Data Privacy Framework Statement
Zilliz’s Participation in the Data Privacy Framework
Zilliz Inc. complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. We have certified to the U.S. Department of Commerce that we adhere to the EU-U.S. DPF Principles, including the Supplemental Principles, regarding the processing of personal data received from the European Union, the United Kingdom (and Gibraltar), and Switzerland in reliance on the DPF. If there is any conflict between the terms in this privacy policy and the DPF Principles, the DPF Principles shall govern. To learn more about the Data Privacy Framework program and to view our certification, please visit the U.S. Department of Commerce’s DPF List: https://www.dataprivacyframework.gov/list
Scope of Application
This certification applies to personal data received by Zilliz in the United States from:
- the European Economic Area (EEA) under the EU-U.S. DPF,
- the United Kingdom and Gibraltar under the UK Extension to the EU-U.S. DPF,
- and Switzerland under the Swiss-U.S. DPF. We commit to subjecting all such personal data to the Principles of notice, choice, accountability for onward transfer, security, data integrity and purpose limitation, access, and recourse/enforcement/liability.
Recourse, Enforcement, and Binding Arbitration
In compliance with the DPF Principles, Zilliz commits to resolving complaints about our collection or use of your personal information. Individuals in the EU, UK, or Switzerland with inquiries or complaints regarding our DPF compliance should first contact us at: 📧 privacy@zilliz.com Zilliz further commits to cooperate with the panel established by the EU data protection authorities (DPAs), the UK Information Commissioner’s Office (ICO), the Gibraltar Regulatory Authority (GRA), and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning human resources and non-HR data transferred under the DPF. Under certain conditions, individuals may invoke binding arbitration as a last resort, pursuant to Annex I of the DPF Principles.
U.S. Regulatory Oversight
Zilliz Inc. is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).
Onward Transfers
Zilliz may transfer personal data to third-party service providers acting as agents on our behalf. In such cases, we remain liable under the DPF Principles if our agents process personal data in a manner inconsistent with those Principles, unless we prove we are not responsible for the event giving rise to the damage.