TRUSTe privacy certification programs are comprised of Program Requirements that define a compliance standard for business practices involving the collection and use of data. To obtain TRUSTe certification, a company must provide proof of its privacy and data governance practices for data collected on behalf of users, customers, and partners - particularly as these practices relate to notice, choice, and accountability. Upon satisfactory evaluation, TRUSTe provides a trustmark indicator - typically in the form of a Website seal or whitelist placement - that certifies the company's practices are compliant with TRUSTe's privacy standard.

The following definitions shall apply herein:

1. "Clear and Conspicuous" means a notice that is reasonably easy to find, and easily understandable in terms of content and style to the average reader.
2. "Client" is a customer of the Participant who engages the Participant for the purpose of collecting, managing, processing, or storing information on the customer's behalf.
3. "Express Consent" means the affirmative consent (opt-in) to a practice by the Individual after being provided notice, but prior to implementing the practice.
4. "Foreign Language Privacy Statement" is the Participant's Privacy Statement translated into a language other than English.
5. "Individual" means the discrete person to whom the collected information pertains.
6. "Material Change" means degradation in the rights or obligations regarding the collection, use, or disclosure of PII for an Individual. This usually includes changes to Participant's:
   1. Practices regarding notice, collection, use, and disclosure of PII and/or Third Party Personally Identifiable Information;
   2. Practices regarding user choice and consent to how PII and/or Third Party Personally Identifiable Information is used and shared; or
   3. Measures for information security, integrity, access, or individual redress
7. "Online" is the state where an Individual is connected by computer or mobile device to one or more other computers, mobile devices, or networks, as through a commercial electronic information service or the internet.
8. "Participant" means the entity that has entered into an agreement with TRUSTe to participate in the TRUSTe program(s) and agreed to comply with the program requirements included therein.
9. "Personally Identifiable Information [PII]" means any information or combination of information that can be used to identify, contact, or locate a discrete Individual.
10. "Personnel" means all Participant employees, contractors, sub-contractors and agents provided access to the Client's information for the purpose of inputting, processing, managing, deleting, or securing it.
11. "Privacy Statement" shall mean the statements of Participant's information collection and usage practices, as such practices are updated from time to time. Participant's Privacy Statement includes, but is not limited to:
    1. A single, comprehensive statement of all the Participant's information practices ("Privacy Statement");
    2. 2. A summary notice highlighting the Participant's information practices ("Short Notice"); or
    3. 3. Disclosure of specific information practices posted at the point of information collection ("Just in Time Notice").
12. "Publicly Available Information (PAI)" means any information reasonably believed to be lawfully made available to the general public from:
    1. Federal, state or local government records;
    2. Widely available source(s) having no additional prohibition around onward transfer or use; or
    3. Disclosures to the general public that are required to be made by federal, state or local law.
13. "Sub-Processor(s)" is a Third Party that has contractually agreed to provide services such as data input, data processing, deletion, and data storage on behalf of the Participant in accordance with the instructions of the Participant's Client.
14. "Third Party(ies)" is an entity(ies) other than the Client, Participant, or the Individual which is not directly affiliated with the Participant; and, if affiliated with the Participant, where such affiliation is unknown to the Client or Individual.
15. "Third Party Personally Identifiable Information [Third Party PII]" means PII that is collected by Participant from an entity other than the Individual.

1. Participants wanting to certify that their information collection and use practices comply with the TRUSTed Cloud Privacy Certification Program Requirements must comply with the following requirements:
2. Participant Accountability
   1. Participant shall have processes in place to comply with these Program Requirements.
   2. Cooperation with TRUSTe
      1. Provide, at no charge to TRUSTe or its representatives, full access to the Online properties (i.e., including password access to premium or members only areas) for the purpose of conducting reviews to ensure that Participant's Privacy Statement(s) is consistent with actual practices.
      2. Provide, upon TRUSTe's reasonable request, information regarding how PII gathered from and/or tracked through Participant's Online properties is used, managed, deleted, or secured.
      3. Participant shall cooperate with TRUSTe's efforts to investigate and resolve non-frivolous privacy complaints, questions and concerns raised either by:
         1. Users through TRUSTe's dispute resolution process; or
         2. TRUSTe.
   3. Annual Recertification
      1. Participant shall undergo re-certification to verify ongoing compliance with these Program Requirements annually.
      1. Termination for Material Breach
      2. In the event TRUSTe reasonably believes the Participant has materially breached these Program Requirements, TRUSTe may terminate the Participant's participation in this program upon twenty (20) business days' prior written notice ("Notice of Termination") unless the breach is corrected within the same twenty (20) business day period ("Cure Period").
      3. Material breaches of these Program Requirements include but are not limited to:
         1. Participant's continual, intentional, and material failure to adhere to these Program Requirements;
         2. Participant's material failure to permit or cooperate with a TRUSTe investigation or review of Participant's Online properties or practices pursuant to the Program Requirements;
         3. Participant's continual, intentional, and material failure to comply with any Suspension Obligations;
         4. Participant's material failure to cooperate with TRUSTe regarding an audit, complaint or the compliance monitoring activities of TRUSTe; or
         5. Any deceptive trade practices related to these Program Requirements by the Participant
   4. Suspension Status
      1. In the event TRUSTe reasonably believes that Participant has materially violated these Program Requirements, Participant may be placed on suspension.
         1. Notice will be provided with a mutually agreed upon description of the violation and any remedial actions that TRUSTe will require Participant to take during the Suspension Period ("Suspension Obligations").
         2. Participant will be considered to be on Suspension immediately upon receiving notice from TRUSTe. Suspension shall last until such time as the Participant has corrected the material breach or Program Requirements violation to TRUSTe's satisfaction, but not for a period of greater than six (6) months ("Suspension Period") unless mutually agreed by the Parties.
         3. Suspension Obligations may include, but are not limited to:
            1. Compliance with additional Program Requirements;
            2. Cooperation with heightened compliance monitoring by TRUSTe; and
            3. Payment to TRUSTe of mutually agreed additional amounts as compensation for TRUSTe's additional compliance monitoring.
            4. Participant shall comply with all Suspension Obligations.
         4. During the Suspension Period, Participant's status may be indicated via a TRUSTe Validation webpage or TRUSTe may require Participant to cease using the TRUSTe trustmark(s).
         5. At the end of the Suspension Period, TRUSTe will, in its discretion, either:
            1. Determine that Participant has complied with Participant's Suspension Obligations, thereby satisfying TRUSTe's concerns;
            2. Extend the Suspension Period by mutual agreement with the Participant; or
            3. Determine that Participant has failed to comply with Participant's Suspension Obligations and immediately terminate Participant for cause.
3. Privacy Practices
   

   The following requirements apply if the Participant, on the Client's behalf, collects, manages, processes, or stores information that is provided by the Client or Individuals that are customers of the Client.

   1. Collection Limitation
      1. The Participant shall only collect information where such collection is:
         1. Limited to information reasonably useful to provide the services for which the Participant was engaged to provide for the Client and in accordance with the Client's instructions, except where Participant knows such instructions are inconsistent with Client's Privacy Statement in effect at the time of collection; and
         2. With notice to and consent of the Client orIndividual
   2. Use of Information
      1. The Participant shall use information solely to provide services for which the Participant was engaged to provide for the Client unless the Participant knows such use is inconsistent with the Client's Privacy Statement in effect at the time of collection; and
      2. Participant may use information to improve current or future versions of the Participant's service only with notice to and Express Consent of the Client.
   3. Onward Transfer
      1. The Participant shall not share the Client's or Individual's information with any Third Parties other than Sub-Processors, except in the following instances:
         1. The Participant has obtained the Express Consent of the Client or Individual to share the information; or
         2. The use, disclosure or distribution of the information is required by law, court order, or other valid legal process.
      2. Sub-Processors
         1. If the Participant engages a Sub-Processor to transfer a Client's information from the Participant to the Sub-Processor, the Participant must disclose to the Client:
            1. That the Participant engages a Sub-Processor(s) to perform certain services on its behalf;
            2. That the Client's information will be transferred to the Sub-Processor for the purpose of providing that service; and
            3. The Sub-Processor is required to abide by the rights and obligations attached to the information by the Client and the Participant regarding the security, confidentiality, integrity, use, and disclosure of the information.
         2. The Participant must take commercially reasonable steps to ensure that its Sub-Processors with whom it shares the Client's information either:
            1. Abide by the Participant's privacy policies as reflected in its Privacy Statement; or
            2. Abide by privacy policies that are substantially equivalent to the Participant's privacy policies as reflected in its Privacy Statement; and
            3. Abide by the rights and obligations attached to the information by the Client and the Participant regarding the security, confidentiality, integrity, use, and disclosure of the information.
   4. Collection and Use of Third Party PII
      1. The Participant shall use all Third Party PII collected solely to provide services for which the Participant was engaged to provide for the Client.
      2. The Privacy Statement shall state:
         1. The types of the entity(ies) collecting Third Party PII;
         2. The type of Third Party PII collected, either through active or passive means;
         3. How collected Third Party PII is used;
         4. What types of additional Sub-Processors, if any, collected Third Party PII is shared with.
   5. Access
      1. Participant must implement reasonable and appropriate mechanisms to allow the Client or Individual to correct or update inaccurate PII within its access or control.
      2. Participant must provide the Client or Individual with access to PII within thirty (30) calendar days of request.
         1. If Participant does not provide a Client or Individual the requested access within thirty (30) calendar days of the Individual's request, Participant must provide the Client or Individual with a timeline establishing when the requested access will be provided.
         2. Privacy Statement shall disclose the timeline establishing when the Client or Individual can expect a response to their request for access.
      3. Participant must implement reasonable mechanisms to allow the Client or Individual to request deletion of PII or that collected PII no longer be used.
      4. Such mechanism should be consistent with how the Client or Individual normally interacts or communicates with the Participant;
      5. Such mechanism or process shall be clear, conspicuous, and easy to use;
      6. Such mechanism or process shall confirm to the Client or Individual that inaccuracies have been corrected; and
      7. Participant's privacy statement shall state how access is provided.
      8. Participant is not required to permit Client or Individual access to PII to the extent that:
         1. Such access would prejudice the confidentiality necessary to comply with regulatory requirements, or breach Participant's confidential information or the confidential information of others;
         2. The burden or cost of providing access would be disproportionate or the legitimate rights or interests of others would be violated. However, Participant may not deny access on the basis of cost if the Client or Individual offers to pay the costs of access; or
         3. The requested PII is derived from public records or is Publicly Available Information and is not combined with non-public record or non-publicly available information.
            1. If Participant denies access to PII, Participant must provide the Client or Individual with an explanation of why access was denied and contact information for further inquiries regarding the denial of access.
   6. Material Changes
      1. The Participant must notify Clients of any material changes to its PII collection, use, or disclosure practices prior to making the change.
      2. Participant must obtain prior approval from TRUSTe:
         1. For any Material Change in its PII collection, use, disclosure, deletion/destruction practices; and
         2. For method and notice to Clients, such as email, "in product" messaging, etc.
      3. Privacy Statement shall state that the Participant will provide notification of any material changes in its PII collection, use, and disclosure practices, and how notice will be provided.
4. Privacy Statement
   1. The Participant shall maintain and abide by an accurate up-to-date Privacy Statement approved by TRUSTe that states Participant's information collection and use practices as it pertains to deleting, managing, and processing of Client and/or Individual's information and is in conformance with these Program Requirements including, but not limited to:
      1. What information is collected, either through active or passive means, identity of the entity(ies), excluding Sub-Processors, collecting the information, and how the collected information is used;
      2. That the collection and use of information shall be limited to the purpose of providing the service for which the Participant was engaged;
      3. What types of Sub-Processors, if any, collected information is shared with;
      4. Whether collected information is appended with information obtained from Third Party sources;
      5. How the Client or Individual can request access to their information as required in these Program Requirements;
      6. That security measures are in place to protect collected information as required in these Program Requirements;
      7. What tracking technologies are used by the Participant or Third Parties including Sub-Processors and the purpose for using those technologies;
      8. How the Client or Individual can contact the Participant, including company name, email address or a link to an online form, and physical address;
      9. How the Client or Individual will be notified of any Material Changes in the Participant's privacy practices;
      10. That collected information is subject to disclosure pursuant to judicial or other government subpoenas, warrants, or orders;
      11. Effective date of Privacy Statement;
      12. If required, statement of participation in the TRUSTe program and define participation scope; and
      13. Information on how to contact TRUSTe to express concerns regarding the Participant's Privacy Statement or privacy practices.
   2. At a minimum, the Participant shall link to a Privacy Statement that discloses its' information practices.
   3. The Privacy statement must be available when the Client or Individual first engages with the Participant, such as through an application, Website homepage or landing page. Access to the Privacy Statement shall be Clear and Conspicuous.
   4. When commercially reasonable, the Privacy Statement shall be available at the point where the Client or Individual provides PII, or through a common footer. Such access to the Privacy Statement shall be Clear and Conspicuous.
   5. The Participant shall treat all collected information in accordance with the posted Privacy Statement in effect at the time of collection unless the Client or the Individual has given Express Consent.
   6. Short Notice
      1. If the Participant chooses, they may provide a Short Notice highlighting its information practices including but not limited to:
         1. Summarize what information is collected by the Participant and how that information is collected, either through active or passive means;
         2. Summarize how the Participant uses collected information and that such use is limited to provide the services for which the Participant has been engaged;
         3. Whether the Participant shares information with Sub-Processors;
         4. How the Client or Individual can request access pursuant to these Program Requirements; and
         5. How to contact the Participant including company name, email address or link to online form, and postal address.
      2. Short Notice shall link to the Privacy Statement.
         1. Such access to the Privacy Statement shall be Clear and Conspicuous.
      3. Short Notice shall be consistent with the Privacy Statement.
   7. Just in Time Notice
      1. If Participant chooses to provide Just in Time Notice, the Just in Time Notice shall be consistent with the Privacy Statement.
   8. Foreign Language Privacy Statement.
      1. If the Participant seeks TRUSTe certification of a Privacy Statement in a language other than English, TRUSTe shall use commercially reasonable efforts to verify that the Foreign Language Privacy Statement is an accurate translation of the Participant's English language Privacy Statement.
      2. The Participant shall ensure that its privacy practices are the same, and that the Foreign Language Privacy Statement provides essentially the same description of privacy practices as the Participant's English Language Privacy Statement.
      3. The Participant must notify TRUSTe of any material changes to its Foreign Language Privacy Statement and submit changes to TRUSTe for review and approval.
5. Data Governance
   1. Participant shall implement controls and processes to manage and protect PII within its control including the ones listed in this Section III.E.
      1. Such controls and processes shall be:
         1. Appropriate to the size of the Participant's business; and
         2. Appropriate to the level of sensitivity of the data collected and stored
   2. Data Security
      1. Participant must implement commercially reasonable procedures to protect PII within its control from unauthorized access, use, alteration, disclosure, or distribution.
      2. The Participant, at a minimum, must logically segregate PII it receives from each Client or Individual so it that only the Client or Individual has access to their own data.
      3. Participant shall maintain and audit internal information technology systems within Participant's control as follows:
         1. Regularly monitor and repair systems including networks, hardware, and software for known vulnerabilities;
         2. Limit access and use of PII, or Third Party PII, to personnel with a legitimate business need;
         3. Implement protection against phishing, spam, viruses, data loss, and malware;
         4. Use reasonable encryption, masking, redaction, or other protective methods for transmission of information across wireless networks, and storage of information where appropriate; and
         5. If Participant has obtained a Third Party security audit, such as a Service Organization Control [SOC] Report, or security certification, Participant shall keep that audit report or certification status current.
      4. The Participant shall utilize reasonable encryption, masking, redaction, or other protective methods for the transmission of PII if the inappropriate use or disclosure of that information could cause financial or reputational harm to the Client or an Individual.
      5. Participant must have a security awareness guide, program or training for all Personnel that will have access to the Client's or Individual's PII.
      6. Access to Client or Individual information retained by the Participant must be at least restricted by appropriate protective identity management technologies and procedures.
      7. Participant shall have processes in place to revoke access to the Client or Individual's information in the event that the Personnel accessing that information changes jobs or is no longer employed by the Participant.
      8. Privacy Statement shall state that security measures are in place to protect collected information.
   3. Account Credentials
      1. New accounts and passwords must be issued to Clients or Individuals in a secure manner that ensures confidentially.
      2. When issuing accounts, the Participant shall take measures such as but not limited to:
         1. Distribute passwords separately from account information;
         2. Enforce strong password practices that include minimum password length, complexity (e.g. no dictionary words, a mix of alpha numeric characters) and set expiration period, not to exceed six months;
         3. Encrypted passwords during transmission; and
         4. Authentication for applications and systems must not allow connections on unencrypted channels or services.
   4. Data Quality
      1. Participant shall take commercially reasonable steps or as instructed by the Client when collecting, creating, maintaining, using, disclosing or distributing PII to assure that the information processed by the Participant, is accurate, complete, timely, and relevant for the purposes for which such information is to be used.
      2. If any information collected by the Participant about a Client or an Individual is disputed by that Client or Individual and is found to be inaccurate, incomplete, or cannot be verified, Participant shall promptly delete or modify that item of information, as appropriate, based on the results of the investigation.
      3. As commercially reasonable, Participant shall maintain a Business Continuity Plan (BCP) and Disaster Recovery (DR) program for all locations used to provide services to Clients.
   5. Data Retention
      1. If a Participant receives and retains information on behalf of a Client, retention must be limited to no longer than commercially useful to carry out its business purpose, or for legitimate law enforcement purposes.
      2. If requested by Client upon termination of relationship between Participant and Client or when there is no longer a legitimate business need for the Participant to retain the Client's information, the Participant shall take reasonable steps to return, delete, destroy, or arrange for the destruction of information received from the Client or Individual.
      3. If the Participant destroys or arranges for destruction of the Client's information the Participant shall provide confirmation or certification that the data has been destroyed.
      4. The Participant's Privacy Statement must disclose how long it will retain information received on behalf of its' Client.
      5. Regardless of the time period of retention, so long as the Participant has information it has collected, managed, processed, or stored on behalf of its Client in its possession or control, the requirements included herein shall apply to such information.
   6. Training
      1. The Participant shall conduct regular training of Personnel regarding:
         1. Maintaining the security, confidentiality and integrity of PII and Third Party PII it receives from a Client or an Individual;
         2. The Participant's privacy policies, and information collection, destruction, and use practices; and
         3. The Participant's Business Continuity Plan and Disaster Recovery Program.
   7. User Complaints and Feedback
      1. The Participant shall provide Clients and Individuals with reasonable, appropriate, simple and effective means to submit complaints, express concerns, or provide feedback regarding Participant's privacy practices.
      2. Participant shall also cooperate with TRUSTe's efforts to investigate and resolve non-frivolous privacy complaints, questions and concerns raised either by:
         1. Users throughTRUSTe's dispute resolution process; or
         2. TRUSTe.
      3. The Privacy Statement shall state how users can contact the Participant regarding their privacy practices.
   8. Data Breach
      1. The Participant must notify Client of a data breach within 45-days of a known breach if the unauthorized disclosure of information can cause financial harm to the Client or Individual or as otherwise required by law.
      2. Unless otherwise required by law, notice to the Client must disclose the following
         1. A breach occurred;
         2. What type of information was breached;
         3. When the breach happened;
         4. What steps the Client or Individual can take to protect themselves;
         5. What the actions the Participant is taking regarding the breach (e.g. investigation); and
         6. What steps the Participant is taking to ensure the event does not happen again.

1. Participant wants to self-certify with the Department of Commerce [DOC] for compliance with the U.S.-E.U. Safe Harbor or U.S.-Swiss Safe Harbor Frameworks and list TRUSTe as its third party dispute resolution mechanism must comply with the Minimum Program Requirements and the following:
   1. Privacy Statement shall include one of the following statements:
      1. Where self-certifying to the U.S.-EU Safe Harbor Framework only:
         "[Participant] complies with the U.S.-EU Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use and retention of personal information from European Union member countries. [Participant] has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view [Participant's] certification, please visit http://www.export.gov/safeharbor."
      2. b. Where self-certifying to U.S.-Swiss Safe Harbor Framework only:
         "[Participant] complies with the U.S.-Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use and retention of personal information from Switzerland. [Participant] has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view [Participant's] certification, please visit http://www.export.gov/safeharbor."
      3. c. Where self-certifying to both the U.S.-EU Safe Harbor and the U.S.-Swiss Safe Harbor Frameworks:
         "[Participant] complies with the U.S.-EU Safe Harbor Framework and the U.S.-Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use and retention of personal information from European Union member countries and Switzerland. [Participant] has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view [Participant's] certification, please visit http://www.export.gov/safeharbor."