MDSL commits to comply with the Principles with respect to the Personal Data the company receives from its Customers or their Users in the EEA in connection with the use of MDSL’s hosted software applications (the “Subscription Service”) and related support services (“Support Services”), as well as expert services (including managed services, professional services, training and certification) (the “Expert Services”) that we provide to Customers. In this Privacy Shield Policy, the Subscription Service, Support Services and the Expert Services are collectively referred to as the “Service.”
“Controller” means a person or organization which, alone or jointly with others, determines the purposes and means of the processing of Personal Data.
“Customer” means any entity that purchases the Service.
“Customer Data” means the electronic data uploaded into the Subscription Service by or for a Customer or its Users.
“Device” means a mobile device.
“Personal Data” means any information, including Sensitive Data, that is (i) about an identified or identifiable individual and (ii) received by MDSL in the U.S. from the EEA in connection with the Service.
“Processor” means any natural or legal person, public authority, agency or other body that processes Personal Data on behalf of a Controller.
“Sensitive Data” means Personal Data specifying medical or health conditions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, sex life, the commission or alleged commission of any offense, any proceedings for any offense committed or alleged to have been committed by the individual or the disposal of such proceedings, or the sentence of any court in such proceedings.
“User” means an individual authorized by Customer to access and use the Subscription Service.
MDSL hosts and processes Customer Data, including any Personal Data contained therein, at the direction of and pursuant to the instructions of MDSL’s Customers. MDSL also collects several types of information from our Customers, including:
In addition, MDSL collects general information about its Customers, including a Customer’s company name and address, and the Customer representative’s contact information (“General Information”) for billing and contracting purposes.
MDSL may use Personal Data submitted by our Customers and Users as necessary to provide the Service, including updating, enhancing, securing and maintaining the Subscription Service and to carry out MDSL’s contractual obligations to its Customers. MDSL also obtains General Information in connection with providing the Service and maintaining MDSL’s relationships with its Customers.
We may disclose Personal Data that our Customers and Users provide to our Service only:
Individuals in the EEA generally have the right to access their Personal Data. As an agent processing Personal Data on behalf of its Customers, MDSL does not own or control the Personal Data that it processes on behalf of its Customers or their Users and does not have a direct relationship with the Users whose Personal Data may be processed in connection with providing the Service. Since each Customer is in control of what information, including any Personal Data, it collects from its Users, how that information is used and disclosed, and how that information can be changed, Users of the Subscription Service should contact the applicable Customer administrator with any inquiries about how to access or correct Personal Data contained in Customer Data. To the extent a User makes an access or correction request to MDSL, we will refer the request to the appropriate MDSL Customer and will support such Customer as needed in responding to any request.
To access or correct any General Information Customer has provided, the Customer should contact their MDSL account representative directly or by using the contact information indicated below.
In accordance with the Principles, MDSL will offer Customers and Users choice to the extent it (i) discloses their Personal Data to third party Controllers, or (ii) uses their Personal Data for a purpose that is materially different from the purposes for which the Personal Data was originally collected or subsequently authorized by the Customer or User. To the extent required by the Principles, MDSL also will obtain opt‑in consent if it engages in certain uses or disclosures of Sensitive Data. Unless MDSL offers Customers and Users an appropriate choice, MDSL uses Personal Data only for purposes that are materially the same as those indicated in this Policy.
MDSL may disclose Personal Data of Customers and Users without offering an opportunity to opt out, and may be required to disclose the Personal Data, (i) to third‑party Processors that MDSL has retained to perform services on its behalf and pursuant to its instructions, (ii) if it is required to do so by law or legal process, or (iii) in response to lawful requests from public authorities, including to meet national security, public interest or law enforcement requirements. MDSL also reserves the right to transfer Personal Data in the event of an audit or if the company sells or transfers all or a portion of its business or assets (including in the event of a merger, acquisition, joint venture, reorganization, dissolution or liquidation).
MDSL complies with the Privacy Shield’s Principle regarding accountability for onward transfers. MDSL remains liable under the Principles if its onward transfer recipients process Personal Data in a manner inconsistent with the Principles, unless MDSL proves that it was not responsible for the event giving rise to the damage.
If MDSL maintains your Personal Data in one of the Services within the scope of our Privacy Shield certification, you may direct any inquiries or complaints concerning our Privacy Shield compliance to firstname.lastname@example.org, or in the U.S. or EEA by regular mail as indicated below. MDSL shall respond within 45 days. If your complaint cannot be resolved through MDSL’s internal processes, MDSL commits to cooperate with the panel established by the EU data protection authorities (DPAs) and comply with the advice given by the panel with regard to personal data transferred from the EU as part of MDSL’s relationship with its Customers.
To ask questions or comment about this Privacy Shield Policy and our privacy practices or if you need to update, change or remove your information, contact us at: email@example.com or by regular mail addressed to:
1410 Broadway, Suite 2101
Alternatively, regular mail may also be directed to our European Union‑based headquarters, Market Data Services Limited, by addressing it to:
4 Century Place, 2nd Floor,