This Statement describes the principles pursuant to which Calico manages Personal Information received: (i) from Workers, in support of Calico’s human resources and business operations; (ii) in the course of Calico’s operations involving current, prospective and former clients, customers, partners, investors, visitors and guests (collectively “Clients”); and (iii) in the course of its related interactions with current, prospective and former research investigators, data or service suppliers, and strategic partners, and subcontractors (collectively, “Suppliers”). The categories of Personal Information covered by this Statement include Personal Information relating to Workers, Clients and Suppliers. In connection with Calico’s Operations, Calico may now and/or in the future: (a) transfer Personal Information of Workers, Clients and/or Suppliers outside of the EEA, United Kingdom and Switzerland to the United States; and/or (b) access Personal Information regarding Workers, Clients and/or Suppliers from the United States.
The following capitalized terms are used throughout this document and are defined as follows:
“Agent” or collectively, “Agents” means any third party that processes Personal Information pursuant to the instructions of, and solely for, Calico or to which Calico discloses Personal Information for use on its behalf.
“Citizen” or collectively, “Citizens” means a lawful citizen or citizens of the EEA, the UK and Switzerland and includes both Workers, Clients and Suppliers.
“EEA” means the European Economic Area.
“Worker” or collectively, “Workers,” means for purposes of this Statement only, any Calico Citizen-employee(s) (and any and all dependents thereof), including, but not limited to, temporary, permanent, and former employees, directors, contractors, workers and retirees as well as independent contractors and job applicants. Workers
“Calico” or the “Company” collectively refers to Calico and all subsidiaries and affiliates thereof that are incorporated in any state or territory of the United States.
“Personal Information” includes the term “personal data” and means any information or set of information about an identified or identifiable Citizen, including, but not limited to: (a) first name or initial and last name; (b) home or other physical address; (c) telephone number; (d) email address or online identifier associated with the Citizen; (e) Social Security number or other similar identifier; (f) employment, financial or health information; or (g) any other information relating to a Citizen that is combined with any of the above. The term “Personal Information” does not include anonymized information or information that is reported in the aggregate (provided that such aggregated information is not identifiable to a natural person).
“Data Privacy Framework Principles” collectively means the following seven (7) privacy principles as described in the Data Privacy Framework: (1) Notice, (2) Choice, (3) Accountability for Onward Transfer, (4) Security, (5) Data Integrity and Purpose Limitation, (6) Access, and (7) Recourse, Enforcement and Liability as agreed to by the U.S. Department of Commerce and the European Commission.
“Process” or “Processing” of Personal Information means any operation or set of operations which is performed upon Personal Information, whether by automated means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure or dissemination, and erasure or destruction.
“Sensitive Personal Information” means Personal Information that reveals race, ethnic origin, political opinion, religious or philosophical beliefs, trade union membership, genetic data, biometric data where Processed to uniquely identify a person, any information that concerns medical or health conditions, social security measures or sex life, or information relating to the commission of a criminal offense.
“Statement” means this Data Privacy Framework Statement.
Capitalized terms not defined above have the definitions set forth in the respective paragraphs of this Statement.
Adherence to these Data Privacy Framework Principles may be limited (i) to the extent required or allowed by applicable law, rule or regulation; (ii) to the extent necessary to respond to lawful requests by public authorities, including to meet national security, law enforcement, legal or governmental requirements; and/or (iii) to protect the health or safety of a Citizen.
If you have questions regarding this Statement or any of Calico’s privacy practices, please contact us by mail or e-mail at the following address: firstname.lastname@example.org
This Statement may be amended from time to time in a manner that is consistent with the requirements of the Data Privacy Framework Principles. When this Statement is updated, the “Last Updated” date at the bottom of this document shall be amended accordingly. Any material changes to this Statement will be posted on Calico’s website at https://www.calicolabs.com/privacy-policy/.
LAST UPDATED: August 16, 2023