Effective Date: [1/1/2019]
We always seek to improve our Services to you, and that requires that we collect, store, share, and use information about you and your usage preferences. As we do so, we are absolutely committed to protecting your privacy and the security of your personal information.
LAWFUL BASIS FOR PROCESSING
When you enter into an agreement with us, either in hard copy or by clicking “I Accept” or similar language online, we will process your Data for the purposes of fulfilling the terms of our contract with you. In that case, our processing of your Data is based on the contract, so your withdrawal of consent will only be effective after the purposes for processing that Data have been fulfilled and after we no longer have a legal obligation to keep that Data.
In all cases, we will comply with applicable law and we will cease processing your Data after the legal obligation or other necessity passes.
The Services are directed solely to persons 18 years of age or older or of children under 18 who are supervised by a parent, guardian, or other caregiver. Other than for Data collected for the specific purpose of providing the Services to users, we do not knowingly collect Data from users who are under 13. If we become aware that we have gathered Data from a person under 13, except to provide the Services to such person, then we will attempt to delete such Data as soon as possible, subject to our obligations under applicable law. If you believe that we have gathered Data from a person under 13 in contravention of this policy, please contact us at email@example.com.
INFORMATION WE COLLECT AND HOW WE USE IT
- Registration Data
- Data Description: Registration Data consists of the name, e-mail address, and other contact information you provide us in conjunction with the use of Services, both when you register your account and thereafter. Registration Data also includes your username, membership type, and membership end date.
- Lawful Basis for Processing: Our lawful basis for processing Registration Data is our contract with you. We can only provide the Services to you if we have the Registration Data, so we need to store and access that Registration Data during the term of our contract. For individuals who visit our website but who do not enter into Terms of Service with us, Registration Data may be used for purposes of marketing our Services to you, and our lawful basis is our legitimate interest in offering those Services to individuals who have expressed an interest in our Services by accessing our website or other tools.
- How We Use It and Who We Share It With: Registration Data is accessible only to us. We use it only to provide the Services to you. At times, we will share the Registration Data with third parties at your request or to fulfill requests that you make to us. We may use your Registration Data to offer goods or services to you, but only after obtaining your specific consent.
- Third-Party Data
- Data Description: Third-Party Data consists of information regarding the online behavior of our clients’ visitors and customers. Our Services do not process any Third-Party Data. Instead, our clients use our Services to create codes to use in other systems, and those other systems generate data and execute campaigns using Third-Party Data. In other words, clients using our Services do not access any personal data of their customers via our Services, and we do not have visibility to the Third-Party Data except in limited circumstances where clients may request support.
- Lawful Basis for Processing: Our lawful basis for processing Third-Party Data is (1) our contract with you and (2) our legitimate interest in improving our Services based on the Third-Party Data we receive from you. You are responsible to ensure that you, in turn, have a lawful basis for processing Third-Party Data.
- How We Use It and Who We Share It With: Your Third-Party Data is accessible only to you, to us, where you specifically request support, and where it relates directly to a third party who also provides services in connection with our Services, to that third party, in which case we will obligate such third party by contract to protect the confidentiality of your Third-Party Data. We do not share Third-Party Data with other third parties, except at your specific request.
- Usage Data
- Data Description: Usage Data consists of the following and similar information:
- Information about your interactions with the Services which includes the date and time of any requests you make and information related to your visits of our website and other online tools. This also may include details of your use of Third-Party Applications and advertising you receive.
- The timing of the information you post to the Services including messages you send and/or receive via the Services and your interactions with our customer service team, but not including the content of those interactions and messages, which would be included as Third-Party Data.
- Technical data which may include URL information, cookie data, your IP address, the types of devices you are using to access or connect to the Services, unique device IDs, device attributes, network connection type (e.g. WiFi, 3G, LTE, Bluetooth) and provider, network and device performance, browser type, language, information enabling digital rights management, operating system, and application version.
- Motion-generated or orientation-generated mobile sensor data (e.g. accelerometer or gyroscope) required for the purposes of providing specific features of the Services to you.
- Lawful Basis for Processing: Our lawful basis for processing Usage Data is (1) our contract with you and (2) our legitimate interest in improving our Services based on the Usage Data we receive from you. For individuals interacting with our website but not entering into a separate Terms of Service, our lawful basis for processing Usage Data is our legitimate interest in marketing our Services to individuals or companies who have shown interest in our Services by visiting our website or accessing our tools.
- How We Use It and Who We Share It With: Usage Data is accessible to us and to you. We do not share it with third parties, except at your specific request, but we may use Usage Data to make improvements to the Services and to offer Services to you. We may also use Usage Data in an aggregated format that is not identifiable to any individual, and that aggregated information belongs solely to us. To the extent we are required to delete any Usage Data about you, we may still retain aggregated and anonymized information that may have originated as your Usage Data.
- Current and Potential Employees
We often use the services of third parties to help us to recruit new employees and independent contractors and to manage our interactions with current employees and independent contractors. We do our best to contractually ensure that these third-party service providers comply with the policies we have adopted. However, we can’t guarantee their compliance in every case.
Our lawful basis for processing Data about potential and current employees and independent contractors is our contract with them and our legitimate interest in processing that Data, both to facilitate the formation of a formal relationship and to manage that relationship once it is formed. We only use employment Data for the direct purpose of the employment or independent contractor relationship, and we cease using it as soon as that relationship ends. However, we may keep and process that Data after the relationship ends when we are required to do so by applicable law or to preserve legal claims that may arise.
- Recipients of White Papers and Other Materials
SHARING YOUR INFORMATION
Except where a specific limitation is noted above, we may share your Data as follows:
- At Your Instruction. If you request us to make your Data available to a third party, and such request furthers the purposes of our Services, we will do so.
- Sharing with Vendors. In certain cases, we use the services of third-party vendors to assist us in providing the Services. We may share your Data with such vendors solely for that purpose, and we will require those parties to abide by our privacy policies.
- Service Providers. We may sometimes use a third party to provide specific Services on our behalf, including sending e-mails to our members, conducting member surveys, marketing our services to you (including on other sites you visit), processing transactions or performing statistical analysis of our Services. In these cases, we may provide certain personal information, such as your name and e-mail address and other information necessary for the service to be provided. We may also provide certain portions of your Data, such as your email address or name, back to your internet service provider if we have an existing advertising relationship with them. This is done to allow them to target or discontinue your exposure to our advertisements, once you have become a participating member of our Services. In each case these third parties are required to maintain the confidentiality of this information and are prohibited from retaining, sharing, storing or using this information for any other purposes.
- Business Transitions. In the event that we go through a business transition, such as a merger, acquisition, liquidation or sale of all or a portion of our assets, the information we have about you will, in most instances, be part of the assets transferred. We reserve the right to transfer that information in connection with such transactions without notice to you. We will not obtain your consent for such a transfer.
- Legal Disclosure. We may disclose your Information if required to do so by law or in the good faith belief that such action is necessary to conform to applicable law, comply with a judicial proceeding, court order or legal process served on us, protect and defend our rights or property, or investigate, prevent or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, or violations of our terms of service.
If we ever plan to use any Data in the future for any other purposes not identified above and we do not have a separate lawful basis for that processing, we will only do so after obtaining your specific consent.
TECHNOLOGIES WE USE
The technologies we use for automatic Data collection may include the following:
- Flash Cookies. Certain features of our Services may use local stored objects (or Flash cookies) to collect and store information about your preferences and navigation to, from and on our Services. Flash cookies are not managed by the same browser settings as are used for browser cookies.
- Web Beacons. Pages of the Services and our e-mails may contain small electronic files known as web beacons (also referred to as clear gifs. pixel tags and single-pixel gifs) that permit the Company, for example, to count users who have visited those pages or opened an e-mail and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).
YOUR CHOICES REGARDING OUR USE AND DISCLOSURE OF YOUR DATA
We only use your Data for marketing purposes if you give us your specific consent. If, after giving your consent, you wish to stop receive marketing e-mails from us, please follow the instructions below. (Note that if you are a resident of the European Union, we will never use your personal data for third-party marketing purposes unless you have clicked on a box online to expressly give consent for such use.)
- Receiving electronic communications from us: If you no longer want to receive marketing-related emails from us on a going-forward basis, you may opt-out of receiving these marketing-related emails by sending a request for list removal to [firstname.lastname@example.org]
We will try to comply with your request(s) as soon as reasonably practicable. Please also note that if you do opt-out of receiving marketing-related emails from us, we may still send you messages for administrative or other purposes directly relating to your use of the Services, and you cannot opt-out from receiving those messages.
PRIVACY FOR EU RESIDENTS
In certain circumstances, residents of The European Economic Area (EEA) have the following data protection rights:
- The right to access, update or delete the information we have on you. Whenever made possible, you can access, update or request deletion of your Personal Data directly within your account settings section. If you are unable to perform these actions yourself, please contact us to assist you.
- The right of rectification. You have the right to have your information rectified if that information is inaccurate or incomplete.
- The right to object. You have the right to object to our processing of your Personal Data.
- The right of restriction. You have the right to request that we restrict the processing of your personal information.
- The right to data portability. You have the right to be provided with a copy of the information we have on you in a structured, machine-readable and commonly used format.
- The right to withdraw consent. You also have the right to withdraw your consent at any time where Claravine relied on your consent to process your personal information.
Please note that we may ask you to verify your identity before responding to such requests.
You have the right to complain to a Data Protection Authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority in the European Economic Area (EEA).
For employees and other authorized users operating in their role as administrators or users of our services, our lawful basis is the legitimate interest we have in providing the services to their employer.
If you are a client or customer who accesses the Data of third parties in connection with your services rendered to us, you, your employees, and your other authorized users agree to be bound by the provisions of the GDPR with respect to any Data with which you come in contact using Services, including without limitation the personal data belonging to individuals with whom you communicate or whose personal data you access using the Services. Specifically, you agree that you, your employees, or other authorized users will:
- Never access, process, transfer, view, use, or store any Data of any third party without express authorization, and then only for purposes directly related to fulfilling your contractual obligations under your agreement with any third party (“Data Secrecy”);
- Keep all Data strictly confidential and disclose Data only on a strict need-to-know basis to other employees or authorized users only as required for fulfilling an individual’s contractual obligations (“Confidentiality”); however, you agree that you shall not disclose or otherwise make accessible Data under any circumstances to anyone who has not been obliged to Data Secrecy and Confidentiality.
- Ensure that your obligations of Data Secrecy and Confidentiality are observed forever, both during and after the expiration and/or termination of any agreement with us or any contractual relationship you may have with an employer or other party.
- Upon our request to provide Company with satisfactory evidence that you have complied with your obligations of Data Secrecy and Confidentiality as set forth in this agreement.
The GDPR also requires us to take appropriate technical and organizational measures to protect the security of Data belonging to residents of Europe. We make commercially reasonable efforts to ensure the privacy and security of the Data of our European visitors and customers, and we are happy to give you a complete description of our most current efforts, if you will write us at email@example.com.
The security of your Data is important to us. We use commercially reasonable efforts to store and maintain your Data in a secure environment. We take technical, contractual, administrative, and physical security steps designed to protect Data that you provide to us. We have implemented procedures designed to limit the dissemination of your Data to only such designated staff as are reasonably necessary to carry out the stated purposes we have communicated to you.
ACCESS AND ACCURACY
You have the right to access the information we hold about you in order to verify the information we have collected in respect to you and to have a general account of our uses of that information. Upon receipt of your written request, we will provide you with a copy of your information, although in certain limited circumstances we may not be able to make all relevant information available to you, such as where that information also pertains to another user. In such circumstances we will provide reasons for the denial to you upon request. We will endeavor to deal with all requests for access and modifications in a timely manner.
We will make every reasonable effort to keep your information accurate and up-to-date, and we will provide you with mechanisms to update, correct, delete or add to your information as appropriate. As appropriate, this amended information will be transmitted to those parties to which we are permitted to disclose your information. Having accurate information about you enables us to give you the best possible service.
You can help by keeping us informed of any changes such as a change of your personal contact information. If you would like to access your information, if you have any questions, comments or suggestions of if you find any errors in our information about you, please contact us at firstname.lastname@example.org. If you have a complaint concerning our compliance with applicable privacy laws, we will investigate your complaint and if it is justified, we will take appropriate measures.