Effective October 9, 2019
Your privacy and trust are important to us. This Statement explains how MCO collects, handles, stores and protects personal information about you in the context of our services. It also provides information about how you can contact us if you have questions.
Our Committment To Protecting Your Privacy
How And Why We Obtain Personal Information
How We Protect Information About You
About EU-US Privacy Shield and Swiss-U.S. Privacy Shield
Do We Share Information About You With Our 3rd Party Service Providers?
Security Of Our Hosted Solutions
Links To Other Websites
Social Media Widgets
MyComplianceOffice (known as “We”, “Our”, “Us”) acknowledges that the privacy of the data provided to use is of paramount importance to our clients and our prospective clients. Consequently, MyComplianceOffice considers the obligation to ensure the proper security of all personal data that passes through its control as critical to its business model via electronic or non-electronic methods. This Privacy Statement (“Statement”) describes how MyComplianceOffice collects, uses, and discloses certain personally identifiable information that it receives in the United States from the European Union ("EU Personal Data") both on our Web site located at www.mycomplianceoffice.com and offline. It also describes the choices available to you regarding the use of, your access to, and how to update and correct your personal information.
MyComplianceOffice uses a range of security measures to ensure the highest level of security of data passing between our clients and our hosted systems, designed to prevent confidential information being viewed or tampered with by unauthorized persons.
If we decide to change our privacy statement, we will post those changes to this privacy statement, the home page, and other places we deem appropriate so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it.
We reserve the right to modify this privacy statement at any time, so please review it frequently. If we make material changes to this statement, we will notify you here, by email, or by means of a notice on our home page prior to the change becoming effective.
There may be certain sections of the www.mycomplianceoffice.com website owned by MyComplianceOffice that ask you to provide personal information. Examples include request for product information, requesting a demo, contacting us, or a Free Trial. We use this information to respond to inquiries from you or your representative. If you choose not to register and provide this information, you can continue to view our sites anonymously.
The information we collect is Name, Company, Email address and phone number.
Receiving our newsletter is provided as part of the service that we offer. If you no longer wish to receive our newsletters you may opt-out at any time by following the instructions included in each newsletter or by emailing us at firstname.lastname@example.org.
Within the customer login, MyComplianceOffice as a data processor can collect Personally Identifiable information that includes your assignments, cases assigned to you or created by you, your trades, brokerage accounts and holdings. This is deemed as information you provide, or your employer on your behalf, to MyComplianceOffice when using the platform.
For users registered on www.mycomplianceoffice.com, each user has a unique username and password, which is authenticated on login. Any data transmitted over the website is protected by SSL, which is a method of encrypted communication transfer. This maintains the security of your online session.
Personal data is stored in a secure and encrypted environment. We use privacy protection controls and restrictions on employee access to safeguard your personal information. MyComplianceOffice employees must abide by all procedures designed to incorporate the principles herein. Authorized personnel only access personal information to conduct business on your behalf, service your account, and help you achieve your compliance objectives.
All MyComplianceOffice employees are provided training to ensure that they can identify personal data, classify it correctly and handle this information according to our privacy protection controls. Annual reviews of our control process are carried out. This ensures that we can determine the effectiveness of our controls and keep up to date on new legislation as well as process changes.
We maintain physical, electronic and procedural safeguards to protect personal information to comply with the applicable laws and regulations of the client’s country of operation, and we regularly adapt these controls to respond to changing requirements and advances in technology. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. We therefore cannot guarantee absolute security. If you have any questions regarding security on our site, you can contact us at email@example.com.
MyComplianceOffice aim to comply with all applicable country, state and federal privacy law, including (but not limited to) California and Massachusetts privacy law. MyComplianceOffice employees are prohibited from sending data over an unencrypted connection that includes both accounts and names. If clients are sending data in this manner, they should load it into a file in the Firm Documents section of MyComplianceOffice which uses an encrypted transmission. These data files can then be removed later. In the event of a security breach, MyComplianceOffice will notify the relevant authorities to comply with all applicable legislation. This includes notification of security breaches to appropriate local, state, provincial or federal authorities such as Information/Privacy Commissioners or as applicable by the relevant legislation.
MyComplianceOffice provide clear accountability to protect all privacy information. An IT & Security Manager is appointed who is responsible for all security and privacy related issues. The IT & Security Manager is a member of the senior management team and is accountable for management buy-in, oversight on privacy training, attestations and handling of complaints.
Accessing, Correcting, or Deleting Personally Identifiable Information
Upon request MyComplianceOffice will provide you with information about whether we hold, or process on behalf of a third party, any of your personal information. If your personally identifiable information changes, or if you no longer desire our service, you may update or delete inaccuracies by emailing our Customer Support at firstname.lastname@example.org or by contacting us by postal mail at the contact information listed below. We will respond to your request to access within 30 days.
We will retain your information for as long as your account is active or as needed to provide you services. If you wish to cancel your account or request that we no longer use your information to provide services, contact us at email@example.com. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
As is true of most web sites, we gather certain information automatically and store it in log files. The information gathered may include Internet Protocol (IP) addresses, browser type, Internet Service Provider (ISP), referring/exit pages, operating system, date/time stamp, and/or clickstream data. We do link this information to other information we collect about you.
We partner with a third party to either display advertising on our website or to manage our advertising on other sites. Our third-party partner may use technologies such as cookies to gather information about your activities on this website and other sites in order to provide you advertising based upon your browsing activities and interests. This information is stored for a period of 50 months, after which, it is deleted. If you wish to not have this information used for the purpose of serving you interest-based ads, you may opt-out by clicking here (or if located in the European Union, click here). Please note this does not opt you out of being served ads. You will continue to receive generic ads.
MyComplianceOffice is responsible for the processing of personal data it receives, under the Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. MyComplianceOffice complies with the Privacy Shield Principles for all onward transfers of personal data from the EU, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to the Privacy Shield Framework, MyComplianceOffice is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, MyComplianceOffice may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
Under certain conditions, more fully described on the Privacy Shield website, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.
MyComplianceOffice will inform employees about the purposes for which personal information will be collected and used. Information will be provided on how employees can contact MyComplianceOffice with any inquiries or complaints regarding the use of this data. MyComplianceOffice will give notice on the type of third parties to whom it discloses this information and the means the organizations use to restrict the disclosure and use of this data.
For personal information it collects from individuals, MyComplianceOffice will offer these individuals the opportunity to choose (opt-out) whether their personal information is (a) to be disclosed to a third party, or (b) to be used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual. For personal information, individuals will be given affirmative and explicit (opt-in) choice as to whether their information can be disclosed to a third party or used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual. MyComplianceOffice also treats as sensitive any information it received from a third party when that third party identifies it as sensitive information.
MyComplianceOffice does not share, sell, rent, or trade personal information about our current and prospective clients with third parties other than as disclosed within this privacy statement.
We may use third-party service providers to help us analyze certain online activities. These are restricted to helping us measure the performance of our website advertising or analyze aggregate visitor activity on our websites. These companies are authorized to use your personal information only as necessary to provide these services to us. They do not personally identify the visitor. MyComplianceOffice do not transfer PI information collected to a sub-processor. A third-party can be used to collect PI information as part of the service but use of this service would be agreed in advance with our customer.
We reserve the right to disclose your personally identifiable information as required by law and when we believe that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request, and/or to comply with a judicial proceeding, court order, or legal process served on our Web site.
We may also store records of your actions on our site, downloads of brochures, webinars viewed etc. This data is stored on a third-party CRM. This data can be accessed on request. Data older than 5 years which hasn’t engaged (opted in to mailing list, downloaded content etc.) with us gets systematically purged from our CRM. The purpose of collecting this data is to be better informed with the information and content we market both on our site, and via outbound email communications.
To meet GDPR requirements, we will not send marketing emails to any EU residents without previous explicit consent to do so.
If MyComplianceOffice is involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified via email, and/or a prominent notice on our Web site, of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.
Our SaaS (Software as a Service) products are hosted with SSAE 18 Type II compliant providers who have signed a Non-disclosure agreement with MyComplianceOffice. This infrastructure is audited by external experts to ensure fully up to date SSAE 18 Type II compliance. No personal client information is ever disclosed to our service providers.
MyComplianceOffice websites may contain links to other websites. If you link to another website, you will leave the MyComplianceOffice site, and its privacy statement is no longer applicable.
Our website includes Social Media Features, such as the Twitter and LinkedIn buttons and Widgets or interactive mini-programs that run on our site. These Features may collect your IP address, which page you are visiting on our site, and may set a cookie to enable the Feature to function properly. Social Media Features and Widgets are either hosted by a third party or hosted directly on our site. Your interactions with these Features are governed by the privacy statement of the company providing it.
You can contact us regarding any of our policies at
535 5th Avenue, 4th Floor, New York, NY 10017
Effective Date: October 9, 2019