OneTrust does not voluntarily disclose any personal data of customers to government authorities or otherwise grant them access to such data. In addition, OneTrust has not built, and will not purposefully build, backdoors to enable government actors to access its data or information systems, and has not changed, and will not purposefully change, its processes in a manner that facilitates government access to data.\r\n
However, OneTrust may receive a legally binding subpoena, writ, warrant, or other court order from a government authority requesting that it disclose a customer’s personal data. OneTrust will only provide the requested customer data in response to formal and valid legal process. Where OneTrust receives such a request, OneTrust’s legal team reviews the request to ensure that it satisfies applicable legal requirements. If the legal assessment reveals legitimate and lawful grounds for challenging the request, OneTrust will do so where appropriate. OneTrust’s policy is to construe such requests narrowly to limit the scope of the personal data provided.
\r\n
For OneTrust to disclose any customer data, the request must also satisfy the following policies:
\r\n
\r\n- be made in writing and on official letterhead,
\r\n- identify and be signed by an authorized official of the requesting party and provide official contact information, including a valid email address,
\r\n- indicate the reason for, and nature of, the request,
\r\n- identify the customer or customer account that is the target of the request,
\r\n- describe with specificity the data/information sought and its relationship to the investigation, and
\r\n- be issued and served in compliance with applicable law.
\r\n
\r\n
Where OneTrust receives a legally binding request for a customer’s personal data, OneTrust’s policy is to notify the customer via email before disclosing any information. To the extent permissible under the request and/or applicable law, the notice will describe the personal data requested, the authority making the request, the legal basis of the request, and any response already provided. This notice gives the customer an opportunity to pursue a legal remedy, such as filing an objection with a court or the requesting authority.
\r\n
Exceptions to OneTrust’s policy for personal data requests by government authorities:
\r\n
\r\n- A statute, court order, or other law may prohibit OneTrust from notifying the customer about the request, but OneTrust will make reasonable efforts to obtain a waiver of the prohibition or provide notice once the prohibition requirement ends.
\r\n- OneTrust might not give notice to the customer in exceptional circumstances involving imminent danger of death or serious physical injury to any person or to prevent harm to OneTrust’s services.
\r\n- OneTrust might not give notice to the customer when it has reason to believe that the notice would not go to the actual customer account holder, for instance, if an account has been hijacked.
\r\n- Where OneTrust identifies unlawful or harmful activity, or suspects any such activity, related to a customer’s account, it might notify appropriate authorities, such as in the cases of hacking.
\r\n
\r\n
\r\n"}}" id="text-784d9b4fb5" class="cmp-text">
OneTrust不自愿披露任何政府当局或其他客户的个人资料给他们访问这些数据。此外,OneTrust尚未建成,不会刻意构建、后门让政府角色访问其数据或信息系统,并没有改变,也不会刻意改变,其流程的方式,促进了政府对数据的访问。
然而,OneTrust可能收到一份具有法律约束力的传票,令状,保证或其他法院命令从一个政府机构要求披露客户的个人资料。OneTrust只会提供所请求的客户数据,以应对正式和有效的法律程序。OneTrust收到这样的请求,OneTrust的法律团队审查请求,以确保它满足适用的法律要求。如果法律评估揭示了合理和合法理由挑战请求,OneTrust将在适当的时候这样做。OneTrust的政策是勉强解释这些要求,限制个人资料的范围。
OneTrust披露任何客户数据,请求还必须满足以下政策:
- 在写作和在官方的信笺,
- 确认并签署的授权官员请求方和提供官方的联系信息,包括一个有效的电子邮件地址,
- 显示的原因,与自然的请求,
- 确定的客户或客户帐户的目标要求,
- 描述与特异性的数据/信息寻求及其关系的调查,和
- 发行并在遵守适用的法律。
在OneTrust接受具有法律约束力的要求客户的个人资料,OneTrust之前的政策是通过电子邮件通知客户透露任何信息。在一定程度上允许的请求和/或适用的法律规定,通知将描述个人资料要求,权威的请求,请求的法律基础,任何响应已经提供。此通知给客户一个机会追求法律补救措施,如法院申请异议或请求权限。
例外OneTrust个人数据请求由政府当局的政策:
- 法律,法院命令,或其他法律禁止OneTrust通知客户的请求,但OneTrust将作出合理的努力获得豁免的禁止或提供通知一旦禁令要求结束。
- OneTrust可能不通知客户在特殊情况下涉及迫在眉睫的危险的死亡或严重身体伤害任何人或防止损害OneTrust的服务。
- OneTrust可能不通知客户有理由相信时注意不去实际客户帐户持有人,例如,如果一个帐户被劫持。
- OneTrust识别违法或有害的活动,或者怀疑任何此类活动,相关客户的账户,它可能会通知有关当局,如黑客攻击的情况下。
