Last Updated: January 21, 2020
8 Market Place
Baltimore, MD 21202
Attn: Privacy Team
3. A Note About Children. We do not intentionally gather Personal Data from visitors who are under the age of 13. If we discover that a child under 13 has submitted Personal Data to Privva, we will attempt to delete the information as soon as possible. If you believe that we might have any Personal Data from a child under 13, please contact us at firstname.lastname@example.org.
4. A Note to Users Outside of the United States. Your Personal Data may be processed in the country in which it was collected and in other countries, including the United States, where laws regarding the processing of Personal Data may be less protective than the laws in your country. By providing your data, you consent to such processing and transfer.
5. Types of Data We Collect. “Personal Data” means data that, by itself, allows someone to identify or contact you as an individual, company, or your employer including, for example, name, address, telephone number, e-mail address, as well as any other non-public information about you that is associated with or linked to any of the foregoing data. “Anonymous Data” means data that does not, by itself, permit the identification of individual persons and that is not associated with or linked to Personal Data. We collect Personal Data and Anonymous Data, as described below.
(a) Information You Provide to Us.
· We may collect your first name, last name, organization name, e-mail address, phone number, and password when you create an account to log in to our Services (“Account”).
· If you are creating a security risk assessment questionnaire (“Assessment”), we collect any Personal Data you provide in your questions.
· If you are a vendor responding to an Assessment, we collect any Personal Data you provide in your survey response.
· If you subscribe to our e-mail newsletter, we will collect your e-mail address.
· If you provide us feedback or contact us via e-mail, we will collect your name and e-mail address, as well as any other content included in your e-mail to us, in order to send you a reply.
· We may also collect Personal Data at other points in our Site or Services that state that Personal Data is being collected.
(b) Information Collected via Technology.
· Information Collected by Our Servers. To make our Site and Services more useful to you, our servers (which may be hosted by a third-party service provider) may collect information from your computer or device, including but not limited to:
o The date and time of your visit and the web pages and content you view and links you click on while navigating within our Services;
o Information about the type of content accessed via our Services;
o The site you visited before and after visiting our Site;
o Your Internet Protocol (IP) address (a numerical address assigned to your computer by your Internet service provider so that other computers connected to the Internet can communicate with your browser online) that can sometimes be used to derive your general geographic area;
o Search terms you enter using our Services or on a referral site;
o Unique identifiers, including non-global mobile device identification numbers;
o Information about your device such as your device type, screen size, browser type, language and other settings, memory capacity, plug-ins, Internet domain, TCP configuration parameters, operating system, carrier code, time zone and the names, versions and package IDs of software installed on your device; and
o Information collected through cookies and other tracking technologies (see additional descriptions of these terms below).
· Do Not Track. We do not currently respond to “do not track” signals from web browsers.
The following two items apply only to Privva.com. Our software application does not use any third party analytics or tracking.
6. Use of Your Personal Data
(a) General Use. In general, Personal Data you submit to us is used either to respond to requests that you make, aid us in serving you better, or improve our Site and Services. We and our authorized service providers may use your Personal Data in various ways, including to:
• facilitate the creation of and secure your Account on our network;
• identify you as a user in our system;
• provide our Services;
• provide improved administration of our Site and Services;
• measure and analyze audience traffic and improve the quality of your experience when you interact with our Site and Services;
• send you a welcome e-mail to verify ownership of the e-mail address provided when your Account was created;
• send you administrative e-mail notifications, such as security, or support and maintenance advisories;
• respond to your inquiries related to employment opportunities or other requests;
• display and/or send surveys, newsletters, and other promotional materials;
• help recognize you as a previous visitor and save and remember your preferences and settings and deliver to you appropriate interest-based content;
• prevent potentially prohibited or illegal activities, comply with applicable law and enforce our Terms of Service; and
• for any other purposes disclosed to you at the time we collect your information or pursuant to your consent.
(b) User Testimonials and Feedback. We often receive testimonials and comments from users who have had positive experiences with our Services. We occasionally publish such content. We obtain the user’s consent prior to posting his or her Personal Data along with the testimonial.
(c) Creation of Anonymous Data. We may create Anonymous Data records from Personal Data by excluding information (such as your name) that makes the data personally identifiable to you. We reserve the right to use Anonymous Data for any purpose and disclose Anonymous Data to third parties in our sole discretion.
(a) Users. If you are creating or reviewing an Assessment, your Personal Data will be disclosed to the vendor responding to the Assessment. In addition, any Personal Data provided in your questions will also be disclosed to the vendor. If you are vendor responding to an Assessment, your Personal Data will be disclosed to the organization which used the Services to send the Assessment to you. In addition, any Personal Data you provided in your responses will also be disclosed to such organization.
(b) Third-Party Service Providers. We may share your Personal Data with third-party service providers that conduct quality assurance testing, facilitate creation of accounts, provide technical support, and/or provide other services to Privva.
9. Your Choices Regarding Information. You have several choices regarding the use of information on our Service:
(c) Google Analytics. You may prevent your data from being collected and used by Google Analytics by opting out through the use of the Google Analytics Opt-out Browser Add-on available at https://tools.google.com/dlpage/gaoptout/.
(d) Changing or Deleting Your Personal Data. You may change any of your Personal Data in your Account by editing your Personal Data within your Account or by sending an e-mail to us at email@example.com. However, we request you do not share passwords via email. You should make any changes related to your password directly in your Account. You may request deletion of your Personal Data by us, and we will use commercially reasonable efforts to honor your request, but please note that we may be required to keep such information and not delete it (or to keep this information for a certain time, in which case we will comply with your deletion request only after we have fulfilled such requirements). When we delete any information, it will be deleted from the active database, but may remain in our archives. We may also retain your information for fraud prevention or similar purposes.