Privacy Policy

Flexible Technology Solutions is committed to respecting and protecting the privacy of individuals with whom we come into contact. We believe in protecting the rights of the individual to the privacy of their Personal Information.

“Digital freedom stops where that of users begins... Nowadays, digital evolution must no longer be a customer trade-off between privacy and security. Privacy is not to sell, it's a valuable asset to protect.”

 An Unwavering Commitment to Protecting Your Privacy

Updated Privacy Policy - January 23, 2024
Flexible Technology Solutions (“FlexTecs”)

 

Flexible Technology Solutions ("FlexTecs") is committed to respecting and protecting the privacy of individuals with whom we come into contact. We believe in protecting the rights of the individual to the privacy of their Personal Information. As part of our continuous updating and strengthening of our privacy protection measures and compliance with evolving regulatory standards around the world, we have updated our privacy policy to indicate compliance with the DPF Program, including the UK Extension to the EU-U.S. DPF.

FlexTecs complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, as set forth by the U.S. Department of Commerce.  FlexTecs has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF.  If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles, the Principles shall govern.  To learn more about the Data Privacy Framework (DPF) Program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, FlexTecs commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF to PrivacyTrust https://www.privacytrust.com/cert/21064.html, an alternative dispute resolution provider based in the United States.  If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit https://www.privacytrust.com/drs/flextecs for more information or to file a complaint.  The services of PrivacyTrust are provided at no cost to you.

To align with the DPF Program, we have integrated its principles into our privacy policy. Below are the key principles we adhere to:

  1. Notice Principle:

    • We have incorporated the DPF Program's Notice Principle checklist into our policy.

2. Principles within Our Policy

  • Our policy now explicitly outlines our commitment to the principles of the DPF Program.

3. UK Extension to the EU-U.S. DPF:

  • FlexTecs acknowledges the UK Extension to the EU-U.S. DPF, ensuring compliance with the privacy principles set forth for the transfer of personal information from the European Union and the United Kingdom to the United States.

DPF Checklist:

  • Notice Principle:

    • Clear and concise information on the types of personal information collected.

    • Transparency about the purpose of data processing.

    • Disclosure of third-party data sharing practices.

    • Notification of any changes to data processing practices.

  • Principles within Our Policy:

    • Commitment to data protection principles.

    • Clarity on the role as a Processor and the limited exposure to Personal or Sensitive Personal data.

    • Significant measures taken to ensure protection of client-provided personal data.

  • UK Extension to the EU-U.S. DPF:

    • Acknowledgment of the UK Extension and compliance with privacy principles.

 

What do we do for our clients and what data do we receive?

FlexTecs collects and processes transactional client business-to-business data to improve our clients’ financial performance. As a Processor of data, we maintain information security controls and adhere to contractual commitments to process specific client business data files securely.

Customers have full control of the data they provide to FlexTecs. Customer is responsible for filtering out Personal or Sensitive Personal data or inform and get consent from their email users that such email data is being transmitted to FlexTecs.

FlexTecs does not intentionally collect Personal or Sensitive Personal data for its services. In cases where personal information is inadvertently received, we make efforts to filter out and securely destroy such data.

Data Storage and International Data Transfers:

We receive and process client data through highly-secured US-based and EU-based cloud storage, adhering to contractual obligations, security measures, and compliance protocols. Our commitment to the EU-U.S. Data Privacy Framework and the UK Extension is outlined here Data Privacy Framework Program.


Rights and Protections regarding Personal Information and Sensitive Personal Information:

We adhere to the highest global standards of data and privacy protection, including the principles of GDPR, EU-U.S. Data Privacy Framework certification, and the UK Extension. Key rights and protections include:

  1. Reasonable and Diligent Measures to Protect Your Privacy:

    • We maintain a relentless focus on Information Security, Business Continuity, and global privacy standards. Detailed information is available upon request.

  2. "Opt-in" Provisions:

    • FlexTecs accepts data in accordance with explicit contractual obligations and provides clear instructions to individuals regarding their rights, data utilization, safeguard measures, and opt-out options.

  3. Clear Disclosure and Transparency of Utilization of Data:

    • We adhere to strict guidelines regarding data received, usage, and Information Security, promoting transparency.

  4. Right to Erasure:

    • FlexTecs retains data in line with consent, contractual, and legal obligations, ensuring timely compliance with requests for data erasure.

  5. Notifications and Timely Response to Queries:

    • We commit to prompt responsiveness to queries or requests related to Personal or Sensitive Personal information, in line with industry standards.

 

Independent Dispute Resolution:

FlexTecs commits to independent dispute resolution and investigative compliance in line with the Data Privacy Framework Program, the UK Extension, and GDPR requirements, as of January 23, 2024.

PRIVACYTRUST Independent Recourse Mechanism

If you have any concerns or complaints, you can contact our Chief Information Officer via security@flextecs.com.

We appreciate your trust in Flexible Technology Solutions.