International Alliance Jewelry Exchange ("IAJE") respects individual privacy and values the confidence of its customers, vendors, business partners and others. IAJE strives to collect, use and disclose personal information in a manner consistent with the laws of the countries in which it does business and has a tradition of upholding the highest ethical standards in its business practices. IAJE abides by the Safe Harbor Principles developed by the U.S. Department of Commerce and the European Commission and the Frequently Asked Questions (FAQs) issued by the Department of Commerce on July 21, 2000. This Safe Harbor Privacy Policy (the "Policy") sets forth the privacy principles that IAJE follows with respect to transfers of personal information anywhere in the world, including transfers from the European Economic Area (EEA) (which includes the 27 member states of the European Union (EU) as well as Iceland, Liechtenstein and Norway) to the United States.

Personal information that is transferred to IAJE in the United States from the EU falls under one of the following situations:

Processor on Behalf - IAJE provides corporate communications software designed to help companies automate workflow and manage media information more effectively. IAJE does not own or control any of the information it processes on behalf of IAJE' customer. All such information is owned and controlled by IAJE' customer. In this capacity, IAJE receives information transferred from the EU to the United States merely as a processor on behalf.

Data Controller - IAJE also provides business information products designed to help companies market themselves more successfully. In this function, IAJE acts as a data controller of the personal information contained in these information products.

Personal Data Collection - IAJE may, in certain instances, itself collect data to improve its processes and products. This data collection is designed primarily to update IAJE database of media contacts and to monitor the efficacy of various types of information distributed using IAJE software or other products.

IAJE has appointed a privacy officer who is responsible for the internal supervision of IAJE' privacy policies and data security. IAJE is committed to educating its customers and associates (employees) in the United States and in the EU about the issues, guidelines and laws surrounding compliance with EU Safe Harbor.

IAJE' privacy officer and its legal team are available to any associate (employee) who may have questions concerning IAJE' EU Safe Harbor privacy policies or data security practices.

Since the requirements for compliance with EU Safe Harbor vary depending on whether IAJE is acting as a processor on behalf of IAJE' customer or a data controller, IAJE' policies and manner of compliance are described separately below.

IAJE as a Processor on Behalf - When IAJE acts as a processor on behalf of its customer, the policies outlined below apply to all data processing operations concerning personal information that has been transferred from the EU to the United States.

Processing Contracts - Before starting any processing on behalf of IAJE' customer, IAJE will enter into a processing contract with the IAJE data controller responsible for the personal information pursuant to the applicable EU Member State Data Protection law.

The processing contract ensures that the  IAJE data controller will be in compliance with the Member State Data Protection law. Any data processed by IAJE will not be further disclosed to third parties except where permitted or required by the processing contract, EU Safe Harbor or the applicable Member State Data Protection law. Any information which IAJE' customer (acting as the EU controller) identifies as sensitive will be treated accordingly.

The processing contract will also specify that the processing will be carried out with appropriate data security measures. IAJE has in place measures to protect personal information from loss, misuse, unauthorized access, disclosure, alteration and destruction.

As a processor on behalf of IAJE' customer (who is the EU controller), IAJE is not required to apply other EU Safe Harbor Principles to the personal information received for processing from a customer.

IAJE as a Data Controller or Data Collector - When IAJE acts as a data controller or data collector of personal information, the policies outlined below apply to all personal information that has been transferred from the EU to the United States.

IAJE develops and maintains databases containing personal information on European media contacts from a number of EU Member States. In instances where IAJE is a data controller, the information for these databases is developed from public records and from information acquired through information providers. In instances where IAJE is a data collector, the information for these databases is developed from email, telephone, or other responses by media contacts. None of these databases contain any information defined as sensitive by any national law of an EU Member State (e.g., the databases do not include information about race, religion, sexual orientation, and so forth).

IAJE' databases contain information which is provided to qualified businesses for marketing and media relations purposes.

IAJE may also use Web beacons or other unique identifiers to allow it to determine which messages or elements of a media campaign generate responses. This allows IAJE software to gauge the effectiveness of certain communications. IAJE will, as a service to its clients, provide data regarding the campaign effectiveness; such information is designed to make more efficient the process of transmitting and receiving media campaign information.

As either a data controller or data collector, IAJE is required to comply with all principles of the EU Safe Harbor.

Notice - Prior to the transfer of any non-public personal information from the EU to the United States, IAJE requires contractual confirmation from the EU controller from whom IAJE acquired the information that the data subjects from whom the information was derived have been provided with proper notice pursuant to the applicable EU member state data protection law.

As indicated above, IAJE may collect information to maintain and update its database, improve its products, and provide information to its clients.

Choice - Prior to the transfer of any non-public personal information from the EU to the United States, IAJE requires contractual confirmation from the EU controller from whom IAJE acquired the information that the data subjects from whom the information was derived have been provided with the choice to determine how their information may be used pursuant to the applicable EU member state data protection law.

In addition, IAJE will, upon request, remove an individual's name and related information from its information products.

In order to request that IAJE not use an individual's non-public personal information, such individual should contact IAJE' consumer advocate at the address provided below or by sending an email to us at safeharbor@IAJE.com.

Written communication should be addresses as follows:

Consumer Advocate EU Safe Harbor Opt-Out IAJE, 123 N Congress Avenue, Boynton Beach, FL 33426 USA

Prior to making any alterations in its information, IAJE will require that individuals confirm their identity.

Data Integrity - IAJE takes reasonable steps to assure the information which is transferred from the EU to the United States is reliable, accurate and complete. The steps IAJE takes to assure data integrity are made in light of the purposes for which the personal information is used.

Onward Transfer - IAJE complies with the notice and choice principles as described above for all data which is disclosed or transferred to a third party.

IAJE may from time to time use agents to perform processing tasks on behalf and under the instruction of IAJE. IAJE requires that its agents either:

Subscribe to the EU Safe Harbor Principles, the EU Data Protection Directive or another adequacy finding; or

Enter into a written agreement with IAJE requiring them to provide the same level of protection as IAJE.

Security - IAJE will take reasonable precautions to protect personal information in its possession from loss, misuse and unauthorized access, disclosure, alteration and destruction. IAJE limits access to personal information and data to those persons in IAJE' organization, or agents of IAJE, that have a specific business purpose for maintaining and processing such information and data. Individuals who have been granted access to personal information are aware of their responsibilities to protect the security, confidentiality and integrity of that information.

Any security compromises or potential security compromises and any inquiries concerning security should be reported to the IAJE consumer advocate. Contact information is provided below.

Access - An individual may make a request to IAJE for access to the information IAJE maintains in its information products. The individual has the right to receive confirmation from IAJE as to whether or not data relating to him/her is found in IAJE' information products and to correct, amend, or delete that information when it is inaccurate. This right only applies to personal information relating to the individual making the request and is subject to other limitations as defined by law.

Individuals who wish to make an access request should direct such a request to IAJE' Consumer Advocate in IAJE' consumer affairs department at the address provided below or by sending an email to us at safeharbor@IAJE.com.

Written communication should be addressed as follows:

Consumer Advocate 
IAJE 
123 N Congress Ave. Ste 110, Boynton Beach, FL 33426.

IAJE' consumer advocate will explain the process to be followed by any individual making an access request. In order to confirm the identity of the individuals requesting access, IAJE will require that individuals provide sufficient information to confirm their identity.

IAJE agrees to process all reasonable requests for access within a reasonable time period, but reserves the right to deny access or limit access in cases where the burden or cost of providing access would be disproportionate to the risks to the individual's privacy or in the case of a vexatious or fraudulent request.

Enforcement - Individuals who wish to file a complaint or who take issue with IAJE' EU Safe Harbor policies should direct such communication to IAJE' consumer advocate via email or written communication as described above. IAJE' consumer advocate will explain the process to be followed when filing a complaint. Filing a complaint in English will expedite the process.

IAJE will investigate and attempt to resolve complaints and disputes regarding use and disclosure of personal information in accordance with the principles contained in this Policy. For complaints that cannot be resolved between IAJE and the complainant, IAJE has agreed to participate in the dispute resolution procedures of the panel established by the European data protection authorities to resolve disputes pursuant to the Safe Harbor Principles.

IAJE is also subject to the jurisdiction of the U.S. Federal Trade Commission. The Federal Trade Commission may be contacted at the following address:

Federal Trade Commission 
Attn: Consumer Response Center 
600 Pennsylvania Avenue NW 
Washington, DC 20580 
consumerline@ftc.gov 
www.ftc.gov

Changes to this Safe Harbor Policy

The practices described in this policy are current personal data protection policies as of March 1, 2003. IAJE reserves the right to modify or amend this policy at any time consistent with the requirements of the Safe Harbor Principles. Appropriate public notice will be given concerning such amendments.