Client Privacy & Data Protection Policy

/Client Privacy & Data Protection Policy
Client Privacy & Data Protection Policy2020-05-17T17:20:32+02:00

Privacy & Data Protection are very important to us.

We are asking valued customers to share information with us (us, as in, your company and our company).  That information is given to us with trust.  We take that very seriously.  Below we outline specifically our practices & policies.  If at any time you have questions or concerns, please contact me: Kristofer Sperry, +49 0176 8747 3151   kristofer@superiorwineservice.com

We promise confidentiality.  Period.

If you would like it in writing, we are happy to provide a confidentiality agreement.

Nobody wants to answer a survey from you and suddenly start getting communications from someone else.

Our surveys are independent from any hidden service providers.  There is NO HIDDEN DATA collected by the use of cookies or otherwise.  Only the information specifically given by your customers when they answer a question is received and stored.

Data Path:

Survey development and hosting:

SWSI, llc. (we), after consultation with you (client), develop a 2-way communication tool with the sole intention of collecting responses from your customers.

We author your survey using a platform from Typeform SL:

The platform is accessible through the www.typeform.com domain name and is provided by TYPEFORM SL, with registered address at Carrer Bac de Roda, 163, local, 08018 – Barcelona (Spain), and C.I.F. (Spanish tax identification number) B65831836. The Company is registered in the Commercial Registry of Barcelona, page B-421911, folio 145, volume 43262. You may contact them by sending an email to support@typeform.com or filling out this Typeform.

Typeform SL uses the services of Amazon AWS Cloud Hosting.  They use redundant servers that are located in Frankfurt, DE and Richmond, VA (USA).

How Amazon AWS Cloud Hosting Secures Information:

At AWS, security is our highest priority. We design our systems with your security and privacy in mind.

  • We maintain a wide variety of compliance programs that validate our security controls. Click here to learn more about our compliance programs.
  • We protect the security of your information during transmission to or from AWS websites, applications, products, or services by using encryption protocols and software.
  • We follow the Payment Card Industry Data Security Standard (PCI DSS) when handling credit card data.
  • We maintain physical, electronic, and procedural safeguards in connection with the collection, storage, and disclosure of personal information. Our security procedures mean that we may request proof of identity before we disclose personal information to you.

EU-US and Swiss-US Privacy Shield

Amazon Web Services, Inc. participates in the EU-US and Swiss-US Privacy Shield frameworks. Click here to learn more.

  • For any prospective or current customers of Amazon Web Services EMEA SARL, our mailing address is: Amazon Web Services EMEA SARL, 38 Avenue John F. Kennedy, L-1855, Luxembourg, ATTN: AWS EMEA Legal

If you have any concern about privacy at AWS or want to contact one of our data controllers, please contact Amazon Web Services.

Personal Information:

Data protection regulations (EU & UK & Swiss GDPR) define what rights and expectations a customer may have of us when they give us their personally identifiable information.  Anonymous information (information given without a connecting email address or other personal identifier) is not subject to GDPR regulations and practices.

ALL  customer interactions (regardless of location) on behalf of our clients is handled confidentially and in accordance with EU & UK & Swiss GDPR regulations.  These being the most comprehensive, it is used as the highest standard.

All data collected on behalf of our clients is stored on the Google Cloud.

7.1 Google’s Security Measures, Controls and Assistance.

7.1.1 Google’s Security Measures. Google will implement and maintain technical and organizational measures to protect Customer Data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access as described in Appendix 2 (the “Security Measures”). The Security Measures include measures to encrypt personal data; to help ensure ongoing confidentiality, integrity, availability and resilience of Google’s systems and services; to help restore timely access to personal data following an incident; and for regular testing of effectiveness. Google may update the Security Measures from time to time provided that such updates do not result in the degradation of the overall security of the Services.

7.1.2 Security Compliance by Google Staff. Google will: (a) take appropriate steps to ensure compliance with the Security Measures by its employees, contractors and Subprocessors to the extent applicable to their scope of performance, and (b) ensure that all persons authorized to process Customer Personal Data are under an obligation of confidentiality.

Primary customer rights under GDPR:

  • Knowledge & transparency:  Your customers have the right to know how their information will be used.  We provide a clear explanation of how data is collected & used by us.  You provide (in your privacy policy) an explanation of how you will use their information.  THE MAIN OBJECTION to data collection is that it is freely given to one party, but unknowingly sold or given to another party.  SWSI, llc will not participate in these deceptive actions.  Clients who do will be immediately terminated and their customers will be notified in accordance with GDPR regulations.
  • The right to be forgotten:  Your customers can be erased from your collection spreadsheet with a quick email to you asking to be erased.  When you receive this email, go to your Google Spreadsheet and erase their primary entry.  This is a permanent deletion of their record.  Your next step is to erase them from any internal communication & data collection interfaces that you have.