Data Privacy Framework Policy
Projector, IS, Inc. Data Privacy Framework Policy
Last Updated January 13, 2025
Projector IS, Inc., (“Projector” or “Company”) complies with the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (“Swiss-U.S. DPF”) as set forth by the U.S. Department of Commerce. Projector has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (“EU-U.S. DPF Principles”) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. Projector has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (“Swiss-U.S. DPF Principles”) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles (collectively, the “DPF Principles”), the DPF Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.
Scope
This Data Privacy Framework Policy (the “Policy”) sets forth the privacy principles that Projector follows when processing Personal Data received from customers or prospective customers located in the European Economic Area (“EEA”), Switzerland, and the United Kingdom while providing services from the United States (“U.S.”). This Policy does not apply to information collected through its website screenmeet.com or to information collected during Projector sponsored sales and marketing activities, all of which are subject to Projector’s Privacy Policy. This Policy also does not apply to Personal Data collected through Projector’s recruiting process. For purposes of this Policy, Personal Data means data about an identified or identifiable individual that is received by Projector in the United States from the EEA, Switzerland, or the United Kingdom, and recorded in any form, and is within the scope of Regulation (EU) 2016/679 (“General Data Protection Regulation” or “GDPR”), the Swiss Federal Data Protection Act, or the UK Data Protection Act 2018, respectively.
Projector’s Role as a Service Provider to its Customers and Prospective Customers
Projector is the creator of certain software products, and in connection with these software products, Projector provides product demonstrations, product enhancements, cloud services, software services, professional technical services, data migration services, and product technical support services (collectively “Services”) for the benefit of its customers and prospective customers in the EEA, Switzerland, and the United Kingdom through employees are located in the U.S. These U.S.-based employees may process Personal Data to provide Services to customers and prospective customers located in the EEA, Switzerland, or the United Kingdom.
Customers using Projector’s cloud solutions are responsible for managing the data that they store within Projector’s cloud solutions. Customers determine the categories of Personal Data and other information that are stored by Projector. Similarly, Projector's customers and prospective customers who share data with Projector in connection with any of its Services determine which categories of Personal Data will be shared and for what purposes. Consequently, Projector does not generally know the categories of Personal Data to be processed or the purpose(s) of the processing unless and until Projector receives this information from its customers or prospective customers.
When Projector processes Personal Data, Projector does so only for the purpose of providing Services.
The Customer’s and Prospective Customer’s Responsibilities with Respect to Personal Data
Projector customers and prospective customers may choose to include Personal Data among the data stored within the Projector cloud or otherwise shared with Projector in connection with its provision of Services.
Projector processes only the Personal Data that its customers or prospective customers have chosen to share with Projector. Projector has no direct or contractual relationship with the subject of such Personal Data (a "Data Subject"). As a result, when a customer or prospective customer shares Personal Data, the customer or prospective customer is solely responsible for satisfying all legal obligations owed directly to the Data Subject under applicable data protection laws.
It is the customer's or prospective customer's responsibility to ensure that Personal Data it collects can be legally collected in the country of origin. The customer or prospective customer is also responsible for providing to the Data Subject any notices required by applicable law and for responding appropriately to the Data Subject's request to exercise his or her rights with respect to Personal Data. In addition, the customer or prospective customer is responsible for ensuring that its use of Projector’s cloud offerings or Services is consistent with any privacy policy the customer or prospective customer has established and any notices it has provided to Data Subjects.
Projector is not responsible for its customers’ or prospective customers’ privacy policies or practices or for the customers’ or prospective customers’ compliance with such policies or practices. Projector does not review, comment upon, or monitor its customers’ or prospective customers’ privacy policies or their compliance with such policies. Projector also does not review instructions or authorizations provided to Projector to determine whether the instructions or authorizations are in compliance with, or conflict with, the terms of a customer's or prospective customer's published privacy policy or of any notice provided to Data Subjects. Customers and prospective customers are responsible for providing instructions and authorizations that comply with their policies, notices, and applicable laws.
Projector’s Compliance with the Data Privacy Framework Principles
Projector employees located in the United States may provide Services for customers and prospective customers located in the EEA, Switzerland, or the United Kingdom. To provide such Services, Projector may process Personal Data. Projector will apply the following DPF Principles to Personal Data physically or remotely transferred from the EEA, Switzerland or the United Kingdom to the United States.
Access
Data Subjects have the right to access the Personal Data an organization holds about them. If such Personal Data is inaccurate or processed in violation of the DPF Principles, a Data Subject may also request that Personal Data be corrected, amended, or deleted.
When Projector receives Personal Data, it does so on its customer's or prospective customer's behalf. To request access to, or correction, amendment or deletion of, Personal Data, Data Subjects should contact the Projector customer or prospective customer that collected their Personal Data. Projector will cooperate with its customers' and prospective customers' reasonable requests to assist Data Subjects to exercise their rights under the DPF.
Choice
Data subjects have the right to opt out of (a) disclosures of their Personal Data to third parties not identified at the time of collection or subsequently authorized, and (b) uses of Personal Data for purposes materially different from those disclosed at the time of collection or subsequently authorized. Projector’s customers and prospective customers are responsible for informing Data Subjects when they have the right to opt out of such uses or disclosures.
Data Subjects who wish to limit the use or disclosure of their Personal Data should submit that request to Projector’s customer or prospective customer that controls the use and disclosure of their Personal Data. Projector will cooperate with its customers’ and prospective customers’ instructions regarding Data Subjects’ choices.
Security
Projector is committed to safeguarding the Personal Data that it receives. While Projector cannot guarantee the security of Personal Data, Projector takes reasonable and appropriate technical and organizational measures to protect Personal Data in Projector’s possession from loss, misuse, unauthorized access, disclosure, alteration and destruction.
Projector utilizes a combination of online and offline security technologies, procedures and organizational measures to help safeguard Personal Data. For example, facility security is designed to prevent unauthorized access to Projector computers. Electronic security measures — including, for example, network access controls, passwords and access logging — provide protection from hacking and other unauthorized access. Projector also protects Personal Data through the use of firewalls, role-based restrictions and, where appropriate, encryption technology. Projector limits access to Personal Data to employees, subcontractors, and third-party agents that have a specific business reason for accessing such Personal Data. Individuals granted access to Personal Data are aware of their responsibilities to protect such information and are provided appropriate training and instruction.
Data Integrity and Purpose Limitation
Projector's customers and prospective customers are responsible for limiting their collection of Personal Data to that which is necessary to accomplish the purposes disclosed to Data Subjects and compatible purposes. They also are responsible for providing Projector with instructions or authorization for the processing of Personal Data consistent with such purposes.
Projector's customers and prospective customers also are responsible for ensuring that (a) Personal Data they collect is accurate, complete, current and reliable for its intended uses; and (b) Personal Data is retained only for as long as is necessary to accomplish the customer's or prospective customer's legitimate business purposes disclosed to the Data Subject and for compatible purposes. Projector will cooperate with customers' and prospective customers' reasonable requests for assistance in meeting these obligations.
In the performance of Services, Projector will request only the minimum amount of information required to perform the applicable Services and will retain such information only for as long as necessary to provide the Services or for compatible purposes, such as to provide additional Services, to comply with legal requirements, or to preserve or defend Projector’s legal rights.
Onward Transfer
Projector may disclose Personal Data to subcontractors and third-party agents who assist Projector in providing Services to its customers and prospective customers. Before disclosing Personal Data to a subcontractor or third-party agent, Projector will obtain assurances from the recipient that it will: (a) use the Personal Data only to assist Projector in providing the Services; (b) provide at least the same level of protection for Personal Data as required by the DPF Principles; and (c) notify Projector if the recipient is no longer able to provide the required protections. Upon notice, Projector will act promptly to stop and remediate unauthorized processing of Personal Date by a recipient. Projector will remain liable for onward transfers to its subcontractors and third-party agents.
Projector may also be required to disclose, and may disclose, Personal Data in response to lawful requests by public authorities, including for the purpose of meeting national security or law enforcement requirements. To the extent permitted, Projector will inform its relevant customer or prospective customer before making such disclosure and provide it with a reasonable opportunity to object to such disclosure.
Projector will not otherwise disclose Personal Data to third parties.
Recourse, Enforcement & Liability
In compliance with the DPF Principles, Projector commits to resolve complaints about your privacy and Projector’s collection or use of Personal Data transferred to the United States pursuant to this Policy.
European Union, Swiss, and United Kingdom individuals with DPF inquiries or complaints should first contact Projector’s Data Protection & Privacy Department by emailing or by calling.
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Projector commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF to JAMS, an alternative dispute resolution provider based in the United States. If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit https://www.jamsadr.com/DPF-Dispute-Resolution for more information or to file a complaint. The services of JAMS are provided at no cost to you.
If your DFP compliant cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not otherwise resolved by other redress mechanisms. For more information about binding arbitration, visit http://www.dataprivacyframework.gov/framework-article/G%E2%80%93Arbitration-Procedures.
The Federal Trade Commission has jurisdiction over Projector’s compliance with the DPF.
For More Information
Data Subjects with questions about how Projector processes Personal Data should first contact the Projector customer or prospective customer that collected the Personal Data. Projector's Privacy Officer can be contacted by emailing support@screenmeet.com (attention Ben Lilienthal) or by calling 1-865-657-8408.
Changes to this Privacy Policy
Projector may revise this Policy at any time consistent with the requirements of the DPF. If Projector decides to materially change this Policy, it will post the revised Policy at this location and will revise the “updated” date at the top of the page. We encourage you to periodically review this DPF Policy to be aware of updates to our practices.