Privacy Shield

Framework Statement

View Privacy Policy


This Privacy Shield Framework Statement (“Framework Statement”) applies to the processing of Personal Data obtained from Individual Consumers located in the European Union. Consolidated Delivery Group, Inc. (CDGcommerce) complies with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries transferred to the United States pursuant to Privacy Shield.  CDGcommerce complies with these regulations regarding the collection, use, and retention of personal information from Customers, Employees, Users, and Applicants in the European Union member countries. If there is any conflict between the Privacy Shields and our policies (including this Framework Statement), the principles of the Privacy Shields shall govern where applicable.

Pursuant to the Privacy Shield Frameworks, EU individuals have the right to obtain our confirmation of whether we maintain personal information relating to you in the United States.  Upon request, we will provide you with access to the personal information that we hold about you.  You may also correct, amend, or delete the personal information we hold about you.  An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the United States under Privacy Shield, should direct their query to  If requested to remove data, we will respond within a reasonable timeframe.

We will provide an individual opt-out choice, or opt-in for sensitive data, before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized.  To request to limit the use and disclosure of your personal information, please submit a written request to


In compliance with the Privacy Shield Principles, CDGcommerce commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to Privacy Shield. European Union individuals with Privacy Shield inquiries or complaints should first contact

CDGcommerce has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit for more information and to file a complaint. This service is provided free of charge to you.

If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms.  See Privacy Shield Annex 1 at
If your complaint involves human resources data transferred to the United States from the EU and/or Switzerland in the context of the employment relationship, and CDGcommerce does not address it satisfactorily, CDGcommerce commits to cooperate with the panel established by the EU data protection authorities (DPA Panel) as applicable and to comply with the advice given by the DPA panel, as applicable with regard to such human resources data.  To pursue an unresolved human resources complaint, you should contact the state or national data protection or labor authority in the appropriate jurisdiction.  Contact details for the EU data protection authorities can be found at .  Complaints related to human resources data should not be addressed to the BBB EU PRIVACY SHIELD.



The Federal Trade Commission (FTC) has jurisdiction over our compliance with the Privacy Shield.  If there is any conflict between the policies in this privacy policy and the Privacy Shield Privacy Principles, the Privacy Shield Privacy Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit


CDGcommerce will maintain compliance with the U.S.-EU Privacy Shield. Certification of this compliance will be renewed annually, unless it is determined that certification is no longer needed, or we enact a decision to use a different mechanism to ensure adequate privacy controls for Personal Data. In such an event, we will continue to treat data already transferred under Privacy Shield in keeping with the Privacy Shield Principles.
As a part of re-certification, CDGcommerce will internally review and verify the enforcement of all the policies concerning treatment of Personal Data.  This internal review will consist, at minimum, of the following steps:

  • Review of Privacy Shield Framework Statement
  • Review of Privacy Policy
  • Ensure Public Access to Personal Data Policies for Customers
  • Ensure Compliance with all Posted Personal Data Policies
  • Verify Contact Information for Inquiries or Complaints
  • Verify Compliance with the EU-US Privacy Shield Framework
  • Review Employee Processes and Procedures
  • Update/Reinforce Employee Training on Confidentiality and Security

Personal Data

The types of Personal Data we collect, the method of collection, and how we process that data is detailed in the CDGcommerce Privacy Policy.  Our commitment to transparency, security, and protection of your individual rights concerning Personal Data is also included in that policy.  Our Privacy Policy may be viewed at

Third Party Sharing

When your Personal Data is shared with third parties, other than our agents, we require the same or equivalent commitment to privacy protection as is detailed in our Privacy Policy and in this Framework Statement.  We accept liability of the treatment of your Personal Data by our third party providers except where we are able to establish proof that we are not responsible for the even that gives rise to the damage.
In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Inquiries or Complaints

CDGcommerce has appointed individual(s) within the organization that are authorized to respond to incidents or inquiries concerning Personal Data as the Data Protection Officer.  Questions and requests can be sent by emailing
Complaints that cannot be satisfactorily handled by direct contact to the designated Data Protection Officer, may be submitted to an independent dispute resolution mechanism operated by the Council of Better Business Bureaus.   Under certain limited conditions, Customers may invoke binding arbitration before the Privacy Shield Panel to be created by the U.S. Department of Commerce and the European Commission. To pursue an unresolved human resources complaint, you should contact the state or national data protection or labor authority in the appropriate jurisdiction.