Cross-Border Processing
4 CROSS-BORDER DATA PROCESSING
Our privacy practices are designed to help to protect your PII all over the world. We take a multidimensional approach to PDP compliance by at least one of several different legally-recognized mechanisms for all data transfers.
Data Transfer Agreements and the Standard Contractual Clauses. Teradata takes measures to comply with EEA/EU/Swiss/UK and other countries’ cross-border data transfer laws that pertain to PII by having in place written intra-group data transfer agreements among various Teradata subsidiaries and entities around the world (“Data Transfer Agreements” or “DTAs”). The intra-group DTAs incorporate EEA/EU/Swiss/UK-approved “Standard Contractual Clauses” (also referred to as “Model Clauses” in this Privacy Policy). We also comply with EEA/EU/Swiss/UK data transfer laws regarding PII with respect to other countries that have been recognized by them as having adequate protections for PII (e.g., Israel, Argentina, Canada and New Zealand) by complying with and/or being subject to the jurisdiction of the applicable laws and regulations of those countries for PII that is transferred to those countries. We review and update the intra-group DTAs as our business evolves.
The Data Privacy Framework.
Teradata (including all its applicable US entities, currently Teradata Corporation, Teradata Operations Inc., Teradata US Inc., Teradata International, Inc. and Teradata Government Systems LLC):
- complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF (UK-U.S. DPF) and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce; and
- has certified to the U.S. Department of Commerce that it adheres to a) the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S DPF, . b) the UK Extension to the EU-U.S. DPF Principles with regard to the processing of personal data received from the UK in reliance on the UK Extension to the EU-U.S. DPF and c) the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF.
If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles, the UK Extension to the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the applicable Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov
In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Teradata commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs), the UK DPAs, and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning its handling of human resources data received in reliance on the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF in the context of the employment relationship.
DPF-Related Dispute Resolution. In relation to its Privacy Shield certification only, Teradata has committed to refer all unresolved DPF-related PDP complaints/disputes from EU, EEA, UK or Swiss citizens or residents regarding their PII transferred to or for Teradata in the U.S. to an independent dispute resolution services provider and dispute resolution mechanism. The provider for such PII-related complaints/disputes is the International Center for Dispute Resolution (“ICDR”) of the international division of the American Arbitration Association (“AAA”), and the dispute resolution mechanism is the ICDR/AAA International Arbitration Rules, based on documents only and as modified by applicable ICDR/AAA EU-U.S. and EU-UK DPF Procedures or applicable Swiss-U.S. DPF Administrative Procedures.
Consistent with the principles of the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, if you are subject to such a framework you may initiate and proceed with this dispute resolution mechanism without any filing fees or dispute-resolution-provider administrative costs being borne by you (i.e., Teradata will be responsible for all filing fees and dispute-resolution-provider administrative fees for such dispute resolution mechanism), and there is the possibility, under certain conditions, for you to invoke binding arbitration. If Teradata does not timely acknowledge or satisfactorily address your PII-related privacy complaint/dispute/problem within 45 days after our receipt of your notice, you may contact the ICDR/AAA and initiate that independent dispute resolution process.
For online access to information about the ICDR/AAA EU/UK/Swiss-U.S. DPF or to initiate a complaint under the ICDR/AAA EU/UK/Swiss-U.S. DPF, please visit https://go.adr.org/dpf_irm.html.