer, relocation service providers, business partners, sub-contractors in technical, payment and delivery services, analytics providers, search information providers, credit reference agencies, government departments and agencies, Customs and border agencies) and may receive information about you from them.
5. Processing for limited purposes
We will only process your personal data for the specific purpose or purposes notified to you or for any other purposes specifically permitted by the Data Protection Laws. Your personal data will only be processed to the extent that it is necessary for the specific purposes notified to you. We may use information held about you in the following ways:
5.1 Information you give to us. We will use this information:
- (a) to carry out our obligations arising from any contracts entered into between yourself and us and to provide you with the information, products and services that you request from us;
- (b) to engage the services of, or put you in contact with, third party service providers where requested to do so by you;
- (c) to provide you with information about other services we offer that are similar to those that you have already received or enquired about;
- (d) to notify you about changes to our service;
- (e) to ensure that content from our site is presented in the most effective manner for you and for your computer.
5.2 Information we collect about you. We will use this information:
- (a) to provide the services to you that you, or your employer, have requested;
- (b) to administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- (c) to improve our site to ensure that content is presented in the most effective manner for you and for your computer;
- (d) to allow you to participate in interactive features of our service;
- (e) as part of our efforts to keep our site safe and secure.
5.3 Information we receive from other sources. We may combine this information with information you give to us and information we collect about you. We may use this information and the combined information for the purposes set out above (depending on the types of information we receive).
5.4 You do not have to provide us with your personal information; however, if you do not, we will be unable to provide you with relocation services that require this information.
6. Disclosure of your information
6.1 We may share your personal information with any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries.
6.2 We may share your information with selected third parties including:
- (a) Business partners, your employer, suppliers and sub-contractors for the performance of our services or of any contract we enter into with them or you.
- (b) Financial institutions, government departments or agencies, Customs and border agencies, landlords, car rental companies and any other organization or service provider that you request us to share your information with.
- (c) Analytics and search engine providers that assist us in the improvement and optimization of our site.
- (d) Credit reference agencies for the purpose of assessing your credit score where this is a condition of us entering into a contract with you.
6.3 We may disclose your personal information to third parties:
- (a) In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
- (b) If TheMIGroup or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
- (c) If we are under duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply the terms and conditions of agreement with you; or to protect the rights, property, or safety of TheMIGroup, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.
6.4 Where the services you request from us involve the importing or exporting of your household goods or property into or via the United States of America, there is a risk that some of your personal information may legally be obtained and published on websites by certain media organizations. This personal information includes information, such as, your legal name, address and, depending upon the country of origin and/or destination, information such as your date of birth and passport number may also be accessible. For further information on this matter and for details of how to prevent the disclosure of your personal information, please contact us at firstname.lastname@example.org.
7. Use, Choice and Acceptance
7.1 Your decision to provide us with your personal information and to use our website is voluntary. Before providing you with services, we will issue you with a Notice of Consent Form and you may elect to prohibit us from using your personal information and thereby prohibit us from using or sharing any such personal information with our approved suppliers and subcontractors who assist us in providing services authorized by your employer. If you do choose to opt-out, we may be prevented from providing you (your family and/or domestic partner) with employer-approved services and we shall inform your employer of your election.
9. Accurate data
We will keep the personal data we store about you accurate and up to date. Data that is inaccurate or out of date will be destroyed. Please notify us if your personal details change or if you become aware of any inaccuracies in the personal data we hold about you.
10. Data retention
10.1 We will not keep your personal data for longer than is necessary for the purpose. This means that data will be destroyed or erased from our systems when it is no longer required. For further details, a copy of our Data Retention Policy is available here.
10.3 Our accountability for personal data that we receive under the Privacy Shield and subsequently transfer to a third party is described in the Privacy Shield Principles. In particular, We remain responsible and liable under the Privacy Shield Principles if subcontractors or other third-party agents that we engage to process your personal data on our behalf do so in a manner inconsistent with the Privacy Shield Principles, unless we prove that we are not responsible for the event giving rise to the damage.
11. Processing in line with your rights
Our site may, from time to time, contain links to and from the websites of our partner networks and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
12. Data security
12.1 We will ensure that appropriate measures are taken against unlawful or unauthorized processing of personal data, and against the accidental loss of, or damage to, personal data.
12.2 We have in place procedures and technologies to maintain the security of all personal data from the point of collection to the point of destruction. We will only transfer personal data to a third party if it agrees to comply with those procedures and policies, or if it puts in place adequate measures itself.
12.3 Maintaining data security means guaranteeing the confidentiality, integrity and availability (for authorized purposes) of the personal data. Where we have given you a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential and such password should not be shared with anyone.
12.4 Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorized access.
13. Providing information to third parties
We will not disclose your personal data to a third party without your consent unless we are satisfied that they are legally entitled to the data. Where we do disclose your personal data to a third party, we will have regard to the eight data protection principles established in the Data Protection Act 1998 (“DPA”) as follows:
13.1 Personal data shall be processed fairly and lawfully. This requires:
- (a) justifying ground for processing (e.g. the individual has consented or the processing is necessary to comply with a legal obligation, or to perform a contract with the individual); and
13.3 Personal data must be adequate, relevant and not excessive in relation to the purpose for which they are processed.
13.4 Personal data shall be accurate and, where necessary, kept up to date.
13.5 Personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.
13.6 Personal data shall be processed in accordance with the rights of data subjects. These rights include, in particular, the right of subject access (i.e. to request details (and copies) of their personal data which are being processed by or on behalf of that data controller).
13.7 Appropriate technical and organizational measures to be taken to protect personal data.
13.8 Personal data shall not be transferred to a country outside the European Economic Area unless that country or territory ensures an adequate level of protection.
As mentioned above, TheMIGroup will comply with its obligations under the EU Data Protection Directive.
14. Access to your data
If you wish to know what personal data we hold about you, you must make the request in writing. Access to your personal data will be granted in accordance with the Data Protection Laws and a fee may be payable. All such requests should be forwarded to us at email@example.com or Privacy Officer, TheMIGroup, 1625 State Route 10, Morris Plains, NJ 07950–2900 USA.