Purpose and Scope
- Dwellworks, LLC;
- Dwellworks Destination Services, LLC;
- Dwellworks Property Advising Services, Inc;
- Dwellworks Property Advisors, LLC; and
- Dwellworks Residential Services, LLC
(together referred to as "Dwellworks").
For all other purposes, this policy applies to all affiliated entities of Dwellworks, including Irish Relocation Services Limited and Dwellworks GmbH.
Dwellworks, LLC is a limited liability company incorporated in Ohio, USA with its headquarters at 1317 Euclid Avenue, Cleveland, Ohio 44115. The other Dwellworks companies are wholly-owned subsidiaries of Dwellworks, LLC.
Due to the global nature of the mobility industry and Dwellworks’ business operations, the transfer of personal data across national borders may occur. Dwellworks respects and strives to protect the privacy of its supply chain partners and transferees. Personally identifiable information and sensitive personal data that identifies or describes a living person (hereinafter “Personal Data”) which is collected, used or disclosed by or on behalf of Dwellworks is protected in accordance with the laws of the countries in which Dwellworks operates.
This Policy governs the way Dwellworks manages and processes Personal Data collected in the process of delivering relocation services in the European Economic Area (EEA) (which includes the twenty-eight member states of the European Union (EU) plus Iceland, Liechtenstein and Norway) or Switzerland that is subsequently transferred to the United States as well as Personal Data that is collected in the process of delivering relocation services elsewhere in the world including within the United States.
This Policy applies to Personal Data of transferees and to Personal Data of any other individuals (such as business contacts and supply chain partners) other than employees (including applicants for employment and former employees) of Dwellworks.
This Policy applies to Personal Data received by Dwellworks in any format, including electronic, paper or verbal.
For the purposes of the General Data Protection Regulation (EU 2016/679) (GDPR) in the European Union, Dwellworks will be a data processor of Personal Data relating to transferring individuals which is obtained and processed in the course of providing relocation services to its corporate customers. Dwellworks will be a data controller of Personal Data relating to its supply chain partners and relating to transferring individuals which is obtained and processed in the course of providing relocation services directly to such transferring individuals.
Types of Data Collected
Personal Data collected by Dwellworks is limited to information necessary to conduct business. Personal Data collected includes but is not limited to: name, address, government identification number (i.e., social security number, national identification number, tax payer identification number, passport information, driver's license), date of birth, phone number, email address, Office of Foreign Assets Control (OFAC) information, financial information and bank account information.
Dwellworks will inform individuals about the purposes for which it (in its own capacity or on behalf of a corporate customer, where relevant) collects and uses Personal Data, the types of third parties or agencies to which it discloses such information, and the choices which Dwellworks (in its own capacity or on behalf of a corporate customer, where relevant) offers to limit the use and disclosure of Personal Data.
The sharing of Personal Data by Dwellworks with its network of third party suppliers of relocation-related services is necessary for the purpose of providing relocation services to its customers and their transferring employees. Notice will be provided in clear and conspicuous language when individuals are first asked to provide Personal Data or as soon as practical thereafter.
If Dwellworks receives Personal Data from its subsidiaries, affiliates or other entities in the EEA or Switzerland, it will use and disclose such Personal Data in accordance with the notices provided by such entities.
Dwellworks offers individuals the opportunity to opt out of disclosing their Personal Data to a third party or to consent to the use of the information by Dwellworks for a purpose other than which it was originally collected or subsequently authorized. For sensitive data (which includes health data and other types of data classified as "special categories of personal data" under the GDPR), Dwellworks offers individuals the opportunity to affirmatively and explicitly consent to the disclosure of the information to a third party or to the use of the information by Dwellworks for a purpose other than which it was originally collected or subsequently authorized.
Dwellworks will only transfer Personal Data to a service provider, vendor or other third party acting as a processor (or sub-processor) of Personal Data for Dwellworks where that party has provided assurances that it provides at least the same level of privacy protection as is required by this Policy. Where Dwellworks becomes aware that a party is using or disclosing Personal Data in a manner contrary to this Policy, Dwellworks will take reasonable and appropriate steps to prevent or stop the use or disclosure of that Personal Data.
On occasion, Dwellworks may be required to share personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Dwellworks takes reasonable steps to protect Personal Data from loss, misuse and unauthorized access, disclosure, alteration and destruction. These precautions include but are not limited to password protections for online systems and restricting access to Personal Data to the legal department or to their relocation consultant for transferees. Individuals who have access to Personal Data are aware of their responsibilities to protect the security, confidentiality and integrity of the information.
Data Subject Rights
Under the GDPR (and elsewhere as applicable), Personal Data is protected by legal rights, which include individuals' rights to request access to or amendment of their Personal Data, to request erasure of their Personal Data, to object to processing of their Personal Data, to require restriction of processing of their Personal Data, to request the transfer of their Personal Data to another party or to withdraw consent at any time where Dwellworks are relying on consent to process such Personal Data. Where Dwellworks is a data controller, Dwellworks will respond to any request from an individual to exercise any such right within one month. Where Dwellworks is a data processor, Dwellworks will forward any request from an individual to exercise any such right to the relevant data controller (being the applicable corporate customer).
Under the GDPR (and elsewhere as applicable), individuals shall have the right to make a complaint about Dwellworks' use of their Personal Data to a relevant supervisory authority for data protection matters.
Transferees can access their Personal Data and can correct or amend it if it is inaccurate or incomplete. Subject to applicable data protection laws, Dwellworks reserves the right to deny or limit access in cases where the burden or cost of providing access would be disproportionate to the risks to the individual’s privacy.
Any Dwellworks transferee or other individual that wants to review or update their Personal Data can do so by contacting the Human Resources Department (HR) at email@example.com.
Dwellworks will use Personal Data only in ways that are compatible with the purposes for which it was collected or subsequently authorized by the individual. Dwellworks will take reasonable steps to ensure that Personal Data is reliable, complete, accurate and current. All transferees or other individuals are asked to inform HR or their consultant respectively immediately in the event of changes in Personal Data.
Enforcement, Verification and Dispute Resolution
Associates and supply chain partners who violate data privacy rules may be subject to potential civil and/or criminal liability. Dwellworks conducts periodic reviews of its privacy practices to verify adherence to this Policy and the Privacy Shield principles. This Policy may be updated occasionally to reflect changes to Dwellworks’ privacy practices.
Transferees and others whose Personal Data is handled by Dwellworks should contact Dwellworks if there is reason to believe that the security of their Personal Data has been compromised. Dwellworks will investigate and attempt to resolve complaints regarding use and disclosure of Personal Data. Where necessary under applicable data protection laws, Dwellworks will report any misuse or other personal data breach to the relevant regulatory authorities.
For any complaints that cannot be resolved with Dwellworks directly, Dwellworks has selected the ICDR/AAA as its Independent Recourse Mechanism in relation to such unresolved complaints (as further described in the Privacy Shield Principles). The link to the ICDR/AAA for making complaints is as follows: http://go.adr.org/privacyshield.html.
Dwellworks will provide, at no cost to the individual, the services of the ICDR/AAA by which the individual's complaint or dispute will be investigated and expeditiously resolved.
A binding arbitration option will also be made available to the individual in order to address residual complaints not resolved by any other means.
Dwellworks is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).
Contact information: Hank Roth, Dwellworks’ Chief Privacy Officer can be reached for complaints, questions or information regarding Dwellworks' Policy and Privacy Shield participation.
- Phone +1 216 682 4270
- Email firstname.lastname@example.org
- Mail Dwellworks, 1317 Euclid Avenue, Cleveland, Ohio 44115
Dwellworks will respond to complaints or inquiries within a reasonable time but in no event later than one month after such complaint or inquiry.
Declarations Regarding the Privacy Shield
For the purposes of this Policy, references to "Privacy Shield" shall be references to the EU-US Privacy Shield Framework and to the Swiss-US Privacy Shield Framework, as applicable, and references to "Privacy Shield Principles" shall be references to the applicable privacy principles contained within the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework respectively.
Before sharing Personal Data concerning a resident of the EU (or EEA) or a resident of Switzerland with a third party, Dwellworks will verify that the third party holds Personal Data in a manner consistent with this Policy, and certifies compliance with the European Union’s and Switzerland's data protection laws and with the Privacy Shield requirements. In particular, Dwellworks will ensure that Dwellworks will only transfer such Personal Data to third parties in countries that have been deemed to provide an adequate level of protection for personal data by the European Commission, or to third parties who have signed specific contracts approved by the European Commission which give personal data the same protection it has in the EU or to third parties based in the USA if they are also part of the Privacy Shield.
Dwellworks' participation in the Privacy Shield applies to all Personal Data that is received from the European Union, European Economic Area or Switzerland. Dwellworks will comply with the Privacy Shield Principles in respect of such personal data.
Dwellworks’ accountability for Personal Data that it receives under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, Dwellworks remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process the Personal Data on its behalf do so in a manner inconsistent with the Privacy Shield Principles, unless Dwellworks proves that it is not responsible for the event giving rise to the damage.