Introduction and Scope

Profitable Ideas, Inc. (“PIE”, “we”, “us”, “our”) takes the protection of personally identifiable information (“Personal Data”) very seriously. This Privacy Policy (this “Policy”) addresses certain data subjects whose Personal Data we may receive from our clients that have engaged us to find business executives to participate in their sponsored programming (collectively, the “Services”). This Policy does not apply to Personal Data we collect by other means, such as Personal Data that we receive directly through our website, from data subjects themselves, or the Personal Data of our employees.

Controllership

Within the scope of this Policy, PIE acts as a data controller for the Personal Data we process.

Basis of Processing

We may process your Personal Data on the basis of:

• • our legitimate interests or those of our clients, such as finding business executives to participate in sponsored programs; or
  • any other ground, as required or permitted by law.

How We Receive Personal Data

We may receive your Personal Data when our clients (including their employees, contractors, and other representatives of the company) provide it to us.

Categories of Personal Data

We may process the following types of Personal Data:

• • biographical information, such as your first and last name and the city where you reside;
  • professional information, such as your title and the name of the company for which you work;
  • contact information, such as your email address and phone number;
  • meeting metadata, such as topic, participant IP addresses, device/hardware information
  • telephony usage data, such as call in number, call out number, country name, start and end time, IP address, MAC address of device used; and
  • cloud recordings, such as video, audio and presentations, text file of all in meeting chats, audio transcript files.

Purposes of Processing

We may process your Personal Data for the purposes of:

• • providing our Services to our clients;
  • responding to your requests or questions; and
  • keeping you informed about upcoming events and exchanges.

Data Retention

When the purposes of processing are satisfied, we will delete the related Personal Data within six months.

Sharing Personal Data with Third Parties

We may share Personal Data with our service providers, who process Personal Data on our behalf, and who agree to use the Personal Data only to assist us in providing our Services or as required by law. Our service providers may provide:

• • customer relationship management (CRM) and marketing automation software;
  • internal collaboration software;
  • application hosting services;
  • telecommunications services; and
  • video conferencing services.

We may also share your Personal Data with our clients and other executives that participate in our programming.

Some of these third parties may be located outside of the United States. However, before transferring your Personal Data to these third parties, we will either ask for your explicit consent or require the third party to maintain at least the same level of privacy and security for your Personal Data that we do. We remain liable for the protection of your Personal Data within the scope of our Privacy Shield certification that we transfer to third parties, except to the extent that we are not responsible for an event that leads to unauthorized or improper processing.

Also, some of these third parties may be located outside of the European Union or the European Economic Area. In some cases, the European Commission may not have determined that these countries’ data protection laws provide a level of protection equivalent to European Union law. We will only transfer your Personal Data to third parties in these countries when there are appropriate safeguards in place. These may include the European-Commission-approved standard contractual data protection clauses.

Other Disclosure of Your Personal Data

We may disclose your Personal Data to the extent required by law, or if we have a good-faith belief that we need to disclose it in order to comply with official investigations or legal proceedings (whether initiated by governmental/law enforcement officials, or private parties). We may also disclose your Personal Data if we sell or transfer all or some of our company’s business interests, assets, or both, or in connection with a corporate restructuring. Finally, we may disclose your Personal Data to our subsidiaries or affiliates, but only if necessary for business purposes, as described in the section above.

If we have to disclose your Personal Data to governmental/law enforcement officials, we may not be able to ensure that those officials will maintain the privacy and security of your Personal Data.

Data Integrity & Security

We have implemented and will maintain technical, administrative, and physical measures that are reasonably designed to help protect the confidentiality, integrity and availability of Personal Data from unauthorized processing. This includes unauthorized access, disclosure, alteration, or destruction.

Access & Review

If we process your Personal Data, you may have the right to request access to (or to update, correct, or delete) such Personal Data.

If we have received your Personal Data in reliance on the Privacy Shield, you may also have the right to opt out of having your Personal Data shared with third parties and to revoke your consent to our sharing your Personal Data with third parties. You may also have the right to opt out if your Personal Data is used for any purpose that is materially different from the purpose(s) for which it was originally collected or which you originally authorized. To submit these requests or raise any other questions, please contact us by using the information in the “Contact Us” section below.

EU-U.S. and Swiss-U.S. Privacy Shield Frameworks

For Personal Data processed within the scope of this Policy, PIE complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework (the “Privacy Shield”), as adopted and set forth by the U.S. Department of Commerce, regarding the processing of Personal Data transferred from the European Union, the European Economic Area, the United Kingdom, and Switzerland to the United States. We commit to adhere to the Privacy Shield Principles and have certified our adherence to the Department of Commerce. If there is any conflict between the terms in this Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.

We will continue to maintain its EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield certifications (1) to ensure that data received under these frameworks is appropriately protected and (2) because these frameworks are based on sound data privacy principles which help to protect the personal data of our clients. The U.S. Department of Commerce continues to administer the Privacy Shield program.

To learn more about the Privacy Shield, and to view our certification, please visit https://www.privacyshield.gov and https://www.privacyshield.gov/list, respectively.

Dispute Resolution

Framework Dispute Resolution Procedure, please submit the required information If a privacy complaint or dispute relating to Personal Data received by PIE in reliance on the Data Privacy Framework (or any of its predecessors) cannot be resolved through our internal processes, we have agreed to participate in the VeraSafe Data Privacy Framework Dispute Resolution Procedure. Subject to the terms of the VeraSafe Data Privacy Framework Dispute Resolution Procedure, VeraSafe will provide appropriate recourse free of charge to you. To file a complaint with VeraSafe and participate in the VeraSafe Data Privacy here: https://www.verasafe.com/privacy-services/dispute-resolution/submit-dispute/

If a complaint or dispute cannot be resolved through our internal process, we have also agreed to cooperate with the EU and UK data protection authorities and the Swiss Federal Data Protection and Information Commissioner and to participate in the dispute resolution procedures of the panel established by such data protection authorities.

Binding Arbitration

If your dispute or complaint related to your Personal Data that we received in reliance on the Data Privacy Framework cannot be resolved by us, nor through the dispute resolution mechanism mentioned above, you may have the right to require that we enter into binding arbitration with you under the Data Privacy Framework “Recourse, Enforcement and Liability” Principle and Annex I of the Data Privacy Framework.

U.S. Regulatory Oversight

PIE is subject to the investigatory and enforcement powers of the United States Federal Trade Commission.

Changes to this Policy

If we make any material change to this Policy, we will post the revised Policy to this web page. We will also update the “Effective” date.

Contact Us

If you have any questions about this Policy or our processing of your Personal Data, please write to our privacy team by email at privacy@profitableideas.com or by postal mail at:

Profitable Ideas Exchange (PIE)

Attn: Privacy Team
815 Manley Rd
Bozeman, MT 59715

Please allow up to four weeks for us to reply.