Project: Worldwide (“Project” or “we” or “our”) adheres to the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework published by the U.S. Department of Commerce (Privacy Shield). Project includes our wholly-owned agencies George P. Johnson Company, Motive Group, Inc., Partners & Napier, Inc., Praytell Strategy, Inc., Spinifex Group, Inc. and Wondersauce, LLC.
This Privacy Shield Policy (Policy) outlines our general policy and practices for implementing Privacy Shield, including the types of Personally Identifiable Information (PII) Project gathers, how we use PII, and the choices individuals have regarding our use of, and the ability to correct, the PII relating to them. If there is any conflict between this statement and the Principles described by Privacy Shield at www.privacyshield.gov, the Principles will govern. To learn more about Privacy Shield and its principals, visit: https://www.privacyshield.gov.
This Policy applies to the PII we handle. For purposes of this statement, PII
means information that (1) is transferred from the European Economic Area (EEA) and Switzerland to the U.S. in reliance on the Privacy Shield; (2) is about, or pertains to, a specific individual; and (3) can be linked either directly or indirectly to that individual.
In addition to this Policy, we also have other policies and procedures in place that legitimize data flows, including Standard Contract Clauses.
Principles protecting individuals’ privacy notice and choice
- We notify individuals about the PII we collect from them, how we use it and how to contact us with privacy-related questions and concerns.
- We provide such notice through this Policy, our Privacy Notice
(http://project.com/privacy) and direct communication with individuals about the PII we collect.
- We collect and process PII about Project: Worldwide personnel for human resources administration, including recruitment, in accordance with Privacy Shield.
- We collect and process PII from our customers to provide them with services.
- We collect PII from individuals only as permitted by Privacy Shield.
- We obtain consent for PII to be collected, used or transferred in certain ways (such as for sensitive PII, for example, a Social Security Number) from individual. Consent is provided through our agreements with customers, the employment relationship with employees and other similar documents.
- If we will use PII in an additional or different manner than you were originally informed about, we will provide you with notice and when appropriate, obtain your consent.
Disclosures and transfers
We do not disclose PII to third parties, except when:
- We have the individual’s permission to make the disclosure.
- The disclosure is required by lawful request by public authorities.
- The disclosure is required by law.
- The disclosure is reasonably related to the sale, merger or other
disposition of all or part of our business.
- The information is publicly available prior to the disclosure.
- The disclosure is reasonably necessary to establish our legal rights,
defenses or claims.
- The disclosure is to a Project: Worldwide entity or third party providing services on our behalf or to our customers, but only if the disclosure is consistent with the purpose for which the information was obtained and the recipient of the information is subject to laws providing adequate level of privacy protection or has agreed to provide an adequate level of privacy protection.
Accountability and transfers
In the event we transfer PII covered by this Policy to a third party acting as a controller, we will do so consistent with any notice provided to you and any consent you have given. Further, the third party must provide us with
contractual assurances that it will (i) process PII only for limited and specified purposes consistent with any consent you provided, (ii) provide at least the same level of protection as is required by this Policy and Privacy Shield and (iii) notify us if it makes a determination that it cannot do so and then cease processing the PII or take other reasonable and appropriate steps to remediate the circumstances. If we know a third party is processing PII subject to Privacy Shield as a controller in a way that is inconsistent or
contrary to Privacy Shield, we will take reasonable steps to prevent or stop
With respect to our agents, we will transfer only PII covered by Privacy Shield as needed for an agent to deliver the product or service to Project:
Worldwide. We will (i) permit the agent to process PII only for limited and
specified purposes; (ii) require the agent to provide at least the same level of protection required by this Policy and Privacy Shield; (iii) take reasonable and appropriate steps to ensure that the agent follows this Policy and Privacy Shield when processes PII; and (iv) require the agent to notify us if it determines it can no longer meet requirements of this Policy and Privacy Shield. Upon receiving this notice, we will take reasonable and appropriate steps to stop and remediate unauthorized processing.
We may also transfer PII from one jurisdiction to another (including from the EU to the U.S. Privacy laws vary by jurisdiction, and some may provide less or different legal protection than others. However, we will protect PII in accordance with Privacy Shield regardless of the jurisdiction in which the PII resides or originates.
Project: Worldwide remains liable under Privacy Shield if an agent processes PII covered by this Policy and Privacy Shield in a manner inconsistent with Privacy Shield, unless we are not responsible for the event giving rise to the damage.
Security, integrity and access
We employ various physical, electronic, administrative and managerial
policies, processes procedures and training that is designed to reasonably
protect PII from loss, misuse or unauthorized access, disclosure, alteration or destruction.
We process PII only for the limited and specific purpose it was originally
collected. We take reasonable steps to ensure PII is accurate, complete,
current and reliable for its intended use.
Individual have the right to access the PII we holds about them in the ways
specified by Privacy Shield. Individual may contact us using the information in the “Contact us” section to correct, amend or delete PII that is inaccurate or that has been processed in violation of Privacy Shield. We will take reasonable steps to ensure the individual is who they state they are before honoring their rights under Privacy Shield. In addition, we may limit or deny access to PII where providing access would be unreasonably burdensome or expensive, or where the rights of persons other than the individual would be violated. We may charge a reasonable fee, where warranted, for access to PII.
Accountability and enforcement
Our participation in the EU-U.S. Privacy Shield and the Swiss-U.S. Privacy
Shield is subject to investigation and enforcement by the Federal Trade
We have established policies and procedures to monitor our compliance with Privacy Shield. This includes a process for addressing questions and concerns about our compliance. These policies and procedures include annual written and signed statement (to be made at least annually), verifying that this statement is (1) accurate, (2) comprehensive for the information it is designed to cover, (3) prominently displayed and readily accessible, and (4) completely implemented. Interested parties and individuals are strongly encouraged to send concerns to the contact information located in the “Contact us” below.
Project: Worldwide personnel who violate this Policy will be subject to
disciplinary action, including (without limitation), termination.
Individuals may file a complaint with us using the information in the “Contact us” section below. If a complaint or dispute under this Policy cannot be resolved internally:
- If the dispute involves PII collected in the context of an employment
relationship, we will cooperate and comply with competent EU or Swiss data protection authorities. In the event that we or such authorities determine that we did not comply with this Policy, we will take appropriate steps to address any adverse effects and to enhance
- For all other disputes under this Policy, individuals may file a claim with JAMS.
- In certain circumstances, an individual may invoke binding arbitration by a Privacy Shield panel to be created by the U.S. Department of Commerce and the European Commission. Additional information about this process is available on the Privacy Shield website (privacyshield.gov).
We may amend this Policy from time to time by posting a revised version. If
we amend this Policy, the new Policy will apply to PII previously collected only as the rights of the individual affected are not reduced or eliminated by the amendment. While we continue to participate in Privacy Shield, we will not amend this Policy in a manner inconsistent with Privacy Shield.
Information subject to other policies
We are committed to following the Principles for all PII within the scope of
Privacy Shield. However, certain information is subject to policies that may
differ in some respects from the general policies set forth in this Policy. For
example, certain websites and services have their own privacy notices and
information collected about or from employees and customers may be subject to additional policies or agreements.
In compliance with the Privacy Shield Principles, Project Worldwide commits to resolve complaints about our collection or use of your personal information. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Project
Worldwide at: firstname.lastname@example.org
Project Worldwide has further committed to cooperate with the panel
established by the EU data protection authorities (DPAs) and the Swiss
Federal Data Protection and Information Commissioner (FDPIC) with regard
to unresolved Privacy Shield complaints concerning human resources data
transferred from the EU and Switzerland in the context of the employment
To receive more information, address a concern or file a complaint, please
contact us at:
Project: WorldWide, Inc.
Attn: Data Privacy Officer
3600 Giddings Road
Auburn Hills, MI 48348
+1 (248) 475 2500