Version 1.4 – Last Updated Feb 22, 2017
1. Web sites and applications covered
2. Information collected
When expressing an interest in obtaining additional information about the Services or registering to use the Services, we may require you to provide our company with personal contact information, such as name, your company name, address, phone number, and email address (“Required Contact Information”). When purchasing the Services, we may require you to provide our company with financial qualification and billing information, such as billing name and address, credit card number, and the number of employees within the organization that will be using the services (“Billing Information”). we may also ask you to provide additional information, such as your company number of employees or industry (“Optional Information”).
As you navigate our company’s web sites and applications, we may also collect information through the use of commonly-used information-gathering tools, such as cookies and web beacons (“Web Site Navigational Information”). Web Site Navigational Information includes standard information from your web browser (such as browser type and browser language), your Internet Protocol (“IP”) address, and the actions you take on our company’s web sites (such as the web pages viewed and the links clicked).
3. Use of information collected
Our company uses data about our customers to perform the services requested. For example, if you fill out a “Contact Me” web form, our company will use the information provided to contact you about your interest in the Services.
Our company may also use data about our customers for marketing purposes. For example, our company may use information you provide to contact you to further discuss your interest in the Services and to send you information regarding our company and its partners, such as information about promotions or events.
We use credit card information solely to check the financial qualifications and collect payment from prospective customers and attendees. We use Web Site Navigational Information to operate and improve our company’s web sites.
4. Web Site Navigational Information
Cookies, Web Beacons and IP Addresses
We use commonly-used information-gathering tools, such as cookies and Web beacons, to collect information as you navigate our company’s web sites (“Web Site Navigational Information”). This section describes the types of Web Site Navigational Information used on our company’s web sites and how this information may be used.
We use web beacons alone or in conjunction with cookies to compile information about customers and visitors’ usage of our company’s web sites and interaction with emails from our company. Web beacons are clear electronic images that can recognize certain types of information on your computer, such as cookies, when you viewed a particular web site tied to the web beacon, and a description of a web site tied to the web beacon. For example, we may place web beacons in marketing emails that notify our company when you click on a link in the email that directs you to one of our company’s web sites. we use web beacons to operate and improve our company’s web sites and email communications.
When you visit our web sites or applications, our company collects your Internet Protocol (“IP”) addresses to track and aggregate non-personal information. For example, we use IP addresses to monitor the regions from which customers and visitors navigate our company’s web sites.
5. Public forums, refer a friend, and customer testimonials
We may provide bulletin boards, blogs, or chat rooms on our company’s web sites. Any personal or corporate information you choose to submit in such a forum may be read, collected, or used by others who visit these forums, and may be used to send you unsolicited messages. We are not responsible for the personal information you choose to submit in these forums.
Customers and visitors may elect to use our company’s referral program to inform friends about our company’s web sites. When using the referral program, our company requests the friend’s name and email address. We may send the friend a one-time email inviting him or her to visit our company’s web sites.
We may post a list of customers and testimonials on our company’s web sites that contain information such as customer names and titles. We will obtain the consent of each customer prior to posting any information on such a list or posting testimonials.
6. Sharing of information collected
We may use a third-party service provider to manage credit card processing. This service provider is not permitted to store, retain, or use billing information except for the sole purpose of credit card processing on our company’s behalf.
We reserve the right to use or disclose information provided if required by law or if our company reasonably believes that use or disclosure is necessary to protect our company’s rights and/or to comply with a judicial proceeding, court order, or legal process.
7. International transfer of information collected
All data is currently stored on our servers is subject to any applicable laws within the country where the server is hosted. Please contact firstname.lastname@example.org to request that your data be hosted in a specific location. Servers are currently available in the United States, the United Kingdom, Australia and South Africa.
8. Communications preferences
You may send a request to opt out of receiving any marketing and/or sales communications to email@example.com. Customers cannot opt out of receiving transactional emails related to your OrgChart Now account.
9. Correcting and updating your information
To update billing or other customer Information or to have information deleted, please email firstname.lastname@example.org. To discontinue your account and to have information you maintained in the Services returned to you, please email email@example.com. Requests to access, change, or delete your information will be handled within 30 days.
10. Customer Data
Customers may electronically submit data or information to the services for hosting and processing purposes (“Customer Data”). We will not review, share, distribute, or reference any such customer data except as required by law. We may access customer data only for the purpose of providing the Services, preventing or addressing service or technical problems, at a customer’s request in connection with customer support matters, or as may be required by law.
We use robust security measures to protect customer data from unauthorized access, maintain data accuracy, and help ensure the appropriate use of customer data. We host our web sites and applications in a secure server environment that uses firewalls, intrusion detection systems, and other advanced technology to prevent interference or access from outside intruders. Customers are responsible for maintaining the security and confidentiality of their usernames and passwords. All passwords are encrypted using one way encryption mechanisms and are encrypted both while in transit and at rest.
12. Data Storage
We uses third party vendors and hosting partners to provide the necessary hardware, software, networking, storage, and related technology required to run our services. Although we own the code, databases, and all rights to our applications, you retain all rights to your data.
14. Your California Privacy Rights
If you are a California resident, California Civil Code Section 1798.83 permits you to request and obtain from us once a year, free of charge, information about the personal information (if any) we disclosed to third parties for direct marketing purposes in the preceding calendar year. If applicable, this information would include a list of the categories of personal information that was shared and the names and addresses of all third parties with which we shared information in the immediately preceding calendar year. If you do not want your name and contact information to be shared with any company or organization, you may notify us at any time by emailing us at the address below.
15. Privacy Shield
In compliance with the Privacy Shield Principles, Our company commits to resolve complaints about our collection or use of your personal information. Individuals in the European Union with inquiries or complaints regarding our Private Shield policy should first contact our company at: firstname.lastname@example.org.
Our company is responsible for the processing of personal data it receives under the Privacy Shield Framework and subsequently transfers to a third party acting as an agent on its behalf. Our company complies with the Privacy Shield Principles for all onward transfers of personal data from the EU, including the onward transfer liability provisions.
It is company policy to provide individuals with access to personal data about them that our company holds about them and provides them with a means to request the correction, amendment, or deletion of that information where it is inaccurate, or has been processed in violation of the Principles, except where the burden or expense of providing access would be disproportionate to the risks to the individual’s privacy in the case in question, or where the rights of persons other than the individual would be violated.
Individuals also may be able to invoke binding arbitration, under certain circumstances where permitted by the Privacy Shield program, if the individual believes there has been a violation of Privacy Shield requirements that has not been appropriately addressed by our company.
With respect to personal data received or transferred pursuant to the Privacy Shield Framework, our company is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, our company may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Our company has further committed to cooperate with EU data protection authorities (DPAs) with regard to human resources data transferred from the EU in the context of the employment relationship. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact the EU DPAs for more information or to file a complaint.
The General Data Protection Regulation (GDPR) is a set of laws due to be enacted in the EU in 2018. Privacy Shield is an agreement between the EU and US allowing for the transfer of personal data from the EU to US. The GDPR has specific requirements regarding the transfer of data out of the EU. One of these requirements is that the transfer must only happen to countries deemed as having adequate data protection laws. Privacy Shield is designed to create an program whereby participating companies are deemed as having adequate protection, and therefore facilitate the transfer of information. In short, Privacy Shield allows US companies, or EU companies working with US companies, to meet this requirement of the GDPR.
17. Contacting us