Privacy Policy
Symphonic Source, Inc. dba Cloudingo (“Symphonic Source”) complies with the Data Privacy Framework including the EU-U.S. Data Privacy Framework Principles (“EU-U.S. DPF”) and the Swiss-U.S. Data Privacy Framework Principles (“Swiss-U.S. DPF”) as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union (EU) / European Economic Area (EEA) and Switzerland to the United States. Symphonic Source has certified to the Department of Commerce that it adheres to the Data Privacy Framework. If there is any conflict between the terms in this, or any other Symphonic Source privacy policy, and the Data Privacy Framework, the Data Privacy Framework shall govern with respect to Personal Data transferred to the U.S. from the EU/EEA or Switzerland. To learn more about the Data Privacy Framework, and to view our certification, please visit https://www.dataprivacyframework.gov/
THE ORGANIZATION COLLECTING INFORMATION AT THIS WEBSITE
We operate and own the Sites located at:
- symphonicsource.com
- cloudingo.com
- dupecatcher.com
Symphonic Source’s participation in the Data Privacy Framework applies to all personal data that is subject to the Data Privacy Framework Principles and is received from the EU, European Economic Area (“EEA”), and Switzerland. Symphonic Source will comply with the Data Privacy Framework Principles in respect of such personal data. For purposes of this Notice, “Personal Data” means information that (i) is transferred from the EU/EEA and/or Switzerland to the United States, (ii) is recorded in any form, (iii) is about, or relates to, an identified or identifiable job applicant, consumer, customer, supplier or other individual (excluding Symphonic Source employees), and (iv) can be linked to that job applicant, consumer, customer supplier or other individual. This Notice outlines our general policy and practices for implementing the Data Privacy Framework Principles for Personal Data.
Data Privacy Framework Principles
Symphonic Source’s practices regarding the collection, storage, transfer, use and other processing of Personal Data comply with the Data Privacy Framework principles of notice, choice, onward transfer, access, security, data integrity, and enforcement and oversight.
Notice
We notify our job applicants, consumers, customers, suppliers and others located in the EU/EEA and Switzerland about the purposes for which we collect and use Personal Data, the types of third parties to which we disclose the information, the choices job applicants, consumers, customers, suppliers and others have for limiting the use and disclosure of their information, and how to contact us about our practices concerning Personal Data.
When we receive Personal Data from our subsidiaries, affiliates or other entities in the EU/EEA and Switzerland, we will use and disclose such information in accordance with the notices provided by such entities and the choices made by the individuals to whom such Personal Data relates.
Purpose of Collection and Use of Personal Data
Symphonic Source collects certain Personal Data such as name, email address, postal address and telephone number. We do not collect sensitive Personal Data of consumers, customers or suppliers, such as information about medical or health conditions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership or other sensitive information as defined by the Data Privacy Framework.
We use Personal Data of consumers, customers, suppliers and others (i) to respond to their requests, (ii) to evaluate the quality of our products and services, (iii) to communicate with them about our products, services and related issues, (iv) to notify them of and administer offers, contests, sweepstakes and other promotions, and (v) for internal administrative and analytics purposes, and (vi) to comply with our legal obligations, policies and procedures.
Choice
Symphonic Source shares Personal Data with its service providers and among Symphonic Source’s parent, subsidiaries and affiliates. With respect to Personal Data we share with other third parties, we provide job applicants, consumers, customers, suppliers and others located in the EU/EEA and Switzerland with an opportunity to opt-out of such sharing. If you would like to opt-out, please write us below or contact us at privacy@symphonicsource.com. We do not use Personal Data for purposes incompatible with the purposes for which the information was originally collected without notifying the relevant consumers, customers, suppliers and others of such uses and offering an opportunity to opt-out.
In addition, we may disclose Personal Data (i) if we are required to do so by law or legal process, (ii) to law enforcement authorities or other government officials based on an enforceable government request or as may be required under applicable law, or (iii) when we believe disclosure is necessary or appropriate to prevent physical harm or financial loss or in connection with an investigation of suspected or actual illegal activity.
Onward Transfer of Personal Data
We may share Personal Data with service providers we have retained to perform services on our behalf. We now require service providers to whom we disclose Personal Data and who are not subject to laws based on the EU’s General Data Protection Regulation, the UK’s Data Protection Act 2018, or the Swiss Federal Act on Data Protection, as applicable, to either (i) subscribe to the Data Privacy Framework Principles or (ii) contractually agree to provide at least the same level of protection for Personal Data as is required by the relevant Data Privacy Framework Principles. If the third party does not comply with its privacy obligations, Symphonic Source will take commercially reasonable steps to prevent or stop the use or disclosure of Personal Data. In the context of an onward transfer, Symphonic Source has responsibility for the processing of personal information it receives under the Data Privacy Framework and subsequently transfers to a third party acting as an agent on its behalf. Symphonic Source shall remain liable under the Data Privacy Framework Principles if its agents that it engages to process such personal information do so in a manner inconsistent with the Data Privacy Framework Principles, unless Symphonic Source proves that it is not responsible for the event giving rise to the damage.
Access to Personal Data
Symphonic Source provides job applicants, consumers, customers, suppliers and others with reasonable access to the Personal Data maintained about them. We also provide a reasonable opportunity to correct, amend or delete that information where it is inaccurate. We may limit or deny access to Personal Data where providing such access is unreasonably burdensome or expensive under the circumstances, or as otherwise permitted by the Data Privacy Framework principles. To obtain access to Personal Data, job applicants, consumers, customers, suppliers and others may contact Symphonic Source as specified in the “How to Contact Us” section of this Policy.
Security
Symphonic Source maintains reasonable administrative, technical and physical safeguards to protect Personal Data from loss, misuse and unauthorized access, disclosure, alteration and destruction.
Data Integrity
Symphonic Source takes reasonable steps to ensure that Personal Data collected by Symphonic Source is relevant for the purposes for which it is to be used and that the information is reliable for its intended use and is accurate, complete and current. We depend on our job applicants, consumers, customers, suppliers and others to update or correct their Personal Data whenever necessary.
Your Rights to Access, to Limit Use, and to Limit Disclosure
EU/EEA and Swiss individuals have rights to access personal data about them, and to limit use and disclosure of their personal data. With our Data Privacy Framework certification, Symphonic Source has committed to respect those rights. Because in some circumstances Symphonic Source personnel have limited ability to access data our customers submit to our services, if you wish to request access, to limit use, or to limit disclosure, please provide the name of the Symphonic Source customer who submitted your data to our services. We will refer your request to that customer, and will support them as needed in responding to your request.
Compelled Disclosure
Symphonic Source may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Inquiries and Complaints
If you believe Symphonic Source maintains your personal data in one of the services within the scope of our Data Privacy Framework certification, you may direct any inquiries or complaints concerning our Data Privacy Framework compliance to privacy@symphonicsource.com. Symphonic Source will respond within 45 days. If we fail to respond within that time, or if our response does not address your concern, you may contact JAMS (https://www.jamsadr.com/dpf-dispute-resolution), which provides an independent third-party dispute resolution body based in the United States. The services of JAMS are provided at no cost to you. If neither Symphonic Source nor JAMS resolves your complaint, you may have the possibility to engage in binding arbitration through the Data Privacy Framework Panel. Also, Symphonic Source’s commitments under the Data Privacy Framework are subject to the investigatory and enforcement powers of the United States Federal Trade Commission.
How to Contact Us
You may address any questions or concerns regarding our Data Privacy Framework Policy or our practices concerning Personal Data by: Contacting us through our website: Click here, or
Write to:
Symphonic Source, Inc. dba Cloudingo
Attention: Privacy
4004 Beltline Road, Suite 120
Addison, TX, 75001
USA
Amendment
The Symphonic Source Data Privacy Framework Notice may be amended from time-to-time in compliance with the requirements of the Data Privacy Framework principles. Appropriate notice will be given concerning such amendments.
This Data Privacy Framework Notice is effective as of April 21, 2024 and has not been revised.