Website Privacy Policy

Website Privacy Statement

In general, you may visit the M2S website without identifying yourself or revealing any personal data. M2S may collect domain information from your visit to customize and improve your experience on our website.

We will not collect any personal data through the M2S website that you do not volunteer, and we are the sole owner of all information collected on this site. We do not sell, share, or rent this information to others in any way.

E.U. – U.S. Privacy Shield Statement

The United States Department of Commerce has worked with the European Commission to develop the E.U. – U.S. Privacy Shield to allow U.S. companies to meet the E.U. law requirements that Personal Data transferred from the E.U. to the United States be adequately protected. Consistent with its pledge to protect personal privacy, M2S adheres to the Privacy Shield Principles. If there is any conflict between the policies in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.  To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/list

Scope

This Personal Data Protection Policy (the “Policy”) applies to all Personal Data received by M2S in the United States from the E.U. and/or other applicable countries, recorded in any form (including electronic, paper or verbal).

Definitions

The following definitions shall apply throughout this Policy:

  • “Agent” means any third party that uses Personal Data provided to us to perform tasks on behalf of and under the instruction of M2S.
  • “Personal Data” means Information or a set of information that identifies or could be used by or on behalf of M2S to identify an individual. Personal Data does not include information that is encoded, anonymous, aggregated or publicly available information that has not been combined with non-public Personal Data.
  • “Sensitive Personal Data” means Personal Data that reveals racial, ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership or information that specifies the health or sex life of the individual. In addition, M2S will treat any information as Sensitive Personal Data, which received from a third party where that third party treats and identifies the information as sensitive.

Privacy Principles

The Privacy Principles in this Policy are based on the Data Protection Directive and Privacy Shield Principles:

  1. Notice

When M2S collects Personal Data directly from individuals in the E.U. and/or other applicable countries, we will inform them about the purposes for which we collect and use their Personal Data, the types of third parties (other than Agents), if any, to which we disclose that information, and the choices and means, if any, that we offer individuals for limiting the use and disclosure of their Personal Data. Notice will be provided in clear and conspicuous language when individuals are first asked to provide Personal Data to M2S, or as soon as practicable thereafter, and in any event before we use the information for a purpose other than that for which it was originally collected. If M2S receives Personal Data from its affiliates or other entities in the E.U. and other countries with which we do business, M2S will use such information in accordance with the notices such entities provided and the choices made by the individuals to whom such Personal Data relates.

  1. Choice

When M2S collects Personal Data directly from individuals in the E.U., we will offer individuals the opportunity to choose (opt-out) whether their Personal Data is (a) to be disclosed to a third party (other than an Agent), or (b) to be used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual.

For Sensitive Personal Data, M2S will give individuals the opportunity to affirmatively and explicitly (opt-in) consent to (a) the disclosure of the information to a third party, or (b) the use of the information for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual. M2S will provide individuals with reasonable methods to exercise their choices. M2S may disclose personal information to third parties in the following instances:

Website Consultants and Service Providers. M2S may disclose personal information to third party consultants and service providers (such as providers of hosting services, support, maintenance and remedial and repair services) to the extent that they require access to M2S’s databases, or the information contained in M2S’s databases, to service us and our customers under the conditions set out in the Principles.

Enforcement of Rights / Security. M2S reserves the right to release personal information (i) when M2S is under legal compulsion to do so (e.g. we have received a subpoena) or M2S otherwise believes that the law requires us to do so, (ii) when M2S believes it is necessary to protect and/or enforce the rights, property interests, or safety of M2S, our customers, or others, or (iii) as M2S deems necessary to resolve disputes, troubleshoot problems, prevent fraud and/or enforce the Principles.

Reorganization or Sale. In the event that M2S is merged with or becomes part of another organization, or in the event that our company is sold or it sells all or substantially all of its assets or is otherwise reorganized, the information you provide may be one of the transferred assets to the acquiring or reorganized entity.

As Otherwise Allowed by Law. M2S may transfer personal information to third parties where we are expressly authorized by applicable law and the Principles to do so.  M2S also may be required to disclose an individual’s personal information in response to a lawful request by public authorities, including meeting national security or law enforcement requirements.

  1. Accountability For Onward Transfers

M2S will obtain assurances from our Agents that they will safeguard Personal Data consistently with this policy. If M2S has knowledge that an Agent is using or disclosing Personal Data in a manner contrary to this policy, we will take reasonable steps to prevent or stop the use or disclosure. In cased of Onward Transfer, M2S, Inc. remains liable.

  1. Security

M2S will take reasonable precautions to protect Personal Data in its possession from loss, misuse and unauthorized access, disclosure, alteration and destruction.

  1. Data Integrity & Purpose Limitation

M2S will use Personal Data only in ways that are compatible with the purposes for which it was collected or subsequently authorized by the individual. M2S will take reasonable steps to ensure that Personal Data is relevant to its intended use, accurate, complete, and current.

  1. Access

Upon request, M2S will grant individuals reasonable access to Personal Data that we hold about them, and we will take reasonable steps to permit individuals to correct, amend, or delete information that is demonstrated to be inaccurate or incomplete. M2S may limit or deny access to Personal Data where the burden or expense of providing access would be disproportionate to the risks to the individual’s privacy in the case in question, or where the rights of persons other than the individual would be violated. If an individual desires to correct, amend, or delete Personal Information that was provided to M2S by third parties (and not directly by the individual), you may contact us to access, correct, or remove your information from our files. However, an individual should also contact the applicable third party company to whom provided the data to correct, amend, or delete such Personal Information.

  1. Resource, Enforcement And Liability

M2S will conduct compliance audits of our relevant privacy practices to verify adherence to this Policy. Any employee that we determine is in violation of this Policy will be subject to disciplinary action up to and including termination of employment.

Dispute Resolution and Enforcement

Any questions or concerns regarding the use or disclosure of Personal Data should be directed to us at the address given below. M2S will investigate and attempt to resolve complaints and disputes regarding use and disclosure of Personal Data in accordance with the principles contained in this Policy within 45 days of receiving a complaint. For complaints that cannot be resolved between M2S and the complainant, we have agreed to participate in the dispute resolution procedures pursuant to the Privacy Shield Principles.

M2S is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).  Should an individual be unable to resolve a complaint with M2S, they may contact the FTC at the following address:

Federal Trade Commission
Attn: Consumer Response Center
600 Pennsylvania Avenue NW
Washington, DC 20580
www.ftc.gov

EU Persons (EU Data Subjects) may make complaints to their home data protection authority and can invoke binding arbitration for some residual claims not resolved by other redress mechanisms.

Contact Information

Questions or comments regarding this Policy should be submitted to us by mail or e-mail as follows:

M2S, Inc.

Attn: Privacy Officer

12 Commerce Avenue

West Lebanon, NH 03784

Email: PrivacyShield@m2s.com

Changes to Personal Data Protection Policy

This Policy may be amended from time to time, consistent with the requirements of the Data Protection Directive and/or Privacy Shield Principles. M2S will provide appropriate public notice about such amendments.