Scope of Safe Harbor Certification
Cubic Corporation (hereinafter “Cubic” or “we”) recognizes that the European Community has established a data protection regime pursuant to Directive 95/46/EC (the “Directive”), which applies to the European Economic Area (“EEA”) and that Switzerland has established a data protection regime pursuant to the Federal Act on Data Protection (“FADP”). These regimes restrict companies in the EEA and Switzerland (collectively, “EEA/CH”) from transferring personal data about individuals in the EEA/CH to the United States, unless there is “adequate protection” for such personal data when it is received in the United States. To create such “adequate protection” and to overcome the restriction on international data transfers established by the Directive and the FADP, Cubic adheres to the Safe Harbor Privacy Principles published by U.S. Department of Commerce (“Safe Harbor Principles”) with respect to personal data about individuals in the EEA/CH that subsidiaries, customers and other businesses and governments in the EEA/CH send to Cubic. Cubic’s Safe Harbor Certification does not extend to data that Cubic receives directly through www.cubic.com or other websites (information on Cubic’s practices regarding data received through websites is contained in Cubic’s Website Privacy Policy). More information on the Safe Harbor Principles and Cubic’s scope of participation is available at http://www.export.gov/safeharbor/eg_main_018236.asp.
Scope of this Notice
This General EEA Safe Harbor Notice does not apply to employees of Cubic or its subsidiaries. Rather, this Notice addresses other data subjects residing in the EEA/CH whose personal data Cubic may receive from one of its subsidiaries, customers, other businesses or governments in the EEA/CH (“EEA/CH Persons”). Cubic will issue a separate Safe Harbor Notice for European Employees to all Cubic and Cubic subsidiary employees in the EEA/CH.
Categories of EEA/CH Data
Cubic primarily provide defense and transportation systems and services to businesses and governments and rarely to individual consumers. Thus, Cubic receives mostly business-related information from the EEA/CH. Occasionally, Cubic also receives contact information related to individual representatives of businesses with whom Cubic is dealing, including, without limitation, names, addresses, work phone numbers, and work email addresses of EEA /CH Persons (“EEA/CH Data”). In connection with some services, Cubic may also process EEA/CH Data on behalf of, and in accordance with instructions from, customers. Since EEA/CH Data covered by this Notice is by definition sent to Cubic by another company or government in the EEA (e.g., a supplier to Cubic), the categories of data sent and the purposes of processing often depend on such other company or government, with whom the EEA/CH Persons typically have a closer employment or business relationship (and which therefore, can provide additional information on categories of data shared with us).
Purposes
Cubic collects and uses EEA/CH Data for purposes of providing products and services to its customers, communicating with corporate business partners about business matters, processing EEA/CH Data on behalf of corporate customers, transmitting marketing emails and performing other marketing activities, and conducting related tasks for legitimate business purposes.
Disclosure
Cubic shares EEA/CH Data with affiliates and contractors, which process EEA/CH Data on behalf of Cubic. Cubic also shares EEA/CH Data with other third parties for the purposes for which Cubic receives the EEA/CH Data (e.g., performance of contractual obligations) and as required or permitted by law.
With respect to marketing emails, EEA/CH Persons may opt-out of receiving further email marketing communications from Cubic by following opt-out instructions that are contained in each marketing email. EEA/CH Persons may also send an email to Cubic’s Data Privacy Officer (see contact information below) to ask to opt-out of disclosures to third parties, but such a limitation on data sharing may make it difficult or impossible for Cubic to provide the requested services. Notwithstanding other statements in this General EEA Safe Harbor Notice, Cubic may disclose EEA/CH Data where it is legally required to disclose (e.g., under statutes, contracts or otherwise) or when the disclosure is permitted by law and Cubic has a legitimate business interest in such disclosure.
Access and Review
EEA/CH Persons whose EEA/CH Data Cubic holds may request access to, and the opportunity to update, correct or delete some or all of the EEA/CH Data that Cubic holds about them. To submit such requests or raise any other questions, please contact the Cubic Safe Harbor Contact as described below. Cubic reserves the right to take appropriate steps to authenticate an applicant’s identity, charge an adequate fee before providing access and deny requests, except as required by the Safe Harbor Principles.
Safe Harbor Contract
If you have questions, please contact the Data Privacy Officer at Cubic Corporation, Law Department, 9333 Balboa Ave., San Diego, CA 92123; telephone: (800) 818-8303; or fax: (858) 505-1559. If you have a comment or concern that cannot be resolved with Cubic directly, you may contact the competent local data protection authority in your EEA/CH Member State.