The EU-U.S. and Swiss-U.S. Privacy Shield Frameworks were designed by the U.S. Department of Commerce and the European Commission and Swiss Administration to provide companies on both sides of the Atlantic with a mechanism to comply with data protection requirements when transferring personal data from the European Union and Switzerland to the United States in support of transatlantic commerce.
Privacy Shield is a program companies implement in order to give users rights to the data about themselves that is stored or processed by the company that implements the program. Source: https://www.privacyshield.gov/
As a part of the new GDPR regulation, individuals residing in the EU who create data via interactions online (“data subjects”) have certain rights to their data.
Carta has implemented a process for individuals to be informed about the data held within Carta, upon written request. To obtain this information about yourself and your data from Carta, please send an email to privacy@Carta.com with a request for data information. Please include your name, email, address, and any other information on your account. This will allow us to identify if there is any data within Carta that belongs to you and provide you with the purpose for processing your data, our retention periods for that data, and who it will be shared with. Carta will respond to such requests within a week and furnish the information within a month.
Two of these data rights are the “right to data portability” and the “right to access.” They allow an individual to obtain a copy of their personal data from one platform and share it with another without recourse. While we can provide you a copy of your data, depending on the contractual obligations we have with our client, we may still be required to also maintain your records in our system.
Please send an email to privacy@Carta.com with any request for data access and data portability. Please include your name, email, address, and any other information on your account. Carta will respond to such requests within a week and furnish the report within a month.
It allows an individual to correct any inaccurate data about themself. An example of data rectification is correcting an inaccurate or outdated mailing address.
While Carta does not use the personal information collected to make decisions that will affect a user’s financial freedom, we do offer data rectification services to best serve people whose data is on Carta, in cases where inaccuracies exist.
Carta has provided tools for you to correct most inaccurate data about yourself in the Manage Settings feature behind your user login.
If you are unable to correct information yourself, please send an email to privacy@Carta.com with a request for data rectification. Please include your name, email, address, and any other information on your account including the inaccurate information displayed. This will allow Carta to assist with rectifying any inaccurate information about you. Carta will respond to such requests within a week and furnish the information within a month.
View Privacy Policy here.
Deanna Fong, Compliance Officer privacy@Carta.com