Data Privacy Framework

Last updated: September 28, 2023

AppWrap complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, set forth by the U.S. Department of Commerce. AppWrap has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) Program, and to view our certification, please visit https://www.dataprivacyframework.gov/

This AppWrap Data Privacy Framework Policy (“Data Privacy Framework Policy”) and the AppWrap Privacy Policy (“Privacy Policy”) describe the privacy practices that we implement for Personal Data received from the EEA or UK in reliance on the Data Privacy Framework.

Data Privacy Framework Principles

1. and 2. Notice and Choice

Our Privacy Policy describes how we use Personal Data we receive from different sources. This Data Privacy Framework Policy describes how we process Personal Data covered by the Data Privacy Framework.

If you are a Client, AppWrap may act as an agent for you in relation to the Personal Data that you provide or make available to AppWrap. AppWrap usually will not have a relationship with your Customers. Here, the Client is responsible for ensuring that Customers are provided with appropriate notice and choice with respect to their Personal Data.

In its role as a controller and as required by applicable law, AppWrap generally offers individuals in the EU and UK (together: “EEA/UK Consumers”) the opportunity to choose whether their Personal Data may be (i) disclosed to third-party controllers or (ii) used for a purpose that is materially different from the purposes for which the information was originally collected or subsequently authorized by the relevant EEA/UK Consumer. To the extent required by the Data Privacy Framework Principles, AppWrap obtains opt-in consent for certain uses and disclosures of sensitive data. EEA/UK Consumers may contact AppWrap as indicated below regarding the AppWrap’s use or disclosure of their Personal Data. Unless AppWrap offers EEA/UK Consumers an appropriate choice, AppWrap uses Personal Data only for purposes that are materially the same as those indicated in this Policy.

3. Data Integrity and Purpose Limitation

We only collect Personal Data that is relevant to providing our Services. We process Personal Data compatible with us providing the Services or as otherwise notified to you. We take reasonable steps to ensure that the Personal Data received under the Data Privacy Framework is needed for AppWrap’s Services, accurate, complete, and current.

4. Accountability for Onward Transfers

This Policy and the Privacy Policy describe how AppWrap shares Personal Data.

Except as permitted or required by applicable law and in accordance with AppWrap’s role as a controller or processor, AppWrap provides EEA/UK Consumers with an opportunity to opt out of sharing their Personal Data with third-party controllers. AppWrap requires third-party controllers to whom it discloses the Personal Data of EEA/UK Consumers to contractually agree to (a) only process the Personal Data for limited and specified purposes consistent with the consent provided by the relevant EEA/UK Consumer, (b) provide the same level of protection for Personal Data as is required by the Data Privacy Framework Principles, and (c) notify AppWrap and cease processing Personal Data (or take other reasonable and appropriate remedial steps) if the third-party controller determines that it cannot meet its obligation to provide the same level of protection for Personal Data as is required by the Data Privacy Framework Principles.

AppWrap may disclose Personal Data to trusted third parties as indicated in the Privacy Policy without offering an opportunity to opt out. AppWrap requires that its agents and service providers that have access to Personal Data within the scope of this Data Privacy Framework Policy provide the same level of protection as required by the Data Privacy Framework Principles. We ensure that our agents process Personal Data received under the Data Privacy Framework in a manner consistent with our obligations under the Data Privacy Framework Principles, unless we prove that we are not responsible for the event giving rise to the damage.

We may also need to disclose Personal Data in response to lawful requests by public authorities, for law enforcement or national security reasons, or when such action is necessary to comply with a judicial proceeding or court order, or when otherwise required by law. We do not offer an opportunity to opt out from this category of disclosure.

In cases of onward transfer to third parties of data of EU/UK individuals received pursuant to the EU-US Data Privacy Framework and the UK Extension to the EU-U.S. DPF, AppWrap is potentially liable.

5. Data Security

We use reasonable and appropriate physical, electronic, and administrative safeguards to protect Personal Data from loss, misuse and unauthorized access, disclosure, alteration and destruction, taking into account the nature of the Personal Data and the risks involved in processing that information.

6. Access to Personal Data

Our Privacy Policy explains how you may access and/or submit requests to review, correct, update, suppress, or delete Personal Data. You can ask to review and correct Personal Data that we maintain about you by sending a written request to privacy@nullappwrap.tech. We may limit or deny access to Personal Data where providing such access is unreasonably burdensome, expensive under the circumstances, or as otherwise permitted by the Data Privacy Framework Principles.

When AppWrap acts on behalf of its Clients, AppWrap will assist Clients in responding to individuals exercising their rights under the Data Privacy Framework Principles.

If you are a Customer of a Client, please contact the Client directly with your request to access or limit the use or disclosure of your Personal Data. If you contact us with the name of the Client to which you provided your Personal Data, we will refer your request to that Client and support them in responding to your access request.

7. Recourse, Enforcement and Dispute Resolution

If you have any questions or concerns, please write to us at the address listed below. We will investigate and attempt to resolve complaints and disputes regarding use and disclosure of Personal Data in accordance with the Data Privacy Framework Principles.

In the event we are unable to resolve your concern, you may contact United States Council for International Business (http://www.uscib.org/privacy-shield/), which provides an independent third-party dispute resolution body based in the United States, and they will investigate and assist you free of charge.

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, AppWrap commits to resolve DPF Principles-related complaints about our collection and use of your personal information. EU and UK individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, should first contact AppWrap at:

privacy@nullappwrap.tech or please write to the following address:
AppWrap, LLC.
1925 Century Park E
Suite 1700
Los Angeles, CA 90067

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, AppWrap commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner’s Office (ICO) with regard to unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF.

8. Miscellaneous

AppWrap is subject to investigatory and enforcement powers of the U.S. Federal Trade Commission.


You may have the option to select binding arbitration under the Data Privacy Framework Panel for the resolution of your complaint under certain circumstances.

 

Contact Information

If you have any questions regarding this Data Privacy Framework Policy, please contact us by email at privacy@nullappwrap.tech, or please write to the following address:

AppWrap, LLC.
1925 Century Park E
Suite 1700
Los Angeles, CA 90067
Attention: AppWrap Legal

Changes to this Data Privacy Framework Policy

This Data Privacy Framework Policy may be changed from time to time, consistent with the requirements of the Data Privacy Framework and in accordance with the process described in the Privacy Policy. You can determine when this Data Privacy Framework Policy was last revised by referring to the “LAST UPDATED” date at the top of this page.