Organization Information:

Trilegiant Corporation
40 Oakview Drive
Trumbull, Connecticut 06611
Phone: 203 956-1000
Fax: 203 956-8789

Contact Information:

Contact Office: Trilegiant
Contact Name: Brian Fisher, Senior Vice President
Phone: 203 956-1000 Fax: 203 956-8789 Email: bfisher@affiniongroup.com

Corporate Officer Information:

Corporate Officer: Brian Fisher, Senior Vice President
Phone: 203 956-1000 Fax: 203 956-8789 Email: bfisher@affiniongroup.com

Safe Harbor Information:

Signed up to safe harbor 05/31/2006 10:55:28 AM
Next certification 05/31/2010
EU/EEA Countries From Which Personal Information Is Received: Austria, Belgium, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Slovakia, Slovenia, Spain, Sweden, United Kingdom
Industry Sector: Computer Services - (CSV)
Personal Information Received From the EU: Trilegiant acts as a data controller and processor for our affiliates and supports their business offerings as a data controller and processor as defined in the Directive. In doing so, we act at the specific direction of the European affiliates and/or former European affiliates. Written instructions are provided by such affiliates and/or former affiliates outlining the authority granted to Trilegiant as the data controller and processor.

The data transferred is on-line data. The data transferred to Trilegiant includes (i) customer data housed in the databases of the clients of its European affiliates and/or former European affiliates and (ii) data relating to the employees and/or former employees of its European affiliates and/or former European affiliates. The data will also be processed by Trilegiant in the following way: off-line backups for recovery purposes which are stored on-site and archived off-site. The manual processing is limited to use of the data in problem solving and movement of databases for normal operational upgrades, recoveries and other actions to assure integrity, security and operability of the servers as needed by its clients, affiliates, and/or former affiliates. This is the necessary technical and database support required to assure continuous operation of the servers. Manual handling is on a need-to-know basis by authorized operations staff, technical support persons, database administrators, network administrators, and security administrators and is only accessed for problem solving, backups and normal computer operations movement of data. Where we act as a data controller with respect to employee data, we may use the data for legitimate business purposes including but not limited to staff administration, maintaining relevant records for HR purposes and other personnel matters in relation to staff.
Privacy Policy Effective: April 2006, revised April 2007
Location: See address above
Regulated by: Federal Trade Commission
Privacy Programs: Trilegiant has instituted a self-regulatory program for ensuring verification and adherence to the safe harbor principles. This may consist of regular information security reviews including privacy information reviews, physical security reviews, disaster recovery planning, testing and reviews, internal and external audits of security of Trilegiant, reviews performed by Affinion International Limited (the main client of Trilegiant) and onsite and survey reviews by Affinion International Limited's clients. This also consists of periodic certification/vulnerability assessments, which includes periodic renewal and check pointing to assure maintenance of certification. Vulnerability reviews by Trilegiant or its designated third parties are also performed periodically. In addition, Trilegiant maintains Cybertrust enterprise-level certifications of its Trumbull, CT and Westerville, OH data centers. The Cybertust certification processes provide for (among other things) a quarterly scan of our internet perimeter and annual re-certification validation and assessment of the Data Centers.
Verification: In-House and Third Party
Dispute Resolution: EU Data Protection authorities
Personal Data Covered: Online and off-line data and human resources
Human Resource Data Covered: Yes

Do you agree to cooperate and comply with the European Data Protection Authorities? Yes

Certification Status: Current
Compliance Status:

Safe Harbor Overview | Safe Harbor Documents | Workbook | Safe Harbor List
Information Required for Certification | Certification Form