The United States Department of Commerce, in consultation with the European Commission and Switzerland, developed a "safe harbor" framework set forth in a set of seven privacy principles and fifteen frequently asked questions and answers (FAQs) (collectively, the "Safe Harbor Principles").
NTT America, Inc. ("NTTA") complies with the U.S.-EU Safe Harbor Framework and the U.S. Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland. NTTA has certified that it adheres to the Safe Harbor Principles of notice, choice, onward transfer, security, data integrity, access and enforcement. This policy outlines NTTA's general policy and practices in implementing the Safe Harbor Principles. If there is any conflict between provisions in this policy and those in the Safe Harbor Principles, the provisions in the Safe Harbor Principles will govern.
On October 6, 2015, however, the European Court of Justice issued a judgment declaring as “invalid” the European Commission’s Decision 2000/520/EC of 26 July 2000 “on the adequacy of the protection provided by the Safe Harbor Principles and related frequently asked questions issued by the US Department of Commerce.” In response to this decision, the Department of Commerce announced that it will continue to administer the Safe Harbor program, including processing submissions for self-certification to the Safe Harbor Framework. NTTA intends to maintain its Safe Harbor Certification; please be advised, however, that due to the ECJ’s decision, you may no longer rely on NTTA’s Safe Harbor certification as the basis to lawfully transfer personal data from the EU to the U.S. Upon your request, and if legally required, NTTA will enter into European Commission (EC) Model Contract Clauses for processing your personal data. Please contact your account manager if you would like to enter into such an arrangement. To learn more about the Safe Harbor program, and to view NTT America’s certification, please visit http://www.export.gov/safeharbor/.
This policy applies to all personal information that NTTA handles, including contact information that is gathered before and during the provisioning of customer solutions and also during on-going support of these solutions. Additionally, this policy applies to Human Resources personal data from the European Union (EU) to the United States.