Safe Harbor

Safe Harbor Privacy Policy

Cozi Inc. (“Cozi”) is committed to respecting the privacy and integrity of its end users in its business practices and strives to collect, use and disclose personal information in a manner consistent with the laws of the countries in which it does business. This Safe Harbor Privacy Policy (the “Policy”) sets forth the privacy principles that Cozi follows with respect to personal consumer information transferred from the European Economic Area (the “EEA”), Switzerland and the United States. This Policy should be read in conjunction with Cozi’s Privacy Policy for complete information on Cozi’s privacy commitments.

Safe Harbor

The United States Department of Commerce and the European Commission have agreed on a set of data protection principles and frequently asked questions (the “Safe Harbor Principles”) to enable U.S. companies to satisfy the requirement under European Union (“EU”) law that adequate protection be given to personal information transferred from the EU to the United States. The EEA and Switzerland have also recognized the U.S. Safe Harbor Principles as providing adequate data protection. Consistent with its commitment to protect personal privacy, Cozi adheres to the Safe Harbor Principles. To learn more about the Safe Harbor Principles, and to view Cozi’s certification, please visit http://www.export.gov/safeharbor/.

Scope

This Policy applies to all personal information received by Cozi in the United States from the European Economic Area (“EEA”) or Switzerland.

Definitions

For the purposes of this Policy, the following definitions shall apply:

“Agent” means any third party that processes personal information pursuant to the instructions of, and solely for the benefit of, Cozi, or to which Cozi discloses personal information for processing on Cozi’s behalf.

“Data subject” means, as to personal information, the natural person as to which such personal information relates. Under this Policy, a data subject includes active, former, and potential end users of Cozi’s applications whose data is sent from the EEA or Switzerland to Cozi in the United States and resides on the Systems.

“Personal information” means any information relating to an identified or identifiable natural person that is within the scope of the EU Personal Data Directive, received by Cozi from the EEA or Switzerland, and recorded in any form and residing on the Systems. An identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity. Personal information does not include anonymized information or aggregated information (to the extent an individual’s identity cannot reasonably be derived from such information).

“Processing” of personal information means any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction.

“Sensitive personal information” means personal information that reveals a natural person’s race, ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, or that concerns a natural person’s sex life or health.

Safe Harbor Principles

The following principles are based on the Safe Harbor Principles. Additional information about the Safe Harbor Program is available on the U.S. Department of Commerce’s website at http://www.export.gov/safeharbor/.

Notice

Where Cozi collects personal information directly from individuals in the EEA or Switzerland, Cozi will inform them in its Privacy Policy about the purposes for which Cozi collects and uses personal information about them and the choices and the means Cozi offers individuals for limiting the use and disclosure of their personal information. Notice will be provided when individuals are first asked to provide personal information to Cozi, or as soon as practicable thereafter, and in any event before Cozi uses or discloses the information for a purpose other than that for which it was originally collected or discloses information to a third party.

Choice

Cozi users who reside in the EEA or Switzerland have the choice to opt-out of having their personal information disclosed to a third party that is not an agent or used for a purpose other than that for which it was originally collected as described in the “Notice” section above. Consumers so desiring to opt-out should contact Cozi as described in the “How to Contact Us” section below. Cozi does not generally collect sensitive consumer personal information. Except as permitted by the Safe Harbor Principles, Cozi does not use sensitive consumer personal information for a purpose other than that for which it was originally collected, or disclose sensitive consumer personal information to a third party that is not an agent of Cozi, without the consumer’s opt-in to such use or disclosure, respectively.

This provision does not apply to public record information or publicly available information except in certain situations as defined by the Safe Harbor Program.

Onward Transfer

Cozi will obtain reasonable assurances from its agents that they will safeguard personal information collected by Cozi on behalf of consumers or employees consistently with this Policy and the Safe Harbor Principles. Examples of appropriate assurances may include: a contract obliging the agent to afford a level of protection to the personal information that is at least equivalent to the Safe Harbor Principles; Safe Harbor certification by the agent; or the agent being subject to EU Directive 95/46/EC or other law providing an adequate level of privacy protection.

This provision does not apply to public record information or publicly available information except in certain situations as defined by the Safe Harbor Program.

Access

Upon request, Cozi will offer you reasonable access to personal information Cozi holds about you. In addition, Cozi will take reasonable steps to correct, amend, or delete inaccurate information, unless the burden or expense of providing access would be disproportionate to the risks to your privacy, or the rights of other persons may be violated by providing such access. Requests can be directed as described in the “How to Contact Us” section below. For security purposes, the individual may need to provide Cozi with various pieces of personal information to process the request. Cozi may limit or deny access to personal information, or charge a fee, where providing such access would be unreasonably burdensome or expensive under the circumstances or as otherwise permitted by the Safe Harbor Principles.

Security

Cozi will take reasonable technical, physical, and administrative measures, including training, to protect personal information from loss, misuse, and unauthorized disclosure, access, alteration, and destruction. Cozi safeguards information according to established security standards and periodically assesses new technology for methods of protecting information.

Data Integrity

Cozi (or its designee) will take reasonable measures to verify that personal information is relevant for its intended use, reliable for its intended use, accurate, complete, and current.

Enforcement and Dispute Resolution

Cozi will conduct periodic assessments to confirm the accuracy of, and verify its adherence to, this Policy. Cozi will investigate suspected infractions and any employee who Cozi determines to be in violation of this Policy will be subject to disciplinary action, which may include termination of employment.

Onward

Any questions, concerns, or complaints concerning the collection and use of personal information by Cozi should be directed to the Privacy contact provided at the end of this policy. Cozi will conduct a reasonable investigation of and will attempt to resolve any complaints in accordance with the principles contained in this Policy. Cozi has further committed to refer unresolved privacy complaints under the Safe Harbor Principles to an independent dispute resolution mechanism, the BBB EU Safe Harbor, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed by Cozi, you may contact the BBB EU Safe Harbor program at the address below:

Council of Better Business Bureaus, Inc.
BBB EU Safe Harbor
http://www.bbb.org/us/safe-harbor-complaints

Limitations

Cozi’s adherence to the Safe Harbor Principles may be limited by any applicable legal, regulatory, ethical or public interest consideration, and as expressly permitted or required by any applicable law, rule, or regulation. Examples of such limitations include but are not limited to exceptions to the opt in requirements for sensitive personal information permitted by Commission Decision 2000/520/EC of 26 July 2000, exceptions on access as permitted by Safe Harbor Principles, or under applicable European Economic Area member state or Swiss directives. Cozi also may disclose personal information reasonably related to the sale or disposition of all or part of its business.

Modification of this Safe Harbor Privacy Policy

This Policy may be amended from time to time with or without notice in accordance with the Safe Harbor Principles. Any modified Policy will be posted on Cozi’s website.

How to Contact Us

If you have any questions or concerns about the collection and use of personal information by Cozi, pursuant to this Safe Harbor Privacy Policy, please contact:

Cozi, Inc.
506 2nd Avenue, Suite 800
Seattle, WA 98104-2328 USA
Attention: Privacy Officer