Idera Inc., together with its United States subsidiaries, Assembla, Inc., AquaFold, Inc., CodeGear LLC, Embarcadero Technologies, Inc., Lansa, Inc., Precise Software Solutions, Inc., Ranorex, Inc., Sencha, Inc., Travis CI Corporation, Uptime Software, Inc., Webyog, Inc., WhereScape USA, Inc. and Whole Tomato Software, LLC (collectively, the “Company”), is committed to respecting and protecting the privacy of our customers, partners, webinars attendees and website visitors. Specifically, we do not sell, rent or trade email lists with other companies for marketing purposes. In this Privacy Statement we describe the Company’s privacy practices in relation to the use of the Company’s Websites (as defined below) and the related applications, services, products and programs offered by the Company (collectively, “Services”), as well as individuals’ choices regarding use, access and correction of personal information.
If you have questions or complaints regarding the Company’s Privacy Statement or associated practices, please contact us at compliance@idera.com.
1. Websites covered
This Privacy Statement covers the information practices, including how the Company collects, uses, shares and secures the personal information you provide to websites that link to this Privacy Statement, which are the following websites www.idera.com; www.assembla.com; www.aquafold.com; www.embarcadero.com; www.lansa.com; www.ranorex.com; staging.sencha.com, www.travis-ci.org, www.webyog.com, www.wherescape.com and www.wholetomato.com (collectively referred to as the “Websites”).
2. Collection of Personal Information
Personal information means any information that may be used to identify you, such as, your name, title, phone number, email address, or mailing address.
In general, you can browse our website without giving us any personal information. We use web analytics software to analyze traffic to this web site in order to understand our customer’s and visitor’s needs and to continually improve our site for them. This software collects only anonymous, aggregate statistics.
If you want to subscribe to a periodic communication such as a newsletter, we ask you to simply provide your business email address (“Optional Information”). Additional activities on our site may require you to be registered, for example, to read a white paper, download trial or free software, when you express an interest in obtaining additional information about the Services or register for an event. As part of the registration process, we may ask you for additional personal information, such as name, company name, address, phone number, and email address (“Required Information”). We use that information for several general purposes: to tell you about products and services if you so request, to fulfill your request, to contact you if we need to obtain or provide additional information; to verify the accuracy of our records, to contact you regarding customer satisfaction surveys.
For our downloadable software products, as part of the Required Information, on installation and execution, some of our products may send the Company certain information for software updates, auditing and license compliance verification, including product version and edition, number of copies of the product in use by licensee, machine IDs, IP address of the device, license key, information about the operation system and/or environment where the product is installed, serial numbers and other related information, for example, applicable to products such as RAD Studio, Delphi, C++Builder and Sencha EXT JS. Solely for our software as a service products, as part of the Required Information and in order to provide the Services to you, we store all the content you provide, including but not limited to accounts created for team members, files, pictures, project information, and any other information that you provide to the Services you use.
When purchasing Services or registering for an event, the Company may also require you to provide your billing information, such as billing name and address, credit card number (“Billing Information”). Some activities require additional personal information. For example, to fulfill online orders for products, we require you to enter credit card information, and you have the option to provide a separate shipping address. When visitors of the Company Website apply for a job with the Company, the Company may also require you to submit additional personal information as well as a resume or curriculum vitae (“Applicant Information”). Required Information, Optional Information, Billing Information, Applicant Information and any other information you submit to the Company through the Services or information provided to you by the Company through your use of the Services (e.g. license key) are referred to collectively as “Data.”
As you navigate the Company’s website, the Company may also collect information through the use of commonly-used information-gathering tools, such as cookies and Web beacons. Website Navigational Information as defined in Section 7 below, includes standard information from your Web browser (such as browser type and browser language), your Internet Protocol (“IP”) address, and the actions you take on Idera’s web pages viewed and the links clicked). For additional information about the collection of Website Navigational Information by Idera and others, please see Section 7 below.
3. Use of Personal Information and The Legal Bases on Which We Rely
Providing our Websites and Services. The Company uses Data about the Company’s customers to perform the Services requested and fulfill its obligations under applicable terms of use/service and for the use of its Websites; where you have not entered into a contract with the Company, we base the processing of your Data on our legitimate interest to operate and administer our Websites and to provide you with the content you access and request. For example, to download content from our Websites or if you fill out one of our web forms, the Company will use the information provided to contact you about your interest in the Services.
Managing user registrations. If you have registered for an account with us, we process your Data by managing your user account for the purpose of performing our contract with you according to applicable terms of service;
Promoting the security of our Websites and Services. The Company processes your Data by tracking use of its Websites and Services, creating aggregated, non-personal data, verifying accounts and activity, investigating suspicious activity and enforcing our terms and policies, to the extent this is necessary for our legitimate interest in promoting the safety and security of the services, systems and applications and in protecting our rights and the rights of others. For example, to check for license compliance validation either using the license key or your account details. Some software products can also use license information to inform you of the availability of applicable updates.
Developing and improving our Websites and Services. We process your Data to analyze trends and to track your usage of and interactions with our Websites and services to the extent it is necessary for our legitimate interest in developing and improving our Websites and services and providing our users with more relevant content and service offerings, or where we seek your valid consent.
Handling contact and user support requests. If you fill out one of our web forms or request user support, or if you contact us by other means including via a phone call, we process your Data to perform our contract with you and to the extent it is necessary for our legitimate interest in fulfilling your requests and communicating with you;
Reviewing compliance with applicable usage terms. We process your Data to review compliance with the applicable usage terms in our customer’s contract to the extent that it is in our legitimate interest to ensure adherence to the relevant terms.
Assessing and improving user experience. The Company processes device and usage data as described in Section 7 below, which in some cases may be associated with your Data, in order to analyze trends, assess and improve the overall user experience to the extent it is necessary for our legitimate interest in developing and improving the service offering, or where we seek your valid consent. In addition, the Company uses Website Navigational Information to operate and improve the Company’s Websites. The Company may also use Website Navigational Information alone or in combination with Data about customers and Data about webinar attendees to provide personalized information about the Company. For additional information about the use of Website Navigational Information, please see the Section 7 below.
Managing event registrations and attendance. The Company also uses Data about webinars attendees to plan and host corporate events, host online forums and social networks in which you have registered or that may participate, including sending related communications to you, to perform our contract with you. Additional information on the Company’s privacy practices with respect to Data about webinars attendees may be found in additional privacy statements on the event Websites, as the case may be. The Company may also use Data about customers and webinar attendees for marketing purposes. For example, the Company may use information you provide to contact you to further discuss your interest in the Services and to send you information about the Company and its affiliates product recommendations related to our contract with you or your interest. The Company may also receive information about customers and attendees from other sources, including third parties from whom we have purchased data, and combine this information with Data we already have about you.
Managing contests or promotions. If you register for a contest or promotion, we process your Data to perform our contract with you. Some contests or promotions have additional rules containing information about how we will process your Data.
Developing and improving our Websites and Services. We process your Data to analyze trends and to track your usage of and interactions with our Websites and Services to the extent it is necessary for our legitimate interest in developing and improving our Websites and Services and providing our users with more relevant content and service offerings, or where we seek your valid consent.
Assessing capacity requirements. The Company processes your Data to assess the capacity requirements of its services to the extent that it is in its legitimate interest to ensure that it is meeting the necessary capacity requirements of its service offerings.
Identifying customer opportunities. The Company processes your Data to assess new potential customer opportunities to the extent that it is in its legitimate interest to ensure that it is meeting the demands of its customers and their users’ experiences.
Displaying personalized advertisements and content. We process your Data to conduct marketing research, advertise to you, provide personalized information about us on and off our websites and to provide other personalized content based upon your activities and interests to the extent it is necessary for our legitimate interest in advertising our websites or, where necessary, to the extent you have provided your prior consent, which can be withdraw at any time without having to provide any specific reason for such objection.
Sending marketing communications. We will process your Data to send you marketing information, product recommendations and other non-transactional communications (e.g., marketing newsletters, telemarketing calls, SMS, or push notifications) about us and our affiliates and partners, including information about our products, promotions or events as necessary for our legitimate interest in conducting direct marketing or to the extent you have provided your prior consent, which can be withdraw at any time without having to provide any specific reason for such objection.
Managing payments. If you have provided financial information to us, the Company processes your Data to verify that information and to collect payments to the extent that doing so is necessary to complete the transaction and perform our contract with you.
Complying with legal obligations. We process your Data when cooperating with public and government authorities, courts or regulators in accordance with our legal obligations under applicable laws to the extent this requires the processing or disclosure of Data to protect our rights or is necessary for our legitimate interest in protecting against misuse or abuse of our websites, protecting personal property or safety, pursuing remedies available to us and limiting our damages, complying with judicial proceedings, court orders or legal processes or to respond to lawful requests.
Where the Company needs to collect and process Data by law, or under a contract that it has entered into with you, and you fail to provide the required Data when requested, the Company may not be able to perform its contract with you.
4. Disclosure of Personal Information
Business Partners.
From time to time, the Company may partner with other companies to jointly offer products, services or programs (such as webinars or downloadable content) such as our channel partners to fulfill product trials and information requests, and provide customers and prospective customers with information about the Company and its products. To do this, we may pass your information to them for that purpose only, and they are prohibited from using that information for any other purpose. The Company does not share Data about the Company attendees with business partners unless: (1) you specifically opt in to such sharing via an event registration form; or (2) you attend a Company event and allow the Company or any of its business partners to scan your attendee badge. If you do not wish for your information to be shared in this manner, you may choose not to opt in via event registration forms and elect not to have your badge scanned at Company events. If you choose to share your information with business partners in the manners described above, your information will be subject to the business partners’ respective privacy statements. The Company sometimes hires vendor companies to provide limited services on our behalf, including packaging, mailing and delivering items, sending postal mail, providing technical support, and processing event registrations. We provide those companies only the information they need to deliver the service, and they are prohibited from using that information for any other purpose.
Third Parties.
Section 7 of this Privacy Statement, Website Navigational Information, specifically addresses the information we or third parties collect through cookies and web beacons, and how you can control cookies through your Web browser. We may also disclose your personal information to any third party with your prior consent.
Service Providers.
The Company may share Data about the Company website visitors, customers and webinar attendees with the Company’s contracted service providers so that these service providers can provide services on our behalf. These service providers are authorized to use your personal information only as necessary to provide the requested services to us. Without limiting the foregoing, the Company may also share Data about the Company website visitors, customers and webinar attendees with the Company’s service providers to ensure the quality of information provided, and with third–party social networking and media websites, such as Facebook, for marketing and advertising on those websites. Unless described in this Privacy Statement, the Company does not share, sell, rent, or trade any information with third parties for their promotional purposes.
Billing.
The Company uses a third-party service provider to manage credit card processing. This service provider is not permitted to store, retain, or use Billing Information except for the sole purpose of credit card processing on the Company’s behalf.
Company Affiliates.
The Company may share Data about the Company’s customers with Idera corporate group and companies that we acquire in the future when they are made part of the Idera corporate group, to the extent such sharing of data is necessary to fulfill a request you have submitted via our Websites or for customer support, marketing, technical operations and account management purposes. A list of companies currently within the Idera corporate group is available at https://www.ideracorp.com/brands. The data protection laws in certain countries may be more or less extensive than laws in the country in which you are located. However, Idera and its offices and subsidiaries are governed by this Privacy Statement and will use your personal information only as set forth in this Privacy Statement.
Compelled Disclosure.
The Company may also disclose your personal information if required to do so by law or in the good faith belief that such action is necessary in connection with a sale, merger, transfer, exchange or other disposition (whether of assets, stock or otherwise) of all or a portion of a business of the Company and/or its subsidiaries or to (1) conform to legal requirements or comply with legal process served on the Company or this website; (2) protect and defend the rights or property of the Company and this website; (3) enforce its agreements with you, or (4) act in urgent circumstances to protect personal safety or the public. In individual instances, the Company may also share with professional advisers acting as processors or joint controllers including lawyers, bankers, auditors and insurers based in countries in which we operate who provide consultancy, banking, legal, insurance and accounting services, and to the extent we are legally obliged to share or have a legitimate interest in sharing your Data.
Any Data or other information you choose to submit in communities, forums, blogs or chat rooms on our Websites may be read, collected and used by others who visit these forums, depending on your account settings.
5. Children and Privacy
The Company Websites do not offer information intended to attract children. The Company does not knowingly solicit personal information from children under the age of 16.
6. Security of Personal Information
The Company take precautions including organizational, technical and physical measures to help safeguard against the accidental or unlawful destruction, loss, alteration and unauthorized disclosure of, or access to, the Data we process or use. For example, when you submit any form requiring registration, we use a secure server. The secure server software (SSL) helps protect your information as it travels over the Internet by encrypting that information before it is sent to us. Please note that while we have implemented industry-standard security mechanisms and procedures to protect data from loss, misuse and unauthorized access, disclosure, alteration and destruction, no method of storage or transmission is 100% secure. You are solely responsible for protecting your password, limiting access to your devices and signing out of websites after your sessions.
7. Use of Cookies, Usage Data
Cookies, Web Beacons and IP Addresses.
The Company uses commonly-used information-gathering tools, such as cookies and Web beacons, to collect information as you navigate the Company’s Websites (“Website Navigational Information”). As described more fully below, we and our partners use these cookies or similar technologies to analyze trends, administer Websites and Services, track users’ movements around our Websites and Services, serve targeted advertisements and gather demographic information about our user base as a whole. This section describes the types of Website Navigational Information used on the Company’s Websites and Services, and how this information may be used.
Log Files, IP Addresses, URLs and Other Data.
As is true of most Company Websites, we gather certain information automatically to analyze trends in the aggregate and administer the Company’s Websites and Services. This information may include your Internet Protocol (IP) address (or the proxy server you use to access the World Wide Web), device and application identification numbers, your location, your browser type, your Internet service provider and/or mobile carrier, the pages and files you viewed, your searches, your operating system and system configuration information, and date/time stamps associated with your usage. Due to Internet communications standards, when you visit or use the Company’s Websites and Services, we automatically receive the URL of the website from which you came and the website to which you go when you leave our Website. This information is used to analyze overall trends, to help us improve our Websites and Services, to track and aggregate non-personal information, and to provide the Websites and Services. For example, the Company uses IP addresses to monitor the regions from which customers and website visitors navigate the Company’s Websites. The Company also collects IP addresses from customers when they log into the Services as part of the Company’s “Identity Confirmation” and “IP Range Restrictions” security features.
Cookies
The Company uses cookies to make interactions with the Company’s Websites easy and meaningful. When you visit one of the Company’s Websites, the Company’s servers send a cookie to your computer or device. Standing alone, cookies do not personally identify you; they merely recognize your Web browser. Unless you choose to identify yourself to the Company, either by responding to a promotional offer, opening an account, or filling out a Web form (such as a “Request a Demo” or a “Request a Quote” Web form) or have previously identified yourself to the Company, you remain anonymous to the Company. The Company uses cookies that are session-based and persistent-based. Session cookies exist only during one session. They disappear from your computer or device when you close your browser software or turn off your computer. Persistent cookies remain on your computer or device after you close your browser or turn off your computer. You can control the use of cookies at the individual browser level, but if you choose to disable cookies, it may limit your use of certain features or functions on the Company’s Websites or Services.
The following sets out how the Company uses different categories of cookies.
Required Cookies:
Required cookies enable you to navigate the Company’s Websites and use its features, such as accessing secure areas of the Websites and using the Company Services.
If you have chosen to identify yourself to the Company, the Company may place on your browser cookies containing an encrypted, unique identifier. These cookies allow the Company to uniquely identify you when you are logged into the Company’s Websites and Services and to process your online transactions and requests. Therefore, there is no option to opt out of these cookies because they are essential to operate the Websites.
Functionality Cookies:
Functionality cookies allow the Company’s Websites and Services to remember information you have entered or choices you make (such as your username, language, or your region) and provide enhanced, more personal features. These cookies also enable you to optimize your use of the Company’s Websites and Services after logging in. These cookies can also be used to remember changes you have made to text size, fonts and other parts of web pages that you can customize. Functional cookies may also be used to improve how the Company’s Websites and Services function and perform, to enhance and customize your interactions with the Company, and to help us provide you with more relevant messages, including marketing communications. These cookies collect information about how website visitors use our Websites and Services, including which pages visitors go to most often and if they receive error messages from certain pages. The Company may use its own technology (under the Company brand name or an affiliated brand name) or third parties to track and analyze usage and volume statistical information from website visitors, attendees, and customers, to provide enhanced interactions and more relevant communications, and to track the performance of the Company’s advertisements. The Company and its third-party partners may also utilize HTML5 local storage or Flash cookies for these purposes. Flash cookies and HTML local storage are different from browser cookies because of the amount of, type of, and how data is stored. The Company also uses Flash cookies, to store your preferences or display content based upon what you view on the Company Websites and Services to personalize your visit. In particular, we use Google Analytics (“Google Analytics”), a web analytics service provided by Google, Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google Analytics uses cookies to help us analyze how our websites are used, including the number of visitors, the websites from which visitors have navigated to our websites, and the pages on our websites to which visitors navigate. This information is used by us to improve the Company’s Websites. To opt out from data collection by Google Analytics, you can download and install a browser add-on, which is available at https://tools.google.com/dlpage/gaoptout?hl=en. To learn how to control cookies via your individual browser settings, visit https://www.aboutcookies.org . To learn how to manage privacy and storage setting for Flash cookies, visit https://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager.html#117118 . Note that opting out of functional cookies may impact the functionality of our Websites and degrade your user experience.
Targeting or Advertising Cookies:
The Company sometimes uses cookies delivered by third parties to show you ads for the Company products and services that we think may interest you on any devices you may use and to track the performance of the Company advertisements. For example, in these cases, cookies remember information such as which browsers have visited the Company’s Websites. The information provided to third parties does not include personal information, but this information may be re-associated with personal information after the Company receives it. If the Company is using one of its own cookie-related products on our own Website, then a cookie related to ads may appear on our Website under the Company or one of our affiliated company’s name. The Company also contracts with third-party advertising networks that collect IP addresses and other information from Web beacons (see below) on the Company’s Websites and Services, from emails, and on third-party Websites. Ad networks follow your online activities over time and across different sites or other online services by collecting Website Navigational Information through automated means, including through the use of cookies. These technologies may recognize you across the different devices you use, such as a desktop or laptop computer, smartphone or tablet. Third parties use this information to provide advertisements about products and services tailored to your interests. You may see these advertisements on other Websites or mobile applications on any of your devices. This process also helps us manage and track the effectiveness of our marketing efforts. Third parties, with whom the Company partners to provide certain features on our Websites or to display advertising based upon your Web browsing activity, use Flash cookies to collect and store information. Flash cookies are different from browser cookies because of the amount of, type of, and how data is stored. To manage the use of targeting or advertising cookies on the Websites, consult your individual browser settings for cookies. To lear how to manage privacy and storage settings for Flash cookies, click https://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager.html#117118 . Various browsers may also offer their own management tools for removing HTML5 local storage.
Do Not Track.
Currently, various browsers — including Internet Explorer, Firefox, and Safari — offer a “do not track” or “DNT” option that relies on a technology known as a DNT header, which sends a signal to Websites’ visited by the user about the user’s browser DNT preference setting. The Company does not currently commit to responding to browsers’ DNT signals with respect to the Company’s Websites, in part, because no common industry standard for DNT has been adopted by industry groups, technology companies or regulators, including no consistent standard of interpreting user intent. The Company takes privacy and meaningful choice seriously and will make efforts to continue to monitor developments around DNT browser technology and the implementation of a standard.
Usage Data.
As it is true of most websites, we gather certain information automatically in connection with the use of the Website by individual users. This information may include IP address, device and application identification numbers, browser type, location, the pages and files viewed, operating system and system configuration information and date/time stamps associated with your usage. This information is used to analyze overall trends, to help us provide and improve our Websites and to guarantee their security and continued proper functioning. In addition, we gather certain information automatically as part of your use of the Company cloud products and services, specifically for Assembla and Travis CI entities. This information may include IP address (or proxy server), device and application identification numbers, location, browser type, internet service provider, the pages and files viewed, searches and other actions you take, operating system and system configuration information and date/time stamps associated with your usage. This information is used to maintain the security of the Services, to provide necessary functionality, as well as to improve performance of the Services, to assess and improve customer and user experience of the Services, to review compliance with applicable usage terms, to identify future opportunities for development of the Services, to assess capacity requirements, to identify customer opportunities and for the security of the Company generally (in addition to the security of our products and Services). Some of the device and usage data collected within the Services, whether alone or in conjunction with other data, could be personally identifying to you. Please note that this usage data is primarily used for the purposes of identifying the uniqueness of each user logging on (as opposed to specific individuals), apart from where it is strictly required to identify an individual for security purposes or as required as part of our provision of the Services to our customers (where we act as a processor).
8. Links to Other Websites and Public Forums
Our Websites contain links to information on other websites. We do not have any control over these other websites, and therefore we cannot be responsible for the protection and privacy of any information that you provide while visiting those websites. Those websites are not governed by this Privacy Policy, and if you have questions about how a website uses your information, consult that website’s privacy statement. Portions of this website may also make chat rooms, forums, message boards, and/or news groups available to visitors. Please remember that any information that is disclosed in these areas becomes public information and exercise caution when deciding to disclose any personal information.
9. For EU and UK Individuals: Your Rights Under GDPR
If you reside or otherwise find yourself in the territory of Europe or in the UK, we are committed to facilitate the exercise of your rights granted by the EU General Data Protection Regulation and any applicable UK data protection regulation. Otherwise, you can contact us at compliance@idera.com at any time to discuss your privacy concerns. Privacy rights under the EU General Data Protection Regulation include:
Transparency and the right to information. Through this policy we explain how we use and share your information. However, if you have questions or concerns you can contact us any time.
Right of access, objection, restriction of processing, erasure, and portability. You also have the right to withdraw your consent at any time when we process your personal data based on your consent. To exercise these rights, please contact us. Requests to access, change, or delete your information will be addresses within a reasonable timeframe. Please note that if you have registered for an account with the Company, you may generally update your user settings, profile, organization’s settings or event registration by logging into the applicable website or Services with your username and password and editing your settings or profile.
Right to opt-out to direct marketing. You have the right to opt-out at any time to receiving marketing materials from us by following the opt-out instructions in our commercial emails, by contacting us, or by adjusting your preferences under your profile details on the Company Websites. Please note that we reserve the right to send you other communications, including service announcements and administrative messages relating to your account, without offering you the opportunity to opt out of receiving them.
Right not to be subject to an automated decision, including profiling. We do not make automated decisions using your Data in our Websites or in our Services. We use cookies and similar technologies on our Company Websites to personalize your experience on the Company Websites and recommending software products and services that may be of interest to you. For additional information see Section 7 above.
Right to lodge a complaint with a supervisory authority. If you consider that the processing of your personal data infringes your privacy rights according to the General Data Protection Regulation, you have the right to lodge a complaint with a supervisory authority, in the member state of your habitual residence, place of work, or place of the alleged infringement. Contact details for the EU data protection authorities can be found at https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm.
10. For EU, UK and Swiss Individuals: Privacy Shield Notice for Personal Data Transfers to the United States
The Company’s Services comply with the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union, the United Kingdom and Switzerland to the United States in reliance on Privacy Shield. The Company has certified to the Department of Commerce that the Services adheres to the Privacy Shield Principles with respect to such information. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield principles, please visit https://www.privacyshield.gov/.
Pursuant to the Privacy Shield Frameworks, EU, UK and Swiss individuals have the right to obtain our confirmation of whether we maintain personal information relating to you in the United States. Upon request, we will provide you with access to the personal information that we hold about you. You may also correct, amend, or delete the personal information we hold about you. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the United States under Privacy Shield, should direct their query to compliance@idera.com. If requested to remove data, we will respond within a reasonable time frame.
We will provide an individual opt-out or opt-in choice before we share your data with third parties other than the parties listed in this Privacy Statement, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your personal information, please submit a written request to compliance@idera.com.
The Company’s accountability for personal data that it receives in the United States under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, the Company remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process the personal data on its behalf do so in a manner inconsistent with the Privacy Shield Principles, unless the Company proves that it is not responsible for the event giving rise to the damage.
In compliance with the Privacy Shield Principles, the Company commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to Privacy Shield. European Union, United Kingdom, and Swiss individuals with Privacy Shield inquiries or complaints should first contact the Company at compliance@idera.com. The Company has further committed to refer unresolved Privacy Shield complaints covering non-Human Resource data under the Privacy Shield Principles to BBB EU Privacy Shield, an alternative dispute resolution provider located in the United States. If you do not receive a timely acknowledgement of your complaint from us, or if we have not addressed your complaint to your satisfaction, please visit https://www.bbb.org/EU-privacy-shield/for-eu-consumers for more information or to file a complaint. The services of BBB EU Privacy Shield are provided at no cost to you.
Please note that the Company also receives some data via other compliance mechanisms, including data processing agreements based on the EU Standard Contractual Clauses.
If your complaint involves human resources data transferred to the United States from the EU, UK and/or Switzerland in the context of the employment relationship, and the Company does not address it satisfactorily, the Company commits to cooperate with the panel established by the EU data protection authorities (DPA Panel), the UK DPA Panel and/or the Swiss Federal Data Protection and Information Commissioner, as applicable and to comply with the advice given by the DPA panel and/or Commissioner, as applicable with regard to such human resources data. To pursue an unresolved human resources complaint, you should contact the state or national data protection or labor authority in the appropriate jurisdiction. Complaints related to human resources data should not be addressed to the BBB EU PRIVACY SHIELD.
Contact details for the EU data protection authorities can be found at http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm
For more information about Idera Human Resource data and the Human Resource Privacy Policy, please contact humanresources@idera.com. As an employee, you can always review Idera Human Resource Privacy Policy here .
If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction.
The Company is subject to the investigatory and enforcement powers of the US Federal Trade Commission. The Company may be required to disclose personal information that we handle under the Privacy Shield in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
11. Your California Privacy Rights
California Civil Code Section 1798.83 permits California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please email compliance@idera.com .
12. How to Exercise Your Rights
To exercise your rights, please contact us by using the information in the “Contacting us” section 17 below. We try to respond to all legitimate requests within one month and will contact you if we need additional information from you in order to honor your request. Occasionally it may take us longer than a month, taking into account the complexity and number of requests we receive. If you are an employee of the Company customer, we recommend you contact your company’s system administrator for assistance in correcting or updating your information. Some registered users may update their user settings, profiles, organization settings and event registrations by logging into their accounts and editing their settings or profiles.
As described above, we may also process Data submitted by or for a customer to our cloud products and services. To this end, if not stated otherwise in this Privacy Statement or in a separate disclosure, we process such Data in the role of a mere processor on behalf of a customer (and/or its affiliates) who is the responsible controller of the Data concerned. We are not responsible for and have no control over the privacy and data security practices of our customers, which may differ from those set forth in this Privacy Statement. If your data has been submitted to us by or on behalf a Company customer and you wish to exercise any rights you may have under applicable data protection laws, please inquiry with the applicable customer directly. Because we may only access a customer’s data upon instruction from that customer, if you wish to make your request directly to us, please provide to us the name of the Company customer who submitted your data to us. We will refer your request to that customer, and will support them as needed in responding to your request within a reasonable timeframe.
13. Retention Periods and Deletion
The Company retains your personal information to the extent necessary to reasonably serve customer relations, to meet our compliance and legal obligations, to enhance security and fraud prevention, and for audit purposes. For example, we may retain your information during the time in which you have an account to use our Website or Services and for a reasonable period of time afterward. We may also retain your information during the period of time needed for the Company to pursue our legitim business interest, conduct audits, comply with our legal obligations, resolve disputes and enforce our agreements. We determine the appropriate retention period for the Data on the basis of the amount, nature and sensitivity of your Data processed, the potential risk of harm from unauthorized use or disclosure of your Data and whether we can achieve the purposes of the processing through other means, as well as on the basis of applicable legal requirements (such as applicable statutes of limitation).
When you decide to delete certain information in your account, we will fulfill your request and update this information on our platform. We will also notify third parties that we authorized the use and share that content of your request.
14. Unsubscribe
You may manage your receipt of marketing and non-transactional communications by clicking on the “unsubscribe” link located on the bottom of the Company’s marketing emails. Additionally, you may unsubscribe here or by contacting us at any time at compliance@idera.com . Please note that opting out of marketing communications does not opt you out of receiving important business communications related to your current relationship with us, such as communications about your subscriptions or event registrations, service announcements or security information.
15. Information about International Transfers
The Company primarily stores Data about the Company’s customers and Data about attendees in the United States. To facilitate the Company’s global operations, the Company may transfer and access such information from around the world, including from other countries in which the Company has operations. A list of the Company’s global offices is available at http://www.ideracorp.com/contactus. This Privacy Statement shall apply even if the Company transfers Data about the Company customers or Data about attendees to other countries.
Your Data may be collected (e.g. if you are visiting our Websites), transferred to and stored by us in the United States and by our affiliates in other countries where we operate. The data protection and other laws of the United States and other countries might not be as comprehensive as those in your country, but please be assured that the Company does take steps pursuant to the laws in the United States to ensure that your privacy is protected. In this event, we will ensure that the recipient of your Data offers an adequate level of protection, for instance by entering into standard contractual clauses for the transfer of data as approved by the European Commission (Art. 46 GDPR) or by ensuring the recipient is self-certify under the EU-US Privacy Shield, which you can read more about in section 10 above. By visiting our Website or using our Services, you understand that your information will be transferred to our facilities and those third parties with whom we share it as described in this Privacy Policy.
16. Changes to this Privacy Statement
The Company reserves the right to change this Privacy Statement from time to time to reflect changes in our practices, technologies, legal requirements and other factors. If we do, we will update the “effective date” at the top of this Privacy Statement. If we make a material update, we may provide you with notice prior to the update taking effect, such as by posting a conspicuous notice on our website or by contacting you using the email address you provided.
We encourage you to periodically review this Privacy Statement to stay informed about our collection, processing and sharing of your personal information.
17. Contacting us.
Questions about this Privacy Statement or the information practices of the Company’s Websites and Services should be directed to our privacy team by filling out this form or by emailing us at compliance@idera.com or by mailing us at:
Idera Inc.
Attn: Legal Department
2950 North Loop Freeway West
Suite 700
Houston, Texas 77092