Dante Consulting, Inc.
5328 Lee Highway, Suite 200
Arlington, VA 22207

Web Site: http://www.danteinc.com
Phone: 703.807.0520
Email: info@danteinc.com

Unless otherwise indicated, all materials in this document or presentation, and any accompanying documents and materials, are copyrighted by Dante Consulting, Inc. All rights reserved. No part of these materials, either text or image may be used for any purpose other than personal use. Therefore, reproduction, modification, storage in a retrieval system or retransmission, in any form or by any means, electronic, mechanical or otherwise, for reasons other than personal use, is strictly prohibited without prior written permission.

United States Patent Number(s): Patents Pending. International Patent Number(s): Patents Pending.

Dante Consulting, their respective logos, "Allegory," "THE PLATFORM FOR THE LEAN BUSINESS!," and the Allegory trade dress as well as corporate and product identity used herein, are trademarks of Dante Consulting, Inc. and may not be used without permission. Dante Consulting® is a registered trademark of Dante Consulting, Inc., 5328 Lee Highway, Suite 200, Arlington, VA 22207. All other product names and company logos mentioned herein remain the trademarks of their respective owners. This Safe Harbor Privacy Policy Statement (the “Policy”) sets forth the privacy principles Dante Consulting, Inc. (Dante) follows with respect to transfers of personally identifiable information (PII) from the European Economic Area (EEA) and Switzerland to the United States within the scope of Dante’s Safe Harbor certification.

SAFE HARBOR
The U.S. Department of Commerce and the European Commission have agreed on a set of data protection principles to enable U.S. companies to satisfy requirements under European Union law related to the transfers of PII transferred from the EEA to the U.S. (the “U.S. – EU Safe Harbor”). As well, the U.S. Department of Commerce and the Federal Data Protection and Information Commissioner (FDPIC) of Switzerland have agreed on a similar set of data protection principles to enable U.S. companies to satisfy requirements under Swiss data protection law related to the transfers of PII transferred from Switzerland to the U.S. (the “U.S. – Swiss Safe Harbor”). In keeping with its commitment to protect personal privacy, Dante complies with, and has certified its adherence to, the privacy principles (the “Principles”) of both the U.S.-EU Safe Harbor and U.S. – Swiss Safe Harbor.

SCOPE
This Policy applies to all PII Dante receives in the U.S. from the EEA and Switzerland, in any format.

DEFINITIONS
The following key terms are used throughout this Policy: “European Union (EU)” refers to those states that are members of the EU and include Austria, Belgium, Bulgaria, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, and the United Kingdom.

“European Economic Area (EEA)” refers to those states of the EU, in addition to Iceland, Liechtenstein and Norway.

“Personally Identifiable Information (PII)”, also known as “Personal Information (PI)”, is any type of data and information relating to an identified or identifiable natural person. An identifiable natural person is a natural person who can be identified, directly or indirectly, by reference to an identification number or factors specific to his or her physical, physiological, mental, economic, cultural or social identity. Set forth below is a non-exclusive list of information that constitutes PII when such information relates to an identified or identifiable natural person, either on their own or when combined together: account number (e.g., bank account, personal/company credit card), address, biometric identifier (e.g., fingerprints or voice recordings), birth certificate or professional license number, date of birth, government identifiers (such as social security numbers or driver's license numbers), health information, name, personnel number, photograph or video identifiable to an individual. PII may also include other information related to an individual that may directly or indirectly identify the individual (e.g., in most cases salary, career history, etc.).

“Sensitive PII” is a category of PII that, according to local regulations or business decisions, requires an extra level of protection or a higher duty of care. Sensitive types of data are generally considered to be without limitation: PII specifying medical or health conditions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership or information specifying the sexual orientation of an individual.

PRIVACY PRINCIPLES
NOTICE: Where Dante collects PII directly from individuals in the EEA and Switzerland, it will inform such individuals about the purposes for which it collects and uses information about them, how to contact Dante with any inquiries or complaints, the types of third parties to which Dante discloses the information, and the choices and means Dante offers individuals for limiting its use and disclosure. Notice is provided in clear and conspicuous language when individuals are first asked to provide PII to Dante or as soon thereafter as is practicable, but in any event before Dante uses such information for a purpose other than that for which it was originally collected or processed by the transferring organization or discloses it for the first time to a third party. Dante explains the need for PII and in some cases Sensitive PII, relating to its innovative products, research and general business.

Where Dante receives PII from its subsidiaries, affiliates or other entities in the EEA and Switzerland, it uses and discloses such information in accordance with the notices provided by such entities and the choices made by the individuals to whom such PII relates.

CHOICE: Without prejudice to any applicable law or regulation mandating PII processing or disclosure, Dante offers individuals the opportunity to choose (i.e., opt out) whether their PII is: (a) to be disclosed to a third party; or (b) to be used for the purpose that is incompatible with the purpose(s) for which it was originally collected or subsequently authorized by the individual.

Dante provides notice where PII will be shared or collected by third parties. Dante is committed to honor cases in which individuals express their objection (opt out) to have their data shared with, or collected by, other third parties. Yet, in cases where Dante has hired third party service providers to perform specific services (e.g., such as external medical research organizations for the conduct of clinical trials or payroll providers for payroll administration), and where the individual opts out as described above, Dante will not be able to provide that service.

Dante recognizes that EEA and Swiss citizens may request to opt out of sharing their PII with third parties in the future even after earlier agreeing to such sharing. Although Dante is committed to honor such requests (for future PII sharing), there may be limited cases in which Dante is under the legal obligation or has a legitimate interest in continuing sharing PII for a limited period of time. This is namely the case in which patients’ PII have to continue to be processed in the framework of a clinical trial and that not doing so might endanger the quality of the results or final outcome of the clinical trial. However, in these circumstances, Dante has taken measures to ensure that: (a) PII will only be used to the extent necessary for the quality of the clinical trial; and (b) the PII will not be used or shared for any other reason than for satisfying the scientific and medical needs of the clinical trials or applicable regulatory requirements. DATA INTEGRITY: Dante does not process PII in a way that is incompatible with the purposes for which it has been collected or subsequently authorized by the individual. To the extent necessary for those purposes, Dante will take reasonable steps to ensure that PII is reliable for its intended use, accurate, complete, and current.

TRANSFERS TO AGENTS: When disclosing PII from individuals in the EEA or Switzerland to a third party, Dante applies the Notice and Choice Principles. Where Dante wishes to transfer such PII to a third party that is acting as an agent, it will only do so if: (a) it first ascertains that the third party subscribes to the Principles; (b) is subject to EU Directive 95/46/EC, Swiss Federal Act on Data Protection and/or another adequacy finding; or (c) enters into a written agreement with the third party requiring that the third party provide at least the same level of privacy protection as is required by the Principles. Where Dante has knowledge that an agent is using or disclosing PII in a manner contrary to this Policy, it will take reasonable steps to prevent or stop the use or disclosure.

SECURITY: Dante takes reasonable precautions to protect PII in its possession from loss, misuse and unauthorized access, disclosure, alteration and destruction. Specifically, Dante established a data classification framework to help provide protection for all confidential PII and increased protection for Sensitive PII.

ACCESS AND CORRECTION: Upon request, Dante will grant individuals reasonable access to PII it holds about them. In addition, Dante will take reasonable steps to permit individuals to correct, amend, or delete information that is demonstrated to be inaccurate or incomplete.

ENFORCEMENT: Dante monitors compliance with the Principles through periodic privacy compliance assessments and, as necessary, audits, and provides a readily available and affordable recourse mechanism for individuals providing PII, as described in the Dispute Resolution section below.

DISPUTE RESOLUTION: Any questions, concerns or complaints regarding this Policy should be directed to Dante‘s Corporate Privacy and Compliance Office at the address given below. Dante will investigate and attempt to resolve complaints and disputes regarding this Policy. However, for complaints or disputes that cannot be resolved by Dante, it has agreed to participate in the following dispute resolution mechanisms: for disputes involving all PII received by Dante from Switzerland, Dante has agreed to cooperate with the Swiss FDPIC; and for disputes involving all PII received by Dante from the EEA, Dante has agreed to cooperate with the data protection authorities in the EEA and to participate in the dispute resolution procedures of the panel established by the European data protection authorities.

CONTACT INFORMATION Questions or comments regarding this Policy can be submitted to the Dante Privacy Office by mail to: Dante Consulting, Inc. Attn: Privacy and Compliance 5328 Lee Highway Arlington, VA 22207 Or by e-mail: privacy@danteinc.com Or by telephone: 703-807-0520

CHANGES TO THIS SAFE HARBOR PRIVACY POLICY STATEMENT This Policy may be amended from time to time, consistent with the requirements of the Principles. A notice will be posted on the privacy page of the Dante web site (www.danteinc.com) for at least 60 days whenever this Policy is changed in a material way.

EFFECTIVE DATE: December 1, 2013

For further information about the Safe Harbor Program, see the U.S. Department of Commerce website at http://www.export.gov/safeharbor/.

Legal Notices

The information in this presentation and document, including text, images, and links, and any accompanying materials, are PROVIDED "AS IS" BY DANTE CONSULTING, INC. SOLELY AS A CONVENIENCE TO ITS VENDORS AND CUSTOMERS WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT. Dante Consulting, Inc. assumes no responsibility for errors or omissions in this publication or other documents which are referenced by or linked to this publication. This publication could include technical or other inaccuracies, and not all products or services referenced herein are available in all areas. Changes are periodically added to the information, and Dante Consulting, Inc. may change the products or services described in this publication at any time. Contact Dante Consulting, Inc. for further information before relying on any information contained herein.

Should you choose to respond directly to Dante Consulting, Inc. with comments, questions, suggestions, ideas or the like relating to this document, materials, or any accompanying materials, or Dante Consulting’s products and services, you agree that such information shall be deemed as non-confidential and Dante Consulting shall have no obligation to respond and be free to reproduce, use, disclose and distribute the information to others without limitation, including but not limited to developing, manufacturing, and marketing products or services incorporating such information.

Dante Blog Terms and Conditions

In addition to the forgoing notice, and Terms of Use, Dante Consulting maintains this blog (here in after referred to as “the blog “) for your personal information and instruction only, to allow you to learn more about Dante Consulting’s products, services and activities. Permission is only granted to download information from the blog for your personal non-commercial use, provided all references to authors’ copyrights and other property rights appearing with the content in question are preserved. You may not distribute, modify, transmit, post, republish, upload or otherwise make use of the content of the blog - including text, images, animations or soundtracks - for public or commercial use unless you have obtained prior written consent from Dante Consulting.
In addition, access to the blog and use of its content is subject to the terms and conditions below (“Dante Blog Terms and Conditions”) and to all relevant laws. By accessing and browsing through the web site you signify your full acceptance of these Dante Blog Terms and Conditions.
Unless otherwise stated explicitly, all information contained on the blog is protected by authors’ copyrights and may not be used without Dante Consulting’s written consent, except where the present Dante Blog Terms and Conditions specify otherwise or in cases where such use is specifically authorized in the web site text. Dante Consulting does not guarantee that any use you may make of information found on the website will not infringe the rights of third parties not affiliated with Dante Consulting.
While Dante Consulting does its best to ensure that information provided on this blog is accurate and up to date, it does not guarantee the accuracy of the information. Dante Consulting shall not be held responsible for errors or omissions in the content of the blog. No act or omission by Dante Consulting is intended to or shall represent acquiescence or agreement by Dante Consulting to be held responsible for any errors or omissions in the content of the blog.
You use the blog at your own risk. Neither Dante Consulting nor any other party involved in the development, design, production or publication of the blog shall be held responsible for direct or indirect damages resulting from accessing the blog or using the blog and/or any of its content. Without prejudice to any of the above, the entire content of the blog is provided “as is”, with no explicit or implicit guarantees, including but not limited to guarantees concerning commercial use or compatibility for any particular use, concerning accuracy or completeness, or concerning the possibility that it may infringe the intellectual property rights of third parties. Dante Consulting does not guarantee that the blog is free from errors or from viruses or other potentially harmful elements, or that it will function uninterruptedly. Dante Consulting will accept no responsibility for damages caused to electronic equipment or to any other goods belonging to users resulting from logging in to the blog or from using or downloading information, data, textual or multimedia material or soundtracks from the web site.
Except for personal data, which is subject to our Personal Data Protection policy provided below, all communication or information transmitted to the blog by users, whether by electronic mail or by other means, including data, questions, comments, suggestions, ideas, concepts, know-how, techniques and all other types of information, shall be considered non-confidential and not covered by any property rights, and may be freely used, copied, distributed, published, diffused and otherwise disposed of by Dante Consulting or by its affiliates at their discretion, for purposes, including but not limited to the design, development and commercialization of products utilizing the information in question.
Commercial trademarks, logos and other distinctive signs (collectively referred to as “trademarks”) presented on the logo are registered trademarks or trademarks protected by use, belonging to Dante Consulting or to other persons. Nothing on the blog shall be construed to convey the right or permission to use any of the trademarks on the blog without the prior written consent of the owner of said trademark. Use of a trademark, or of any part of the content of the blog, not explicitly authorized by these Dante Blog Terms and Conditions is strictly forbidden. Dante Consulting will ensure that its intellectual property rights are enforced by any legal means available, including legal proceedings.
The blog and its content, including but not limited to drawings, images, articles, graphics, audio-visual elements and all other elements of the blog (hereinafter referred to as “elements”), are protected by copyright, related rights and other property rights in accordance with United States law and with international laws and treaties concerning intellectual property and protection of privacy. These elements are either the property of Dante Consulting or the property of third parties who have granted Dante Consulting the right or license to use them on the blog. Elements may only be copied and used for your personal and group information and to expand your knowledge of Dante Consulting’s products and services, to the exclusion of any and all commercial purposes, and on condition that such use or reproduction shall retain all references to copyrights and any mention of property rights. It is strictly forbidden to use or copy all or part of an element other than for your own personal and private use without prior written consent from Dante Consulting. It is strictly forbidden to distribute, copy, reproduce, represent, adapt, modify, publish, transmit, translate, sell or otherwise dispose of all or part of an element or of the presentation, structure or organization of the blog, in whatever form and by whatever means, without the prior written consent of Dante Consulting.
For your convenience, the blog may include links to other web sites. Dante Consulting has no control over these sites, has not examined the entire content of the sites linked to the website and cannot be held responsible for the content of such sites. Users access and use these sites and/or their content at their own risk. Dante Consulting may from time to time check the discussion boards, email exchanges, transmissions, notice boards and other elements on the web site, but it has no obligation to do so and accepts no responsibility for content that may be inaccurate, false, libelous, obscene, slanderous, incomplete, plagiarized, pornographic, offensive or dangerous. Users are strictly forbidden to transmit information that is illegal, threatening, libelous, scandalous, obscene, slanderous or pornographic, or information that may constitute or encourage behavior that could be considered criminal or antisocial, likely to lead to prosecution, or a violation of any law.
The blog’s software may be subject to the laws and regulations of the United States of America or other governments concerning export control. These may be amended from time to time, and it is the responsibility of users to check which of these laws and regulations apply to them before downloading or exporting software from the blog.
All information on the blog concerning Dante Consulting products and services is non-contractual. Dante Consulting reserves the right to modify and update the blog and the information it contains, including these Dante Blog Terms and Conditions, at any time. Amendments are binding on all users, whose responsibility it is to check the Terms of Use for this web site and Dante Consulting Terms and Conditions on a regular basis.
This blog is moderated. Comments are read before being posted. Comments that may be inaccurate, false, libelous, obscene, slanderous, incomplete, plagiarized, pornographic, offensive or dangerous will not be posted. Comments posted are only their author’s point of view. Dante Consulting cannot be held responsible for these comments.

Dante Personal Data Protection Policy

You are hereby informed that whenever you log into the blog a certain amount of personal information will automatically and deliberately be collected, saved and used according to conditions defined below. If you do not wish this information to be collected, saved and used, you must inform the webmaster.

Personal information is collected, specifically, from the following sources:

the IP address you provide each time you log in;
automatic login or manually entered information that can be used to identify and/or contact you – name, address, telephone, fax, e-mail, company address or any other information that you agree to provide when you take part in discussion forums, online surveys and polls, when you request additional information on Dante Consulting (such as, for example, marketing or advertising data), or when you subscribe to our newsletters, fill in registration forms or make other similar requests.

Personal data will be used only by Dante Consulting and its affiliates and, unless otherwise specified at the time of collection, will not be divulged or shared with third parties for any reason whatsoever.

Personal data collected whenever you log in will be used to trace your path on the web site; this will allow Dante Consulting to produce statistics about the pages that are visited and to review and improve the overall operation of the web site.

Personal data gathered whenever you participate in a discussion forum, online survey or poll, when you subscribe to our newsletter or when you make other similar requests will be used only for the purpose for which they were provided or collected. Subscriptions to newsletters can be cancelled at any time by sending an email to our webmaster.

You have the right to access, correct, amend or suppress any personal data, and you may exercise these rights at any time by sending an email to the webmaster, who will deal with your request as promptly as possible.

Engage Our Professional Services