H5, a California corporation (hereinafter “H5” or “we”), recognizes that the European Community and Switzerland have established data protection regimes that restrict companies in the EEA and Switzerland in transferring personal data about individuals in the EEA and Switzerland, respectively, to the United States, unless there is “adequate protection” for such personal data when it is received in the United States. To create such “adequate protection” and to overcome the restriction on international data transfers, H5 complies with the U.S.–EU Safe Harbor Framework and the U.S.–Swiss Safe Harbor Framework set forth by the U.S. Department of Commerce. H5 has certified that it adheres to the Safe Harbor Privacy Principles published by US Department of Commerce (“Safe Harbor Principles”) with respect to personal data about individuals in the EEA and Switzerland that subsidiaries, customers, suppliers and other businesses in the EEA and Switzerland send to H5. H5’s Safe Harbor Certification does not extend to data that H5 receives directly through www.h5.com or other websites. (Information on H5’s practices regarding data received through websites is contained in the applicable website privacy statements.) More information on the Safe Harbor Principles and H5’s scope of participation is available at www.export.gov/safeharbor/.
H5 has issued a separate Safe Harbor Notice for Employees in the EEA and this Notice does not apply to employees of H5; this Notice addresses other data subjects residing in the EEA (“EEA Persons”) and Switzerland (“Swiss Persons”) whose data H5 may receive from one of its subsidiaries, customers, suppliers or other businesses in the EEA or Switzerland, e.g., customers’ procurement managers, suppliers’ sales representatives, individual independent contractors, EEA or Swiss residents who are mentioned or referred to in documents to be produced in pre-trial discovery proceedingsetc or for other reasons.
H5 sells data processing and advisory services largely to businesses and rarely to consumers. Thus, H5 receives mostly business-related information from the EEA and Switzerland. Occasionally, H5 also receives contact information related to individual representatives of businesses with whom H5 is dealing (including, without limitation, names, addresses, work phone numbers, work email addresses, etc.), and, in connection with our managed document review and advisory services, H5 processes data that may be relating to EEA or Swiss residents on behalf of, and in accordance with instructions from, customers (collectively “EEA and Swiss Data”). Since EEA and Swiss Data covered by this Notice is by definition sent to H5 by another company in the EEA or Switzerland (e.g., a supplier to H5), the categories of data sent and the purposes of processing often depend on such other company, with whom the EEA Persons or Swiss Persons typically have a closer employment, business or other relationship (and which therefore, can provide additional information on categories of data shared with us).
H5 collects and uses EEA and Swiss Data for purposes of providing data processing and advisory services to its customers, communicating with corporate business partners about business matters, processing EEA and Swiss Data on behalf of corporate customers, transmitting marketing emails and performing other marketing activities, and conducting related tasks for legitimate business purposes.
H5 shares EEA and Swiss Data with affiliates and contractors, which process EEA and Swiss Data on behalf of H5. H5 also shares EEA and Swiss Data with other third parties for the purposes for which H5 receives the EEA and Swiss Data (e.g., performance of contractual obligations) and as required or permitted by law.
EEA Persons and Swiss Persons whose EEA Data and Swiss Data H5 holds may request access to, and the opportunity to update, correct or delete some or all of the EEA Data that H5 holds about them. To submit such requests or raise any other questions, please contact the H5 Safe Harbor Contact as described below. H5 reserves the right to take appropriate steps to authenticate an applicant’s identity, charge an adequate fee before providing access and deny requests, except as required by the Safe Harbor Principles.
If you have a comment or concern that cannot be resolved with H5 directly, you may contact the competent local data protection authority in your EEA Member State or Switzerland.
H5's e-discovery expertise helps counsel meet tight timelines on a very large HSR review.