Privacy Policy

Privacy Policy

Privacy Shield Privacy Policy

European Union Supplement

Online Privacy Policy

Trintech Inc., (“Trintech,” “Company,” “we,” “us”) respects the privacy of individuals with whom we interact (“you”).

This policy describes the types of information we may collect from you or that you may provide when you visit the website www.trintech.com (our “Website”) and our practices for collecting, using, maintaining, protecting and disclosing that information.

This policy applies to information we collect:

    • On this Website.
    • In e-mail, text and other electronic messages between you and Us.
    • When you interact with our advertising and applications on third-party websites and services, if those applications or advertising include links to this policy.
    • Information that we collect pursuant to the marketing and provision of our services.

It does not apply to information collected by:

    • any other website operated by the Company or any third party including our affiliates and subsidiaries.

Please read this policy carefully to understand our policies and practices regarding your information and how we will treat it. If you do not agree with our policies and practices, your choice is not to use our Website. This policy may change from time to time (see Changes to our Privacy Policy).

Our Website is not intended for children under 13 years of age. No one under age 13 may provide any information to or on the Website. We do not knowingly collect personal information from children under 13. If you are under 13, do not use or provide any information on this Website or on or through any of its features/register on the Website, make any purchases through the Website, use any of the interactive or public comment features of this Website or provide any information about yourself to us, including your name, address, telephone number, e-mail address or any screen name or username you may use. If we learn we have collected or received personal information from a child under 13 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 13, please contact us at privacy@trintech.com.

Information We Collect About You and How We Collect It

We collect several types of information from and about users of our Website or individuals with whom we otherwise interact, including information:

    • by which you may be personally identified, such as name, postal address, e-mail address, telephone number, business, title, or any other identifier by which you may be contacted online or offline (personal information”);
    • your professional information necessary to market and deliver our services;
    • that is about you but individually does not directly identify you, such as browser information, general location of access (on a city-specific level); and/or
    • about your internet connection, the equipment you use to access our Website and usage details.

 Information You Provide to Us

The information we collect on or through our Website or elsewhere may include:

    • Information that you provide by filling in forms on our Website. This includes information provided at the time of requesting further information about our products or downloading information contained on this site. We may also ask you for information when you report a problem with our Website.
    • Records and copies of your correspondence (including e-mail addresses), if you contact us.
    • Your responses to surveys that we might ask you to complete for research purposes.
    • Your search queries on the Website.
    • When you correspond with us about our service or otherwise.
    • In the course of providing services
    • Automatically as you navigate through the site. Information collected automatically may include usage details, IP addresses and information collected through cookies, and other tracking technologies.

The technologies we use for this automatic data collection may include:

Cookies (or browser cookies). A cookie is a small file placed on the hard drive of your computer. You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if you select this setting you may be unable to access certain parts of our Website. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our Website. These are stored in your browser and allow websites to remember some information between page views and visits. If you wish to disable cookies go to your browser’s internet options, find the privacy tab and set the appropriate privacy level to disallow the use of cookies.

Flash Cookies. Certain features of our Website may use local stored objects (or Flash cookies) to collect and store information about your preferences and navigation to, from and on our Website. Flash cookies are not managed by the same browser settings as are used for browser cookies. For information about managing your privacy and security settings for Flash cookies, see Choices about How We Use and Disclose Your Information.

We may tie this information to personal information about you that we collect from other sources or you provide to us.

You also may provide information to be published or displayed (hereinafter, posted”) on public areas of the Website, or transmitted to other users of the Website or third parties (collectively, User Contributions”). Your User Contributions are posted on and transmitted to others at your own risk. Although we limit access to certain pages, please be aware that no security measures are perfect or impenetrable. Additionally, we cannot control the actions of other users of the Website with whom you may choose to share your User Contributions.

Therefore, we cannot and do not guarantee that your User Contributions will not be viewed by unauthorized persons.

 How We Use Your Information

The below chart summarizes our use of personal information:

Types of Information Collected Source of the Information Purpose for Collection Information Disclosed for a Business or Commercial Purpose? (Yes/No) Categories of Third Parties (Which Does Not Include Service Providers) with whom the Your Information is Shared.
Identifiers (e.g., name, e-mail, postal address, and phone number) Information directly submitted by a consumer online; information collected pursuant to a transaction; information collected by our service providers on our behalf; and information collected through communications with our customer service department.

 

    • To directly market our services to you.
    • To present our Website and its contents to you.
    • To provide you with information, products or services that you request from us.
    • To fulfill any other purpose for which you provide it.
    • To notify you about changes to products or services we offer or provide though it.
    • In any other way we may describe when you provide the information.
    • For any other purpose with your consent.
Yes Not shared with third parties.
Professional or Employment Information

 

Information directly submitted by a consumer online; information collected pursuant to a transaction; information collected by our service providers on our behalf; and information collected through communications with our customer service department.

 

    • To directly market our services to you.
    • To present our Website and its contents to you.
    • To provide you with information, products or services that you request from us.
    • To fulfill any other purpose for which you provide it.
    • To notify you about changes to products or services we offer or provide though it.
    • In any other way we may describe when you provide the information.
    • For any other purpose with your consent.
Yes Not shared with third parties.
Commercial Information (e.g., purchase histories)

 

 

Information directly submitted by a consumer online; information collected pursuant to a transaction; information collected by our service providers on our behalf; and information collected through communications with our customer service department.

 

    • To directly market our services to you.
    • To present our Website and its contents to you.
    • To provide you with information, products or services that you request from us.
    • To fulfill any other purpose for which you provide it.
    • To notify you about changes to products or services we offer or provide though it.
    • In any other way we may describe when you provide the information.
    • For any other purpose with your consent.
Yes Not shared with third parties.
Website Browsing Activity Web tracking technology such as browser cookies, flash cookies, and web beacons.
    • Website functionality, customization and security.
    • Advertising and marketing.
Yes Third party web tracking providers (but only after you direct us to do so).

We do not rent, sell or share personal information about you with other people or nonaffiliated companies.

Disclosure of Your Information

We may disclose aggregated information about our users, and information that does not identify any individual, without restriction.

We may disclose personal information that we collect or you provide as described in this privacy policy:

    • To our subsidiaries and affiliates.
    • To contractors, service providers we use to support our business and who are bound by contractual obligations to keep personal information confidential and use it only for the purposes for which we disclose it to them.
    • To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution or other sale or transfer of some or all of our or a affiliate’s assets, whether as a going concern or as part of bankruptcy, liquidation or similar proceeding, in which personal information held by us about our Website users is among the assets transferred.
    • To fulfill the purpose for which you provide it.
    • For any other purpose disclosed by us when you provide the information.
    • With your consent.
    • To comply with any court order, law or legal process, including to respond to any government or regulatory request.

 Choices About How We Use and Disclose Your Information

We strive to provide you with choices regarding the personal information you provide to us. We have created mechanisms to provide you with the following control over your information which may be presented to you when you visit the website. In addition, you may use the following processes to control cookies:

    1. Tracking Technologies and Advertising.You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. To learn how you can manage your Flash cookie settings, visit the Flash player settings page on Adobe’s website. If you disable or refuse cookies, please note that some parts of this site may then be inaccessible or not function properly.
    2. Promotional Offers from the Company.If you do not wish to have your e-mail address/contact information used by the Company to promote our own or third parties’ products or services, you can opt-out by clicking the link to unsubscribe or update your communication preferences in our initial email contact with you or by sending us an e-mail stating your request to info@trintech.com.
    3. We do not control third parties’ collection or use of your information to serve interest-based advertising. However, these third parties may provide you with ways to choose not to have your information collected or used in this way. You can opt out of receiving targeted ads from members of the Network Advertising Initiative (“NAI”) on the NAI’s website.

Accessing and Correcting Your Information

If you delete your User Contributions from the Website, copies of your User Contributions may remain viewable in cached and archived pages or might have been copied or stored by other Website users.

California Residents

California residents have specific rights under the California Consumer Privacy Act (“CCPA”). Please note that we will seek to verify your identity when we receive an individual rights request in order to ensure the security of your information and that you may assign an authorized agent make a request on your behalf. Please contact us at privacy@trintech.com to exercise any of the rights described in this section.

California residents have the right to request the deletion of personal information, but Trintech may not delete some or all requested personal information as required or allowed by applicable law. California residents may also request to receive details about how we collect, use, and share your personal information. Specifically, you may request to receive the specific pieces of personal information that we have collected about you.

We do not sell personal information and do not discriminate against you for exercising any CCPA rights, such as the access and deletion rights described above. If we choose to offer a product enhancement or financial incentive that is contingent on you sharing personal information, we will ensure that the value provided to us by that collection is reasonably related to the value of the product enhancement or financial incentive.

Data Security

We have implemented measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration and disclosure.

The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Website, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. We urge you to be careful about giving out information in public areas of the Website like message boards. The information you share in public areas may be viewed by any user of the Website.

Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our Website. Any transmission of personal information is at your own risk.

Do not Track Requests

Certain State laws require that we indicate whether we honor “Do Not Track” settings in your browser concerning targeted advertising. “Do Not Track” is a standard that is currently under development. As it is not yet finalized, we adhere to the standards set out in this Privacy Policy and do not monitor or follow any Do Not Track browser requests.

Changes to Our Privacy Policy

It is our policy to post any changes we make to our privacy policy on this page. If we make material changes to how we treat our users’ personal information, we will notify you by e-mail to the e-mail address provided to us or through a notice on the Website. The date the privacy policy was last revised is identified at the top of the page.

 Contact Information

To ask questions or comment about this privacy policy and our privacy practices, contact us at privacy@trintech.com.

International Considerations

We may store, process and transmit information in the United States and locations around the world – including those outside your country.

Trintech puts in place appropriate safeguards or identifies an applicable derogation, each in accordance with applicable legal requirements to provide adequate protections for any transferred personal data.  For example, we may use European Commission-approved “Standard Contractual Clauses” or “Model Clauses”.

Trintech also complies with the EU-U.S. and Swiss–U.S. Privacy Shield Frameworks as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union, the European Economic Area, and Switzerland to the United States. You can learn more about Privacy Shield at https://www.privacyshield.gov.

Updated: July 16, 2021

PRIVACY SHIELD PRIVACY POLICY

Trintech Inc., (“Trintech” or “Company”) has voluntarily adopted this Privacy Shield-compliant Privacy Policy (“Policy”) to establish and maintain an adequate level of protection for Personal Data (as defined below) that Trintech may collect from its Customers (defined herein) in the European Union and Switzerland. This Policy complies with the EU-US Privacy Shield Framework and the Swiss–US Privacy Shield Framework as set forth by the US Department of Commerce regarding such collection, use, and retention of such Personal Data from European Union member countries and the United Kingdom and Switzerland, respectively. Trintech has certified that it adheres to the Privacy Shield Privacy Principles of notice, choice, and accountability for onward transfer, security, data integrity and purpose limitation, access, recourse, enforcement and liability. If there is any conflict between the policies in this Policy and the Privacy Shield Privacy Principles, the Privacy Shield Privacy Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov. A current list of organizations certified under the EU-U.S. and Swiss-U.S. Privacy Shield framework (“Privacy Shield List”) is available at https://www.privacyshield.gov/list. For more information about Trintech’s processing of personal data obtained on its website, please visit Trintech’s Online Privacy Policy.

  1. Definitions.

The following capitalized terms in this Policy have the following meanings:

Agent” means any third-party processor that collects and/or uses Personal Data provided by Trintech to perform tasks on behalf of and under the instructions of Trintech.

Customer” means an individual customer or client of Trintech from the EU or Switzerland. The term also shall include any individual agent, representative, of an individual customer of Trintech and all employees of Trintech where Trintech has obtained Personal Data from such Individual Customer as part of its business relationship with Trintech.

Employee” means an employee (whether temporary, permanent, part-time, or contract), former employee, or job applicant of Trintech or any of its affiliates or subsidiaries, who is also a resident of a country within the European Union or Switzerland.

Europe” or “European” refers to a country in the European Union.

GDPR” means the Regulation (EU) 2016/679 of the European Parliament;

Processing” of personal data means any operation or set of operations which is performed upon Personal Data, whether or not by automated means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure or dissemination, and erasure or destruction.

Sensitive Personal Data” means racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.

Services” means the services provided by Trintech to its Customers under an applicable agreement with Trintech, including but not limited to account reconciliation, intercompany reconciliation, journal entry, regulatory and financial reporting and compliance.

Third Party” means any individual or entity that is neither Trintech nor a Trintech employee, agent, contractor, or representative.

1.12 The terms, “Controller,” “Processor,” “Data Subject,” “Member State,” and “Personal Data,” shall have the same meaning as in the GDPR, and their cognate terms shall be construed accordingly. However, for Switzerland, the term “person” includes both a natural person and a legal entity, regardless of the form of the legal entity.

  1. Scope

This Policy applies to any Customer data provided to Trintech (i) as part of the implementation or support of the Services for Customer under an applicable Services agreement with Trintech, or (ii) through Trintech’s websites. This Policy also applies to such Personal Information received by Trintech from its Customers located in the European Union or Switzerland and recorded in any form or on their website. This Policy also applies to Processors that handle and process such Personal Information on behalf of Trintech.

  1. Types of Personal Data Trintech Collects

Trintech products do not require customers to provide personal data. However, customers often upload supporting documentation that may contain personal data. Trintech often does not know what type of Personal Data this documentation may contain.

Trintech may collect information from its business partners’ employees such as names, email addresses, and the contents of communications.

  1. Processing of European and Swiss Personal Data

As stated above, certain Customers of Trintech may in fact pay additional fees to upload Personal Data that may be received by Trintech as part of its Customers’ use of the Trintech Services. Specifically, Customers may upload files containing Personal Data via secure file transfer protocol (SFTP) via an SFTP server that systematically takes such files from the SFTP server and inputs it to the Customer application under the Services. The applications provided under the Services do not use Personal Data of Customer (or their customers), but Customers may upload files containing Personal Data to the file system within the Trintech Services as supporting documentation. Any Processing by Trintech of Personal Data under the Trintech Services provided to Customers adheres to the foregoing process.

As the Services are provided through hosting services providers, such uploaded Personal Data may be provided through Trintech’s service providers and suppliers (Processors) for the sole purpose and only to the extent needed to support the Customers’ business needs under the Services. These service providers and suppliers are required to keep confidential Personal Data received from Trintech and should not use it for any purpose other than originally intended. In case of data transfers to third parties acting as Controllers the affected individuals will be informed about the transfer and the underlying purposes respectively.

 5. Privacy Principles

This Policy complies with the EU-US Privacy Shield Framework and the Swiss–US Privacy Shield Framework as set forth by the US Department of Commerce regarding such collection, use, and retention of such Personal Data from European Union member countries and the United Kingdom and Switzerland, respectively. A detailed description of the EU-U.S. and Swiss- U.S. Privacy Shield Principles can be found on the U.S. Department of Commerce website at https://www.privacyshield.gov/EU-US-Framework.

      5.1. Notice

As a rule, Trintech does not collect any Personal Data from its Customers; however, its Customers are provided the capability under the Services mentioned in Section 2 above to upload Personal Data as a supporting file for Customer use under the Services. In such circumstances, the Personal Data is required to be masked before it is received by Trintech by the Customer, or otherwise encrypted. Where a Trintech Customer has uploaded a supporting file to Trintech that contains any Personal Data, Trintech may exchange such Personal Data between various affiliated companies and their operations, worldwide, all as necessary to provide the application Services requested by its Customers from Trintech or for general administrative purposes. Trintech may also use facilities, Employees or contractors worldwide to process or back-up information or to provide certain services to Trintech. Where a European or Swiss Customer of Trintech has uploaded a supporting file to Trintech that contains any such Personal Data, or Trintech receives it from its European affiliates, such Customer or the respective European affiliate will inform those individuals about the purposes for which it collects and uses such Personal Data about them; the transfer to Trintech in the U.S., the types or identity of third parties acting as controllers to which Trintech discloses that Personal Data, the purposes for which it does so; and the choices and means offered by Trintech for limiting the use and disclosure of their Personal Data, and about the right of individuals to access their Personal Data. Notice will be provided in clear and conspicuous language when individuals are first asked to provide Personal Data to Trintech, or as soon as practicable thereafter, and in any event before Trintech uses the information for a purpose other than that for which it was originally collected or discloses it for the first time to a third party.

      5.2. Choice

Trintech will work with its Customers to address such Customers’ providing their customers the opportunity to choose (opt-out) whether their Personal Data is (a) to be disclosed to a third party acting as a Controller, or (b) to be used for a purpose that is materially different from the purpose for which it was originally collected or subsequently authorized by the Customer. For Sensitive Personal Data, Trintech will give work with its Customers to ensure that its Customers’ customers have the opportunity to affirmatively and explicitly consent (opt-in) to the disclosure of their Sensitive Personal Data to (a) a third party acting as a Controller or (b) the use of the information for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual. Trintech will work with its Customers to provide its Customers’ customers reasonable (especially clear and conspicuous, readily available) mechanisms to exercise their choices.

      5.3. Accountability for Onward Transfer

Trintech will obtain assurances from its Processors that they will safeguard Personal Data consistent with this Policy and will transfer Personal Data only for limited and specific purposes. Examples of appropriate assurances that may be provided by Processors include: a contract obligating the Agent to provide at least the same level of protection as is required by the relevant EU-U.S. and Swiss-U.S. Privacy Shield principles, being subject to GDPR, EU-U.S. and Swiss-U.S. Privacy Shield certification by the Agent, or being subject to another European Commission adequacy finding. Trintech recognizes its responsibility and potential liability for onward transfers to Processors. Where Trintech has knowledge that a Processor is using or disclosing Personal Data in a manner contrary to this Policy and/or the level of protection as required by the EU-U.S. and Swiss-U.S. Privacy Shield Principles, Trintech will take reasonable and appropriate steps to prevent, remediate or stop the use or disclosure.

If Trintech transfers unencrypted Personal Data to non-affiliated third parties acting as a Controller, Trintech will apply the Notice and Choice Principles unless a derogation for specific situations under European data protection law applies and will obtain assurance from these parties that they will provide the same level of protection as is required under the Principles. Currently, Trintech does not intentionally transfer any Personal Data to any unaffiliated third party.

      5.4. Access

Upon request, Trintech will work with its Customers so that its Customers’ customers have reasonable access to Personal Data that Customer holds about them. In addition, Trintech will take reasonable steps to work with its Customers so that its Customers permit their individual customers to correct, amend, or delete information held by Customer that is demonstrated to be inaccurate or incomplete or has been processed in violation of the EU-U.S. and Swiss-U.S. Privacy Shield Principles. Trintech may limit an individual’s access to Personal Data where the burden or expense of providing access would be disproportionate to the risks to the individual’s privacy or where the legitimate rights of persons other than the individual would be violated.

      5.5. Security

All Personal Data uploaded to the Trintech Services by a Customer is required to be either encrypted within the database or otherwise masked prior to be transmitted to Trintech by the Customer. Trintech will take reasonable and appropriate precautions to protect Personal Data in its possession from loss, misuse and unauthorized access, disclosure, alteration and destruction, taking into due account the risks involved in the processing and the nature of the personal data.

      5.6. Data Integrity and Purpose Limitation

Trintech does not access or use any Personal Data uploaded by its Customers – such Personal Data is uploaded by the Customer and made available to such Customer for Customer’s use under the Services. Trintech will provide its Customers access to Personal Data through the Services only in ways that are compatible with the purposes for which it was collected or subsequently authorized by its Customers who uploaded the information (see 5.2.). Trintech will take reasonable steps with its Customers to ensure that Personal Data uploaded by Customers is relevant to its intended use, accurate, complete, and current. Trintech will adhere to the Principles if it retains Personal Data received under its EU-U.S. and Swiss-U.S. Privacy Shield certification.

      5.7. Recourse, Enforcement and Liability

Trintech utilizes the self-assessment approach to assure its compliance with this Policy. Trintech periodically verifies that this Policy is accurate, comprehensive for the information intended to be covered, prominently displayed, completely implemented, and in conformity with the EU-U.S. Privacy Shield principles. Trintech encourages interested persons to raise any concerns with it using the contact information below. Trintech will investigate and attempt to resolve complaints and disputes regarding use and disclosure of Personal Data in accordance with the principles contained in this Policy.

If Trintech determines that any person in its employ is in violation of this Policy such person will be subject to disciplinary action.

Any questions or concerns regarding the use or disclosure of Personal Data should be directed to the Privacy Officer at the address given below. Trintech will investigate and attempt to resolve complaints and disputes regarding use and disclosure of Personal Data in accordance with the principles contained in this Policy.

Trintech has agreed to cooperate with the data protection authorities in the EU and Switzerland and to participate in the dispute resolution procedures of the Panel established by the EU and Swiss Data Protection Authorities to resolve disputes pursuant to the EU-U.S. and Swiss-U.S. Privacy Shield principles available at the address given below. If Trintech or such Authorities determines that Trintech did not comply with this Policy, Trintech will take appropriate steps to address any adverse effects and to promote future compliance. Trintech is also subject to the investigatory and enforcement powers of the Federal Trade Commission, which is the competent supervisory body under the Privacy Shield.

In compliance with the Privacy Shield Principles, Trintech commits to resolve complaints about our collection or use of your personal information. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Trintech at privacy@trintech.com.

Trintech has further committed to refer unresolved Privacy Shield complaints to JAMS, an

alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please visit https://www.jamsadr.com/ for more information or to file a complaint. The services of JAMS are provided at no cost to you.

Trintech commits to cooperate with EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) and comply with the advice given by such authorities with regard to human resources data transferred from the EU and Switzerland in the context of the employment relationship.

Where a complaint cannot be resolved by any of the before mentioned recourse mechanisms, individual customers of Customer have a right to invoke binding arbitration under the Privacy Shield Panel as recourse mechanism of ’last resort’.

  1. Limitations

Trintech’s adherence to the EU-U.S. and Swiss-U.S. Privacy Shield Principles may be limited (a) to the extent necessary to meet applicable national security, public interest, or law enforcement requirements, e.g. in the course of lawful requests by public authorities (b) by statute, government regulation, or case law that creates conflicting obligations or explicit authorizations, provided that, in exercising any such authorization, an organization can demonstrate that its non-compliance with the Principles is limited to the extent necessary to meet the overriding legitimate interests furthered by such authorization; or (c) if the effect of the Directive or Member State law is to allow exceptions or derogations, provided such exceptions or derogations are applied in comparable contexts.

  1. Contact Information

Questions or comments regarding this Policy should be submitted to Trintech by mail or e-mail as follows:

ATTN: Legal

Trintech Inc.

Phone:  +1972-739-1640

E-Mail:  privacy@trintech.com

Should your complaint not be resolved by Trintech, you may also submit any unresolved complaints to your EU Member State Data Protection Authority (DPA) or the Swiss Federal Data Protection and Information Commissioner.

 Changes to this Policy

This Policy may be amended from time to time, consistent with the requirements of the EU-U.S. or Swiss-U.S. Privacy Shield principles. Appropriate public notice will be given concerning such amendments.

Effective Date: August 21, 2017.

Revision: July 16, 2021.

EUROPEAN UNION SUPPLEMENT

If you are a resident of the EEA or a resident of the United Kingdom (“UK”) or a resident of Switzerland, this Supplement explains what personal data we collect about you, how it is used, with whom it is shared, and rights you may exercise in relation to your personal data.

  1. Legitimate Interest

We may process your personal data for the purposes of our legitimate interests, provided that such processing does not outweigh your rights and freedoms. Where we rely on legitimate interests, you have the right to object. Please keep in mind that if you object this may affect our ability to perform certain services for your benefit. We process your personal data based on legitimate interests in order to:

    • Protect you, us, or others from security threats by enhancing the security of our network and information systems;
    • Identify and prevent fraud;
    • Comply with applicable laws and industry regulations; and
    • Enable or administer our business and to provide services thereunder.
  1. Other Legal Bases for Processing Personal Data

We will only collect and process personal data about you where we have a legal basis. Other than legitimate interests, legal bases include consent (where you have given consent), contract (where processing is necessary for entering into or the performance of a contract with you and the provision of personal data is required for that contract), and compliance with a legal obligation. Where we rely on consent, you retain the right to withdraw consent at any time.

  1. Data Subject Rights

You can also exercise the following rights:

Deletion You can ask to erase or delete all or some of your personal data.

Object to, or Limit or Restrict, Use of Data. You can ask to stop using all or some of your personal data (e.g., if there is no legal right to keep using it) or to limit use of it (e.g., if your personal data is inaccurate or unlawfully held).

Access Your Data. You can ask for a copy of your personal data provided in a machine-readable form.

If we have collected and processed your personal data with your consent, then you can withdraw your consent at any time.

  1. Automated Decision-Making

We do not make use of automated decision-making. As defined under current data protection laws, automated decisions are defined as decisions about individuals that are based solely on the automated (i.e., no human involvement) processing of data and that produce legal effects or that significantly affect the individuals involved.

  1. Retention Period

We retain the personal data that we collect from you where we have an ongoing legitimate business need to do so (for example, to provide services or to comply with an applicable legal requirement).

  1. Complaint

You have the right to register a complaint with a European data protection or supervisory authority about our collection and use of your personal information. For more information, please contact your local data protection authority.

Effective Date: August 21, 2017.
Revision: July 16, 2021.