Privacy Shield Framework

Last Modified: January 12th, 2021

Knack complies with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union, United Kingdom, and/or Switzerland to the United States. Knack has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. Knack's participation in the EU-U.S. Privacy Shield Framework is subject to investigation and enforcement by the Federal Trade Commission. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov

In compliance with the Privacy Shield Principles, Knack commits to resolve complaints about our collection or use of your personal information. EU individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Knack at:

complaints@knack.com or https://knack.com/contact

Invalidation of the EU-U.S. Privacy Shield Framework:

Knack is aware of the Court Justice of the EU’s decision invalidating the Privacy Shield as a mechanism for authorizing data transfers to the U.S. from the European Union. Knack currently maintains a dedicated data center for its EU customers within the EU and only allows limited "view-only access" by U.S. staff for troubleshooting and technical support purposes. Although Knack participates in the Privacy Shield, Knack routinely executes Data Protection Addendums with its EU customers which incorporate the Standard Contractual Clauses. Knack remains committed to compliance with the Privacy Shield as required by the U.S. Department of Commerce. In the event of a conflict, we will comply with the requirement that would be more protective of our customers. We will await further guidance from the European Data Protection Board and our applicable data protection authority regarding the use of the Standard Contractual Clauses moving forward.

Accountability for Onward Transfer

Knack; by default; does not transfer any Personal Data to third parties, outside of those listed as a vendor under the Regional Data Protection Policy, as required to provide the services of Knack. We only do so consistent with any notice provided to Data Subjects and any consent they have given, and only if the third party has given us contractual assurances that it will (i) process the Personal Data for limited and specified purposes consistent with any consent provided by the Data Subjects, (ii) provide at least the same level of protection as is required by the Privacy Shield Principles and GDPR and notify us if it makes a determination that it cannot do so; and (iii) cease processing of the Personal Data or take other reasonable and appropriate steps to remediate if it makes such a determination.

Data Protection Authorities

Knack has further committed to cooperate with EU data protection authorities (DPAs) with regard to unresolved Privacy Shield complaints. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact the EU DPAs for more information or to file a complaint. The services of EU DPAs are provided at no cost to you.

"Personal Data" means any information relating to an individual residing in the European Union and Switzerland that can be used to identify that individual either on its own or in combination with other readily available data.

"Data Subject" means the individual to whom any given Personal Data covered by this Privacy Shield Policy refers.