Safe Harbor Privacy

KBACE Safe Harbor Privacy Policy

Effective Date:   August 13, 2012

KBACE Technologies, Inc. and its affiliates (“KBACE”) is a global consulting and technology company dedicated to helping its customers maximize their investment in Oracle® Software by delivering services, solutions and products across industry and business functions for Human Capital Management, Financials, Projects, Manufacturing, Supply Chain, and Customer Relationship Management.  KBACE is committed to protecting the privacy and security of Personal Information.  This Safe Harbor Privacy Policy covers KBACE’s privacy practices pertaining to the transfer of Personal Information from EU Member States and Switzerland to the United States.

US-EU SAFE HARBOR FRAMEWORK AND US-SWISS SAFE HARBOR FRAMEWORK – Consistent with its commitment to protect personal privacy, KBACE adheres to the US-EU Safe Harbor Framework and the US Swiss Safe Harbor Privacy Framework, and the Safe Harbor Privacy Principles, as applicable, regarding the transfer of Personal Information from EU Member States and Switzerland to the United States.

DEFINITIONS – The following definitions apply throughout this Safe Harbor Privacy Policy:

Personal Information.  “Personal Information” means any information or set of information that is transferred from the European Union and Switzerland to the United States, is recorded in any form, pertains to or is about any individual, or can be linked to or used to identify that individual.

Sensitive Personal Information.  “Sensitive Personal Information” is Personal Information that reveals race, ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, or that concerns health or sexual activity.  

STATUS AS A DATA CONTROLLER – In limited circumstances, such as contact information relating to the personnel of KBACE’s clients based in EU Member States and Switzerland, KBACE may be considered a “data controller” for purposes of the transfer of Personal Information from EU Member States and Switzerland to the United States.  Accordingly, in these instances, the Safe Harbor Privacy Principles apply to KBACE’s transfer of such Personal Information from EU Member States and Switzerland to the United States.  A data controller is an organization that decides what Personal Information and/or Sensitive Information to hold and for what purposes.

STATUS AS A DATA PROCESSOR – In the provisioning of its primary business as a global consulting and technology company for Oracle® Software products and services, KBACE acts solely as a “data processor” for the transfer of its customer services data from EU Member States and Switzerland to the United States for processing.  A data processor is an organization that processes Personal Information and/or Sensitive Information purely on behalf of and pursuant to the instructions of a data controller.  KBACE provides these services under contract to its clients and, accordingly, KBACE holds, processes and/or transfers such customer services data at the direction of its client, which acts as a data controller.   KBACE does not control this customer services data and any access to or use of such data is incidental to KBACE completing its contractual obligations for its clients.  (See US-EU Safe Harbor Framework Guide to Self-Certification, FAQ X)  

As a data processor, KBACE has no relation with the data subjects.  Any obligation to determine whether to provide notice to data subjects regarding what Personal Information is collected about them and how it is used, or to obtain their consent, rests with KBACE’s client as the data controller.  KBACE will process Personal Information only as directed by its clients.  KBACE, however, complies with the Safe Harbor principle of Onward Transfer whenever appointing sub-contractors who may process Personal Information.  In addition, KBACE will, whenever necessary, assist its clients in dealing with individual access requests from data subjects.

Whether acting as a data controller or data processor, KBACE takes the security of Personal Information very seriously.  It takes appropriate technical and organizational measures against unauthorized or unlawful processing of Personal Information and against accidental loss of, or damage to, Personal Information.


Where KBACE is the data controller, inquiries regarding the Personal Information collected by KBACE should be directed to:

Brian Testa
VP Global HR & Privacy
Phone:  (603) 821-7000
Fax:  (603) 821-7030

American Arbitration Association provides KBACE’s third-party, independent dispute mechanism as required under the Safe Harbor Framework.  If you have a complaint about KBACE’s Safe Harbor compliance that cannot be resolved directly with KBACE, contact American Arbitration Association at

KBACE’s Safe Harbor certification statement may be accessed at  

CHANGES - This Safe Harbor Privacy Policy is subject to change from time to time.  KBACE will endeavor to post a notice of any changes to this Privacy Policy for a period of thirty (30) days following any such modifications. Therefore, you are advised to review this Privacy Policy occasionally, or at least every thirty (30) days.  The Effective Date of this Safe Harbor Privacy Policy will be updated when any such changes are made.

If any term or provision of this Safe Harbor Privacy Policy shall be found to be invalid, illegal or otherwise unenforceable, such finding shall not affect the other terms or provisions of this Safe Harbor Privacy Policy, or the whole of this Safe Harbor Privacy Policy, but such term or provision shall be deemed modified to the extent necessary to render such term or provision enforceable, and the rights and obligations of you and KBACE shall be construed and enforced accordingly, preserving to the fullest permissible extent the intent and agreements set forth in this Safe Harbor Privacy Policy.

CONTACT INFORMATION – Questions or comments regarding this Safe Harbor Privacy Policy may be submitted to KBACE at