Data Privacy Framework Notice

Platform.sh and its U.S.-controlled subsidiaries Platform.sh Inc. and Blackfire.io Inc., comply with the EU-U.S. Data Privacy Framework, UK Extension to the EU-US Data Privacy Framework, and the Swiss-U.S. Data Privacy Framework (collectively, the "Data Privacy Framework") as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data transferred from the European Union, and Switzerland, as applicable, to the United States in reliance on the Data Privacy Framework. Platform.sh has certified to the Department of Commerce that it adheres to the Data Privacy Framework Principles with respect to such data. If there is any conflict between the terms in this notice and the Data Privacy Framework Principles, the Data Privacy Framework Principles shall govern.

In compliance with the Data Privacy Framework, Platform.sh commits to resolve Data Privacy Framework Principles-related complaints about our collection and use of your personal information. EU, UK and Swiss individuals with inquiries or complaints regarding our handling of personal data received in reliance on the Data Privacy Framework should first contact Platform.sh at dpo@platform.sh with the subject "Data Privacy Framework". In compliance with the Data Privacy Framework, Platform.sh commits to refer unresolved complaints concerning our handling of personal data received in reliance on the Data Privacy Framework to the panel established by the EU Data Protection Authorities (DPAs), the UK Information Commissioner’s Office and the Swiss Federal Data Protection and Information Commissioner with regard to your unresolved complaint concerning our handling of your Personal Data.

If neither Platform.sh nor the relevant panel can resolve your complaint, you may be able to invoke binding arbitration, in accordance with the Data Privacy Framework requirements, through the Data Privacy Framework Panel. For more information on this option, see Annex I of the Principles.

Platform.sh is responsible for the personal data that we receive under the Data Privacy Framework, including where we transfer such personal data to a third party acting as our agent. Please be aware that we may be required to disclose personal data that we receive under the Data Privacy Framework in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. The Federal Trade Commission has jurisdiction over Platform.sh' compliance with the Data Privacy Framework. To learn more about the Data Privacy Framework program, and to view our certification, please visit the U.S. Department of Commerce's website here.