Data Privacy is Important to Us
Please be assured that your privacy is of utmost importance to us. We comply with all applicable data privacy laws including the General Data Protection Regulation regarding personal data collected and processed concerning residents of the European Union and European Economic Area.
What Personal Data We Collect and Process
The Company collects business contact and financial information from our business customers and vendors. We collect personal contact information, purchase information, and customer experience information from individuals who purchase products and services from our business customers.
How and Why We Process Personal Data
The Company processes personal information for the following purposes:
- Providing products and services to our business customers. The Company collects and processes the business contact information of the individuals working for our business customers so that we can enter into and perform contracts with our business customers to provide our products and services.
- Working with our vendors. The Company collects and processes the business contact information of the individuals working for our vendors so that we can enter into and perform contracts with our vendors.
- Generating customers for our business customers. The Company collects and processes the personal contact information and business contact information of individuals through Company created websites, display banners, chat boxes, social media platforms, telephone calls, and interviews. Personal information is also collected through forms completed by individuals to register for events and subscribe to publications. This personal information is shared with our business customers to assist them in their customer acquisition efforts.
- Enhancing the customer experience for the benefit of our business customers. The Company collects and processes personal contact information and business contact information about individuals who purchase products and services from our business customers as well as their impressions of their purchase experience and experience with the products and service. We collect this personal information through surveys, telephone calls and interviews. This personal information is shared with our business customers to assist them in their customer relations efforts.
- Making our websites more useful. For each HTTP (which is what your web browser generates when you request a page or part of a page from a web site) request received, the Company automatically collect and store only the following information: the date and time, the originating IP address, the type of browser and operating system used (if provided by the browser), the URL of the referring page (if provided by the browser), and the object requested completion status of the request pages visited. We use the information that we collect to measure the number of visitors to the different areas of our sites, and to help us make our sites more useful to visitors. This includes analyzing these logs periodically to determine the traffic through our servers, the number of pages served, and the level of demand for pages and topics of interest.
Interaction with Children
We do not collect personal data of and our websites do not target or provide content to children under the age of 16.
Cookies are small files that web servers place on a user’s hard drive. The Company does not use “persistent cookies” or any other persistent tracking methods to collect personal information about visitors to its websites. Cookies serve several functions:
- They allow the website to identify you as a previous visitor each time you access a site;
- They track what information you view at a site (important to commercial sites trying to determine your buying preferences);
- In more advanced cases, they track your movements through many websites but not the whole Web;
- Businesses use them for customer convenience to allow them to produce a list of items to buy and pay for them all at one time and to garner information about what individuals are buying at their sites;
- Advertisers use them to determine the effectiveness of their marketing and offer insights into consumer preferences and tastes by collecting data from many websites.
- They are used to help a website tailor screens for each customer’s preference.
We Also Collect and Use Non-Personal Data
In addition to personal information, we collect and store non-personal (such as search engine queries and anonymous survey responses) to help us better understand and meet the needs of our visitors. We may share non-personal information with others, including the public, in aggregated form (for instance, in a list of our most popular search engine queries), in partial or edited form (such as in a report summarizing responses to a questionnaire), or verbatim (for example, in a complete listing of survey responses).
Data Subject Rights of EU Residents
EU residents have the following rights regarding their personal data:
- Right of Access: You have the right to obtain confirmation from the Company as to whether or not personal data concerning you is being processed and how, what when, why and for how long your personal data is processed and to whom it is disclosed.
- Right to Rectification: You have the right to request the Company to correct inaccurate personal data and to complete incomplete personal data.
- Right to Erasure (Right to be Forgotten): You have the right to request the Company to erase personal data concerning you where your personal data is no longer needed for the purposes for which it was collected or processed or has otherwise been improperly processed.
- Right to Object: You have the right to object to the processing of your personal data if the processing is based upon the Company’s legitimate interest or for the performance of a task carried out in the public interest, including any profiling based on such processing, or if the processing is for direct marketing.
- Right to Restrict Processing: You have the right to request the Company to restrict the processing of your personal data while your data subject rights requests are being investigated and answered.
- Right to Portability: You have the right to receive personal data that you have provided to the Company and transmit such personal data to another entity where the processing of such personal data is based on consent and is processed by automated means. Additionally, you have the right to require the Company to transmit such personal data directly to another entity, where technically feasible.
- Right not to be Subject to Automated Decision-Making, Including Profiling: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or significantly affects you.
To make a subject access request, you should send the request to James Ferrato, Chief Information Officer, firstname.lastname@example.org. in some cases, the company may need to ask for proof of identification before the request can be processed. the company will inform you if it needs to verify your identity and the documents it requires. the company normally will respond to a request within a period of one month from the date it is received. in some cases, such as where the company processes large amounts of an individual’s personal data, it may respond within three months of the date the request is received. the company will write to you within one month of receiving the original request to tell you if this is the case.
Privacy Rights of California Residents
Pursuant to Californian Civil Code Section 1798.83, California residents have the right to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to our Director of Security and Compliance by e-mail at email@example.com.
The Company takes the security of personal data seriously. The Company has internal policies and technical measures in place to protect personal data against loss, accidental destruction, misuse or disclosure. Such internal policies and technical measures include:
- The use of pseudonymization and encryption of personal data where appropriate;
- Procedures and controls to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services;
- Procedures and controls to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident;
- Procedures for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing; and
- Procedures to ensure that data is not accessed, except by employees in the proper performance of their duties.
For site security purposes and to ensure that this service remains available to all users, this computer system employs software programs to monitor network traffic to identify unauthorized attempts to upload or change information, or otherwise cause damage to the information on our websites. Unauthorized attempts to upload information or change information on this service are strictly prohibited and may be punishable under the Computer Fraud and Abuse Act of 1986.
The Company retains personal information only for the period of time necessary to meet the purposes for which it was collected, to fulfil the legitimate business interests of the Company, and to comply with any data retention laws or legal requirements. For example,
When the Company engages third parties to process personal data on its behalf, such third parties are required by contract to process the personal data based on the Company’s written instructions, are under a duty of confidentiality, and are required to implement appropriate technical and organizational measures to ensure the security of the personal data.
When the Company shares personal information of EU residents with affiliated companies, vendors, and business customers located outside of the EU, such as the U.S., the Company uses appropriate safeguards such as standard contract clauses to protect the personal information.
Questions and Concerns
Any questions or concerns regarding how the Company processes personal information should be directed to our Director of Security and Compliance by e-mail at firstname.lastname@example.org. EU residents also have the right to lodge a complaint with the local or national data protection authority in the jurisdiction where they reside. A listing of the EU Data Protection Authorities (“DPAs”) is located at: http //ec.europa.eu/justice/data-protection/article-29/structure/data-protection-authorities/index_en.htm. Dispute resolution: If for some reason you believe this site has not adhered to these principles, please notify James Ferrato, Chief Information Officer, at email@example.com. If our web pages are not fully in compliance with our stated policies, they will be corrected.