You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: Bitwarden/Privacy Policy.md
+9-9Lines changed: 9 additions & 9 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -7,7 +7,7 @@ Bitwarden Inc. Privacy Policy
7
7
8
8
### EU-U.S. Data Privacy Framework
9
9
10
-
Bitwarden Inc. ("Bitwarden") complies with the requirements of the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”) and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. Data Privacy Framework (“Swiss-U.S. DPF”) (collectively “DPF”), as set forth by the U.S. Department of Commerce and the Federal Trade Commission (“FTC”), regarding the collection, use, and retention of personal information transferred from the European Economic Area (“EEA”) and the United Kingdom (“UK”) and Switzerland to the United States. Bitwarden has certified to the Department of Commerce that we adhere to the DPF Principles and Supplemental Principles with respect to personal information transferred to us in reliance on the DPF. If there is any conflict between the terms in this Privacy Policy and the DPF Principles, the DPF Principles shall govern. We are subject to the investigatory powers of the FTC with respect to our DPF compliance. To learn more about the EU-U.S. Data Privacy Framework program, and to view our certification, please visit [https://www.dataprivacyframework.gov/s/participant-search](https://www.dataprivacyframework.gov/s/participant-search)[.](https://www.privacyshield.gov/)
10
+
Bitwarden Inc. ("Bitwarden") complies with the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (“Swiss-U.S. DPF”) (collectively “DPF”), as set forth by the U.S. Department of Commerce. Bitwarden has certified to the Department of Commerce that we adhere to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. Bitwarden has certified to the U.S. Department of Commerce that we adhere to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this Privacy Policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF), and to view our certification, please visit [https://www.dataprivacyframework.gov/](https://www.dataprivacyframework.gov/)
@@ -221,7 +221,7 @@ Depending on how Bitwarden is deployed by the customer, Bitwarden may share Pers
221
221
222
222
To ensure the confidentiality and security of your Personal Information, we have data processing terms in place with service providers that handle Personal Information. These service providers are restricted by contract from using Personal Information in any way other than to provide services for Bitwarden, including on your behalf as part of your contract with us.
223
223
224
-
In the context of an onward transfer, Bitwarden has responsibility for the processing of Personal Information it receives under the EU-U.S. Data Privacy Framework and subsequently transfers to a third party acting as an agent on its behalf. Bitwarden shall remain liable under the Principles if its agent processes such Personal Information in a manner inconsistent with the Principles, unless the organization proves that it is not responsible for the event giving rise to the damage.
224
+
In the context of an onward transfer, Bitwarden has responsibility for the processing of Personal Information it receives under the Data Privacy Framework and subsequently transfers to a third party acting as an agent on its behalf. Bitwarden shall remain liable under the Principles if its agent processes such Personal Information in a manner inconsistent with the Principles, unless the organization proves that it is not responsible for the event giving rise to the damage.
225
225
226
226
Bitwarden may also provide your Personal Information to a third party if:
227
227
@@ -232,7 +232,7 @@ Bitwarden may also provide your Personal Information to a third party if:
232
232
* To respond to an emergency which we believe in good faith requires us to disclose information to assist in preventing serious bodily injury or death of any person.
233
233
234
234
235
-
Bitwarden may also share your Personal Information with our subsidiaries, affiliates, and partners, to facilitate our global operations and in accordance with applicable laws, and our agreements with customers or service providers.
235
+
Bitwarden may also share your Personal Information with our affiliates and partners, to facilitate our global operations and in accordance with applicable laws, and our agreements with customers or service providers.
236
236
237
237
We may also provide your Personal Information to a third party in connection with a merger or acquisition of Bitwarden, either in part or in whole, or the assignment or other transfer of the Site or Service. In such event, such third party will either:
238
238
@@ -251,21 +251,21 @@ We may also provide your Personal Information to a third party in connection wit
251
251
252
252
Bitwarden and our subprocessors and vendors primarily store information collected from you within the European Economic Area and the United States. To facilitate our global operations, we may transfer and access such Personal Information from around the world, including from other countries in which Bitwarden or our subprocessors have operations. For more information about our subprocessors, visit [https://bitwarden.com/help/subprocessors/](https://bitwarden.com/help/subprocessors/).
253
253
254
-
We use applicable, approved information transfer mechanisms where required, such as EU Standard Contractual Clauses (SCCs), or the EU-U.S. Data Privacy Framework.
254
+
We use applicable, approved information transfer mechanisms where required, such as EU Standard Contractual Clauses (SCCs), or the Data Privacy Framework.
You may contact us about our practices or to make a complaint and seek recourse according to these methods available to you, and subject to applicable enforcement powers.
261
261
262
-
In compliance with the EU-U.S. Data Privacy Principles, Bitwarden commits to resolve complaints about our collection or use of your Personal Information. European Union, UK and Swiss individuals with inquiries or complaints regarding our EU-U.S. Data Privacy Framework policy should first contact Bitwarden at the information provided below in the "Contact Us" section.
262
+
In compliance with the EU-U.S. Data Privacy Principles, Bitwarden commits to resolve complaints about our collection or use of your Personal Information. European Union, UK and Swiss individuals with inquiries or complaints regarding our Data Privacy Framework policy should first contact Bitwarden at the information provided below in the "Contact Us" section.
263
263
264
-
If you have an unresolved complaint, Bitwarden has has agreed to participate in the DPF independent dispute resolution mechanism operated by JAMS, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not resolved your complaint, please contact or visit[https://www.jamsadr.com/eu-us-data-privacy-framework](https://www.jamsadr.com/eu-us-data-privacy-framework)for more information or to file a complaint.
264
+
If you have an unresolved complaint, Bitwarden has agreed to participate in the DPF independent dispute resolution mechanism operated by JAMS, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not resolved your complaint, please contact or visit[https://www.jamsadr.com/dpf-dispute-resolution](https://www.jamsadr.com/dpf-dispute-resolution)for more information or to file a complaint.
265
265
266
-
The services of JAMS EU-U.S. Data Privacy Framework are provided at no cost to you. Mediations will be conducted pursuant to JAMS International Mediation Rules unless the parties have specified a different set of Rules or Procedures.
266
+
The services of JAMS Data Privacy Framework are provided at no cost to you. Mediations will be conducted pursuant to JAMS International Mediation Rules unless the parties have specified a different set of Rules or Procedures.
267
267
268
-
Bitwarden is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC). European Union and Swiss individuals have the possibility, under certain conditions, to invoke binding arbitration.
268
+
Bitwarden is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC). European Union, UK, and Swiss individuals have the possibility, under certain conditions, to invoke binding arbitration.
269
269
270
270
[](#security"#security")
271
271
@@ -379,6 +379,6 @@ Address: 1 North Calle Cesar Chavez, Suite 102, Santa Barbara, CA 93103
0 commit comments