TRUSTe Click to Verify

Safe Harbor Privacy Statement

Last Updated February 2010

GSI self-certifies adherence to

US - EU Safe Harbor 

This Safe Harbor Privacy Statement describes how GSI Commerce, Inc. and/or its subsidiaries (each, "GSI") collects, uses, and discloses certain personally identifiable information that it receives in the United States from the European Union and Switzerland ("EU and Swiss Personal Data"). In particular, GSI recognizes that the European Union and Switzerland have established strict protections regarding the handling of EU and Swiss Personal Data, and GSI therefore has elected to adhere to the US-EU Safe Harbor Privacy Principles and US-Switzerland Safe Harbor Privacy Principles (together, the "Safe Harbors") with respect to such EU and Swiss Personal Data that it receives in the United States. For further background and information about the Safe Harbors, and to see GSI's representation on the Safe Harbor List, please refer to the U.S. Department of Commerce's website at www.export.gov/safeharbor.

Categories of Individual Data Subjects
In general, GSI may obtain EU and Swiss Personal Data in the United States about several different types of individuals, including consumers, clients, suppliers and other business partners. GSI's practices with respect to each of these types of individual data subjects are described below.

Consumers
GSI provides a wide variety of services and solutions to its business clients (each, a "Client") that facilitate services for their customers ("Consumers"). In these cases, personal data collected from Consumers is owned by the applicable Client, and GSI processes this data on the Client's behalf.  There may be limited instances in which GSI owns and processes personal data collected from Consumers on its own behalf, rather than on behalf of a Client.   In all instances, GSI will obtain access to EU and Swiss Personal Data about Consumers in the course of operating Web sites, processing payments, fulfilling orders, implementing marketing campaigns and providing customer care and other related services. Such data may include, name, billing address, shipping address, email address, telephone number, credit card or other payment information, and other information, depending on the particular Client, Web site or other application at issue.  In all instances, GSI will not share, sell, rent or trade with third parties for promotional purposes any personal data processed by GSI, unless GSI is directed to do so by a Client who owns such personal data.

Clients, Suppliers and Other Business Partners
GSI may obtain various types of EU and Swiss Personal Data about employees and agents of its clients, suppliers and other business partners. Such data may include contact information (e.g. names, addresses, telephone and fax numbers, and email addresses); user IDs and passwords; information collected through Internet-based and ecommerce activities; and other transaction-related data.

GSI may use these types of EU and Swiss Personal Data for business purposes, including to establish and maintain client, supplier and other business relationships; to deliver or provide products or services; to provide access to Internet-based applications; to perform accounting functions; and to conduct other activities as necessary or appropriate in connection with the establishment, servicing and development of the business relationship.

Other Necessary Disclosures
GSI may disclose EU and Swiss Personal Data to business partners and subcontractors as necessary in connection with the performance of requested services or solutions, or as otherwise appropriate in connection with a legitimate business need. GSI may also disclose EU and Swiss Personal Data as necessary in connection with the sale or transfer of all or part of its business. In these situations, GSI will require the recipient of the data to protect the data in accordance with the relevant principles in the Safe Harbors or otherwise take steps to ensure that the EU and Swiss Personal Data is appropriately protected. GSI may also disclose EU and Swiss Personal Data as required or permitted by law, or when GSI believes that disclosure is necessary to protect its rights and/or to comply with a judicial proceeding, a court order, a law enforcement request, or other legal process.

Data Security and Integrity
GSI has global hosting centers that store and process EU and Swiss Personal Data in various locations in the United States.  GSI takes reasonable precautions to protect EU and Swiss Personal Data in these centers and in other locations in the United States from loss or misuse, and from unauthorized access, disclosure, alteration and destruction. GSI also makes reasonable efforts to keep EU and Swiss Personal Data reliable for its intended use, accurate, current, and complete.

Questions
GSI's clients, suppliers and other business partners may contact GSI if any of their EU and Swiss Personal Data changes, or if they would like to access and correct EU and Swiss Personal Data that GSI maintains about them. Consumers should contact the Web site to which they provided EU and Swiss Personal Data with any such requests. GSI will cooperate as appropriate with its Clients to assist with processing any such requests.

In any event, if you would like to request access to EU and Swiss Personal Data that GSI may maintain about you, you can contact GSI by any of the means described in the next section of this Safe Harbor Privacy Statement. GSI will respond to inquiries within 30 days.

Changes to this Privacy Statement
We reserve the right to modify this Privacy Statement at any time, so please review it frequently.  If we make material changes to this Privacy Statement, we will notify you by updating this Privacy Statement.

Safe Harbor
GSI is a licensee of the TRUSTe Privacy Program.  TRUSTe is an independent, organization whose mission is to build user's trust and confidence in the Internet by promoting the use of fair information practices.  Because GSI wants to demonstrate its commitment to your privacy, it has agreed to disclose its information practices and have its privacy practices reviewed for compliance by TRUSTe.

If you have questions or concerns regarding this Safe Harbor Privacy Statement, you should first contact GSI by sending an email to privacy@gsicommerce.com or by regular mail to the attention of Privacy Manager, GSI Commerce, Inc., 935 First Avenue, King of Prussia, PA 19406.  If you do not receive acknowledgement of your inquiry or your inquiry has not been satisfactorily addressed, you should contact TRUSTe at http://watchdog.truste.com/pvr.php?page=complaint&url=, fax at 415-520-3420, or mail at Watchdog Complaints, TRUSTe, 55 2nd Street, 2nd Floor, San Francisco, CA, USA 94105. If you are faxing or mailing TRUSTe to lodge a complaint, you must include the following information: the name of company, the alleged privacy violation, your contact information, and whether you would like the particulars of your complaint shared with the company. For information about TRUSTe or the operation of TRUSTe's dispute resolution process, see http://www.truste.org/consumers/watchdog_complaint.php or request this information from TRUSTe at any of the addresses listed above. The TRUSTe dispute resolution process shall be conducted in English. TRUSTe will then serve as a liaison with GSI to resolve your concerns.

GSI complies with the EU Safe Harbor framework as set forth by the Department of Commerce regarding the collection, use, and retention of data from the European Union.