Do you have any questions that I can help you with?
Language 
Core Services Corporation
E.U. Safe Harbor Privacy Policy Statement
Core Services Corporation ("Core") is an applications services provider ("ASP"). It implements, hosts, and manages the functionality of the software of commercial enterprise clients who may be controlling and transferring HR or financial related information of European Union ("EU")-based personnel or customers. Core does not control personal information belonging to its clients or its clients' employees or customers. In providing its services, Core only collects EU-based personnel or client personnel data from its clients, not directly from individuals, and it only uses the personal data for limited purposes, i.e., in testing and managing the functionality of its clients' software. Core maintains strict confidentiality agreements with detailed non-disclosure obligations with all its clients, agents, and affiliates. To the extent that Core is subject to any EU privacy regime, it is in its capacity as a data processor.
Core recognizes that privacy is very important to our customers, and we pledge to protect the security and privacy of any personal information that customers provide to us. This includes customer's names, addresses, telephone numbers, email addresses and any information that can be linked to an individual. Not only does Core strive to collect, use and disclose personal information in a manner consistent with the laws of the countries in which it does business, but it also has a tradition of upholding the highest ethical standards in its business practices. Additionally, Core's standard contracts obligate its clients, the "data controllers", by contract to (i) adhere to all applicable laws and regulations; and (ii) indemnify Core in the event of a third-party claim that there has been a violation of any such law or regulation. This Safe Harbor Privacy Policy Statement (the "Statement") sets forth the privacy principles that Core follows with respect to transfers of personal information from the European Union ("EU") to the United States.
SAFE HARBOR
The United States Department of Commerce and the European Commission have agreed on a set of data protection principles and frequently asked questions (the "Safe Harbor Principles") to enable U.S. companies to satisfy the EU law requirement that personal information transferred from individuals within the European Economic Area ("EEA") to the United States be adequately protected. Consistent with its pledge to protect personal privacy, Core adheres to the Safe Harbor Principles and has self-certified compliance with the U.S.-EU Safe Harbor Framework, http://web.ita.doc.gov/safeharbor/shlist.nsf/ webPages/safe+harbor+list; www.export.gov/safeharbor.
SCOPE
Core generally does not collect information directly from individuals within the EEA. Core merely acts as a data processor for its enterprise business customers. This Statement applies to personal information knowingly received and processed by Core in the United States from the EEA, specifically, personal information collected from Core's business clients concerning their employees or customers in the context of the services Core performs.
DEFINITIONS
The following definitions shall apply throughout this Statement:
"Agent" means any third party that uses personal information provided to Core to perform tasks on behalf of and under the instructions of Core.
"Core" means Core Services Corporation, its successors, subsidiaries, divisions and groups in the United States.
"Personal information" means any information or set of information that identifies or could be used by or on behalf of Core to identify an individual. Personal information does not include information that is encoded, anonymized, aggregated or publicly available information that has not been combined with non-public personal information.
"Sensitive personal information" means personal information that reveals race, ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, or that concerns health or sex life. In addition, Core will treat as sensitive personal information any information received from a third party where that third party treats and identifies the information as sensitive.
PRIVACY PRINCIPLES
The privacy principles in this Statement are based on the Safe Harbor Principles and shall be interpreted in a manner not inconsistent with the Safe Harbor Principles.
NOTICE: Core is contracted by its enterprise clients to implement, host and manage their software applications, which may require Core to process its clients' data for the purpose of enabling or testing the functionality of their software. The client data processed by Core may include personal information about a client's employees, customers or other individuals. This information is controlled by Core's clients and may be processed by Core to facilitate Core's clients' human resources information management and other computer systems' functionality. Core is not responsible for the content of the information it collects, which may include personal information, nor is it responsible for the way its clients treat their employees' or customers' personal information.
If Core does collect personal information directly from individuals within the EEA, it will inform them about the purposes for which it collects and uses their personal information, the types of non-agent third parties, if any, to which Core discloses that information, and the choices and means, if any, that Core offers individuals for limiting the use and disclosure of their personal information. Notice will be provided in clear and conspicuous language when individuals are first asked to provide personal information to Core, or as soon as practicable thereafter, and in any event before Core uses the information for a purpose other than that for which it was originally collected.
If Core receives personal information from its subsidiaries, affiliates or other entities within the EEA, it will use such information in accordance with the notices such entities provided and the choices made by the individuals to whom such personal information relates.
CHOICE: Core generally does not collect information directly from individuals within the EEA. It merely acts as a data processor for its enterprise business clients. If Core does collect information directly from individuals within the EEA, it will, where applicable, offer such individuals the choice to opt out of having their personal information disclosed to a third party that is not an agent or used for a purpose other than for which it was collected originally. Similarly, to the extent its applicable and required by the Safe Harbor Principles, Core will offer individuals from whom it directly collects information the opportunity to choose (opt-out) whether their personal information is (a) to be disclosed to a non-agent third party, or (b) to be used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual.
If Core does collect sensitive personal information directly from individuals within the EEA, it will, where applicable, offer such individuals the choice and opportunity to affirmatively and explicitly (opt-in) consent to the disclosure of the information to a non-agent third party or the use of the information for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual.
Core will provide individuals with reasonable methods to exercise their choices.
DATA INTEGRITY: Core will take reasonable steps to ensure that personal information is relevant to its intended use, accurate, complete, and current.
TRANSFERS TO AGENTS: Core will obtain reasonable assurances from its agents that they will safeguard personal information knowingly collected by Core concerning individuals residing in the EEA consistently with this Statement and the Safe Harbor Principles. If Core has knowledge that an agent is using or disclosing personal information in a manner contrary to this Statement, Core will take reasonable steps to prevent or stop the use or disclosure.
ACCESS AND CORRECTION: Upon an individual's request, if feasible or applicable, Core will offer individuals from whom it directly collects information reasonable access to their personal information and will afford such individuals a reasonable opportunity to correct, amend, or delete inaccurate information. If an employee of one of Core's clients would like to access personal information about him or her that is processed by Core, the employee should make a written request to his or her employer's local human resources representative as well as to Core. For security and business purposes, Core may have to coordinate such a response with its client, the individual's employer. The client or Core, in limited instances, may then contact the employee and ask the employee to provide it with various pieces of personal information to process the request. Core may limit or deny access to personal information where providing such access would be unreasonably burdensome or expensive under the circumstances or as otherwise permitted by the Safe Harbor Principles.
SECURITY: Core will take reasonable precautions to protect personal information in its possession from loss, misuse and unauthorized access, disclosure, alteration and destruction. Core safeguards information according to established security standards and periodically assesses new technology for methods of protecting information. However, Core cannot guarantee the security of personal information
ENFORCEMENT: Core will conduct periodic assessments of its relevant privacy practices to verify adherence to this Statement. Core will investigate suspected infractions and will take all appropriate action.
DISPUTE RESOLUTION: Any questions or concerns regarding the use or disclosure of personal information should be directed to Core at the address given below. Core will investigate and attempt to resolve complaints and disputes regarding use and disclosure of personal information in accordance with the principles contained in this Statement. For complaints that cannot be resolved between Core and the complainant, Core has agreed to participate in the dispute resolution procedures of the panel established by the European data protection authorities to resolve disputes pursuant to the Safe Harbor Principles.
CONTACT INFORMATION
Questions or comments regarding this Statement should be submitted to the Core's General Counsel by mail or e-mail as follows:
Core Services Corporation
ATTN: General Counsel
123 Headquarters Plaza, North Tower
Morristown, NJ 07849
Email: rkaiser@CoreServices.com
LIMITATIONS: Core's adherence to the Safe Harbor Principles may be limited by its role as a data processor as well as any applicable legal, regulatory, ethical, or public interest consideration, and as expressly permitted or required by any applicable law, rule, or regulation. Examples of such limitations include (1) exceptions to the opt-in requirements for sensitive personal information permitted by Commission Decision 2000/520/EC of 26 July 2000, (2) exceptions on access as permitted by Safe Harbor Principles, or (3) limitations under applicable EEA member state directives. Core also may disclose personal information reasonably related to the sale or disposition of all or part of its business.
INTERNET PRIVACY POLICY: Core maintains a distinct Internet Privacy Policy governing the privacy of information collected by Core online through its United States Website, which can he viewed at http://www.coreservices.com/privacy.php.
CHANGES TO THIS SAFE HARBOR PRIVACY POLICY STATEMENT
This Statement may be amended from time to time, consistent with the requirements of the Safe Harbor Principles. Core will provide appropriate public notice about such amendments.
EFFECTIVE DATE: October 16, 2008
Find out from our customers
of 