Professional Advertising Systems Inc EU-US Privacy Shield Privacy Policy Statement

Professional Advertising Systems Inc. (PAS) makes the following commitments to individuals located in Europe whose personal data may be entrusted to it for data processing by those entities (PAS’s clients) who present this data to PAS. In addition, we undertake to observe the EU Privacy Shield Principles as outlined below.

  1. Notice

    PAS has elected to participate in the EU Privacy Shield framework and to comply with its principles and requirements. Therefore, PAS will self-certify through the US Department of Commerce annually and agrees to adhere to the Privacy Shield Principles and guidelines throughout our organization. The US Department of Commerce Privacy Shield List can be accessed here:

  2. Data Processed and PAS Function

    PAS does not itself collect personal data, but receives data from its clients who have themselves collected it and who are the data’s controllers. PAS then maintains and processes such data in accordance with the wishes of its customers, the data controllers, so the data is in a form suitable for their purposes, generally related to marketing activities or other lawful purposes described by the data controller.

    Data processed consists primarily of consumer name, business company name, individual name and address data and limited demographic or lifestyle data. All data is provided by the data controller. PAS does not process EU human resource data.

    PAS provides direct marketing data processing services designed to help companies and organizations improve their marketing strategies and programs. These services at times may involve third parties for data processing services which PAS does not itself conduct. When providing data processing services to our clients, we process information according to the terms and conditions of the contract set forth by our clients and disclose third party vendors that may be used. PAS relies upon the instructions of its clients with respect to the use of marketing information. In normal course, our clients advise us of any consumer preference or opt-in/opt-out choices.

    PAS also hosts and maintains various third-party data on behalf of our clients. When PAS provides data products to clients, we strictly adhere to the terms and conditions set by third-party data suppliers.

  3. Inquiries Regarding Data

    Individuals having concerns or questions regarding our processing of their personal information are invited to contact:

    Mr. Eric Raskin, President
    Phone: +1 914-765-0500 x120

    If the individual’s concern relates to the activity of the data controller, PAS will inform the appropriate data controller of the expressed concern. If the concern relates to our responsibilities and the individual deems the results unsatisfactory, they may contact the dispute resolution body identified in item 4 Dispute Resolution, below.

  4. Dispute Resolution

    PAS has selected the DMA Privacy Shield Program as an independent recourse mechanism to investigate unresolved complaints of persons regarding our processing of their personal data. This independent resolution body will address complaints and provide appropriate recourse free of charge to individuals who are unsatisfied with our response to their expression of concerns regarding our processing of their data. For further information on this subject and to make a complaint, please go here:

  5. Security

    PAS has in place appropriate technical and organizational measures to protect the personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access, and which provide a level of security appropriate to the risk represented by the processing and the nature of the data to be protected.

    PAS will have in place procedures so that any third party it authorizes to have access to the personal data, including processors, will respect and maintain the confidentiality and security of the personal data. Any person acting under the authority of the data controller, including a data processor shall be obligated to process the personal data only on instructions from the data controller. This provision does not apply to persons authorized or required by law or regulation to have access to the personal data.

    PAS has no reason to believe in the existence of any local laws that would have a substantial adverse effect on the guarantees provided for under this privacy policy, and it will inform the data controller (which will pass such notification on to the authority where required) if it becomes aware of any such laws.

  6. Choice

    PAS, acting as an “agent” to perform tasks on behalf of and under the instructions of the data controller, is not empowered to delete any data entrusted to it by any person other than the controller or appropriate government authorities vested with authority to require this.

    As concerns data used for marketing purposes: where data is collected for the purposes of direct marketing, effective procedures by the data controller should exist allowing the data subject at any time to “opt-out” from having his data used for such purposes. An individual objecting to such use should contact the controller responsible or may contact PAS and we will contact the controller and any other third parties involved on their behalf:

    Mr. Eric Raskin, President
    Phone: +1 914-765-0500 x120

  7. Accessibility for Onward Transfer

    PAS acts as a data processor on behalf of our clients and provides services based on the instructions of our clients and does not control or share such data without direction from the client. PAS does not normally pass to third parties personal data entrusted to it for processing and does so only at the direction of the data controller. In addition, PAS will not transfer such data unless it is first notified by the data controller of the third party’s adherence to the EU Privacy Shield and is provided with evidence of the adherence before transfer of data is to take place.

    For such data processing, PAS enters into contracts with its clients in the European Union (EU) specifying that the EU client confirms and asserts that it is a data controller for the purpose of the European Union Data Protection Directive and is in compliance with the corresponding Member State national data protection laws. These contracts thus ensure that the processor (PAS) (1) acts only on instructions from the controller, (2) provides adequate measures of data protection, and (3) assists the controller in responding to individual requests exercising their rights under the European data protection Regulation and Principles. If the consumer believes that the transfer of such data to third parties was not used for relevant and intended purposes then they may contact us with their inquiry or to request that data not be shared for such purposes:

    Mr. Eric Raskin, President
    Phone: +1 914-765-0500 x120

    In cases of onward transfer to third parties of data of EU individuals received pursuant to the EU-US Privacy Shield, PAS is potentially liable. PAS is subject to the investigatory and enforcement power of the Federal Trade Commission, the Department of Transportation, or any other U.S. authorized statutory body. PAS is required to disclose personal information in response to lawful requests by public authorities, including meeting national security or law enforcement requirements.

  8. Security

    PAS complies with the Privacy Shield Principles regarding the collection, use, and retention of personal information from European Union member countries. We invite any individual with concerns regarding our management of their personal information to contact:

    Mr. Eric Raskin, President
    Phone: +1 914-765-0500 x120

  9. Data Integrity and Purpose Limitation

    PAS will process personal data only as instructed on behalf of the data controller and in a way that is compatible with the purpose(s) as outlined by the data controller and as set forth in data processing contracts as mentioned in item 7. Accountability for Onward Transfer.

    PAS will adhere to the Privacy Shield Principles for as long as it retains such information and will retain the data as long as it serves a purpose for processing consistent with purpose stated by the data controller at the time of delivery.

  10. Access

    Upon reasonable request of the data controller, PAS will submit its data processing facilities, data files and documentation needed for processing to reviewing, auditing and/or certifying by the data controller (or any independent or impartial inspection agents or auditors, selected by the data controller and not reasonably objected to by PAS) to ascertain compliance with the warranties and undertakings in the EU Privacy Shield, with reasonable notice and during regular business hours. The request will be subject to any necessary consent or approval from a regulatory or supervisory authority within the United States of America, which consent or approval PAS will attempt to obtain in a timely fashion.

  11. Recourse, Enforcement and Liability

    To address any concern regarding their data and its privacy, consumers may contact:

    Mr. Eric Raskin, President
    Phone: +1 914-765-0500 x120

    PAS utilizes the DMA Privacy Shield Program. This independent resolution body will address complaints and provide appropriate recourse free of charge to the individual. A complaint may be filed here:

    or by contacting the DMA at:

    1333 Broadway, Suite #301
    New York, NY 10018
    +1 212-768-7277

    Consumers may seek binding arbitration if the steps above do not resolve the complaint to the consumer’s satisfaction. Binding arbitration seeks to resolve an individual complaint. No monetary damages are allowed under binding arbitration.

    Should the consumer have a national security concern, the consumer can be referred to the new Ombudsperson at the US Department of State.

    PAS is subject to the investigatory and enforcement powers of the Federal Trade Commission.

    PAS will use an internal self-assessment compliance review process to ensure compliance to the EU Privacy Shield Policy and complaint handling.