GDPR and Switzerland Addendum to the Privacy Notice

Effective Date: May 19, 2023

This GDPR Privacy Notice Addendum is for residents of the European Economic Area (EEA) and Switzerland, and supplements the information contained in the Newfold Digital, Inc. Privacy Notice (the “Privacy Notice”) and other addendums relevant to you. This Addendum applies solely to EEA and Swiss Data Subjects including those who apply for employment (“job applicants”) or purchase services which are covered by the European Union’s General Data Protection Regulation 2016/679 (GDPR) and applicable Swiss data protection laws.

In addition to the rights described, where the GDPR or related data protection laws apply, the following rights may be available to you: 

  • Access: You have the right to access personal data we hold about you, how we use it, and who we share it with. 
  • Correction: You have the right to correct any personal information held about you that is inaccurate and have incomplete data completed. 
  • Erasure: You have the right to request we erase the personal information we hold about you in certain circumstances (e.g.; it is no longer necessary for us to hold that information; you have withdrawn your consent; we are processing the personal information on the basis of our legitimate interest and you object to such processing; or you believe your personal information is being unlawfully processed by us). We will retain the personal data if there are valid grounds under law for us to do so (e.g., for the defense of legal claims or freedom of expression). 
  • Restriction of processing to storage only: In certain circumstances, you have the right to require us to stop processing the personal information we hold about you other than for storage purposes (e.g., for a period of time to determine the accuracy of your personal information or when exercising your right to object; or if you require us to retain the personal information for certain purposes such as the defense of legal claims). If we stop processing the personal data, we may use it again if there are valid grounds under law for us to do so. 
  • Objection: In certain circumstances, you have the right to restrict or object to our processing of your personal information. We may continue to process your personal data if there are valid grounds under law for us to do so (e.g., compelling legitimate grounds or for the defense of legal claims).  

Please note that as set out above a number of these rights only apply in certain circumstances, and all of these rights may be limited by law. For example, where fulfilling your request would adversely affect other individuals or our trade secrets or intellectual property, where there are overriding public interests or where we are required by law to retain your personal information. 

We will respond to requests to exercise these rights without undue delay and at least within one month (though this may be extended by a further two months in certain circumstances).


Depending on what personal information we collect from you and how we collect it, we rely on various grounds for processing your personal information under the GDPR, including the following:

  • In order to perform our contractual relationship, including setting up your requested Services, payments, renewals and processes;
  • Based on the consent of job applicants for assessing qualifications, conducting interviews and making hiring decisions;
  • Because it is in our legitimate interest to run an effective and efficient business and provide you with the Services and other useful content;
  • In order to comply with any applicable legal obligations we may have to collect this personal information from you; and/or
  • Because you have provided your consent for us to do so.


In order for us to fulfill your request or provide the Services to you, your personal information will be transferred to, stored at, and processed in jurisdictions other than where you live, including in the United States. For instance, your personal information may be processed by staff in India and the Philippines, who work for us or for one of our suppliers. Laws in these countries may differ from the laws applicable to your country of residence and may not offer the same level of protection. In addition, in certain situations, we may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. 

Our Services are largely operated in the United States. If you are located in the EEA or Switzerland please be aware that in order to fulfil your request or provide access to our Services, the personal information you provide will be processed in the United States. 

To exercise your rights, please submit a request to us by:

  • Submitting a request through our DSAR portal  here ;
  • Logging into your online account manager;
  • Visiting our Privacy Center or click  here;
  • Calling the toll free phone number or clicking the “contact us” link located on the homepage for the products or services you receive from us; or
  • Sending an email to [email protected]

We will need to verify your identity before processing your request. In order to verify your identity, we will generally require the matching of sufficient information you provide us to the information we maintain about you in our systems. If you are using an authorized agent, please note that you will be required to verify your identity and provide written confirmation that you have authorized the agent to make a request on your behalf. For requests to access or delete, we may require you to verify your identity directly with us, and directly confirm with us that you provided the authorized agent permission to submit the request.

For transfers of personal information outside of the EEA and Switzerland within the Newfold corporate family and for transfers of personal information to third parties, such transfers will be pursuant to the relevant European Commission’s Standard Contractual Clauses for the Transfer of Personal Data to Third Countries (“SCCs”), unless the data transfer is to a country that has been determined by the relevant EEA or Swiss authorities, as applicable, to provide an adequate level of protection for individuals’ rights and freedoms for their personal information. To obtain a copy of the SCCs in the Data Protection Addendum (DPA) click here  or you may contact the Data Protection Officer via the details listed below to obtain a copy of the DPA or for more information regarding the relevant safeguards we put in place.


Our local EU Representative is Bird & Bird, which may be contacted as follows:

Bird & Bird GDPR Representative Services SRL
Avenue Louise 235
1050 Bruxelles
[email protected]

If you have any questions about this Privacy Notice Addendum or our data handling practices, or you wish to make a complaint, you may contact our Data Protection Officer at [email protected] or by regular mail at:

Newfold Digital, Inc.
5335 Gate Pkwy
Jacksonville, FL 32256
Attn: Data Protection Officer

If you think we have infringed data protection laws, you can file a claim with the data protection supervisory authority in the EEA country in which you live or work, Switzerland, or where you think we have infringed data protection laws, as applicable to you.