Last Revision Date: April 24, 2018
This document aims to provide you with information on Civicom® (“Company”) policy regarding the use of data received through the course of business and interaction with the Company, as well as the steps we take to protect your privacy.
In the normal course of business, the Company may collect both Personal Information about you and non-Personal Information associated with you.
EU–U.S. Privacy Shield and Swiss–U.S. Privacy Shield
Civicom participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework and the Swiss–U.S. Privacy Shield Framework. Civicom is committed to subjecting all personal data received from European Union (EU) member countries and Switzerland, in reliance on the Privacy Shield Framework, to the Framework’s applicable Principles. To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce’s Privacy Shield List at https://www.privacyshield.gov.
Civicom is responsible for the processing of personal data it receives under the Privacy Shield Framework and subsequent transfers to a third party acting as an agent on its behalf. Civicom complies with the Privacy Shield Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to the Privacy Shield Framework, Civicom is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, Civicom may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
You may direct any inquiries or complaints related to our Privacy Shield compliance to GDPR@civi.com. If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, you may contact our U.S.-based third party dispute resolution provider (free of charge) at: https://thedma.org/resources/consumer-resources/privacyshield-consumers/
Under certain conditions, more fully described on the Privacy Shield website, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.
As part of the Privacy Shield Frameworks, the U.S. State Department Senior Coordinator serves as the Ombudsperson to facilitate the processing of requests relating to national security access to data transmitted from the EU and Switzerland to the U.S.
To view Civicom’s certification, please visit https://www.privacyshield.gov/list
We offer individuals the opportunity to opt out (choose) whether their Personal Information is to be disclosed to a third party acting as a controller or processor, as well as to opt out (choose) whether their Personal Information will be used for a purpose that is materially different from the purpose for which it was originally collected or which they subsequently sanctioned for use. We require, or when acting on behalf of a client, or as a facilitator, we require written confirmation (opt in) from individuals that we are able to disclose their Sensitive Personal Information to a third party acting as either a controller or processor.
We will provide individuals reasonable and clear mechanisms for individuals to exercise their choices. For purposes of this understanding Personal Information includes first and last name, phone number, email and/or physical address and phone number. Sensitive Personal Information includes health care, genetic or biometric data, information regarding religious beliefs, race, ethnicity, union memberships, and sexual behavior or orientation.
The Ways Civicom Collects Personal Information
Civicom collects any information that you voluntarily submit to us and that identifies you personally, including contact information, such as your name, e-mail address, company name, address, phone number, and other information about yourself or your business.
Personal Information can also include information about any transactions, both free and paid, that you enter into on our websites. We may also collect information about you that is available on the internet, such as from Facebook, LinkedIn, Twitter and Google, or publicly available information that we acquire from service providers.
When you visit our website, we collect your IP address and type of browser. Our websites also collect information by using cookies.
A cookie is a small text file placed on the hard drive of your computer that allows our website to recognize you. The cookies on the Civicom websites do not collect Personal Information about you nor does it gather data that can be used to contact you. Our cookies simply assign a randomly generated number to your computer. The cookies also do not extract from your computer any information regarding other Internet sites or your surfing activities.
You also should be aware that we collect certain usage information about our website, such as the number and frequency of visitors and the pages you visit, your geographical location, referral source, and length of visit. This allows us to improve our website in ways that our visitors will find most useful. The collected data is used only in aggregate form; they do not include any Personal Information.
Web beacons are used to collect non-personally identifiable data, to assist us in delivering cookies on our sites and to allow us to count users who have visited those web pages and in turn to deliver Services.
We may use web beacons, customized links or similar technologies to determine whether your email has been opened and which links you click on in order to provide you more focused email communications or other information.
Registrations and Forms
We collect Personal Information that is provided during webinar registration, through our sign up and landing pages and contact us forms, and through your subscribing to one or more of our blogs, or through our online chat. This information is used to either assure your registration and/or to provide you with the information or answers you requested.
Our forms require you to identify your country of location. If you are located in an EU country, they require you to check a box indicating your knowledge and permission that we have collected your data, offer you the option to opt out, and provide you with information how to do so.
Our registrations and forms may ask you only once to authorize use of your Personal Information, how to opt out, and how to have your information removed, in order to eliminate your need to repeatedly enter the same information. If you are an EU/Swiss natural person, you may contact us at GDPR@civi.com to change or request removal of your Personal Information at any time.
Buttons and Tools From Other Companies
Civicom websites and mobile apps may include buttons and tools that link to Company Facebook, Linkedin, or Twitter accounts. Your interacting with our social networking pages may result in us receiving information about you.
Operator-Assisted Conference Calls
When you participate in an operator-assisted call our facilitators may request your Personal Information in order to grant you access. By providing this information freely, you have granted us the right to use it to facilitate your call experience and provide it to the call sponsor at their request.
If you contact us by phone for information or assistance with our Services we may ask you to provide your contact information in order to serve you. By providing this information freely, you have granted us the right to use it to facilitate your call experience and provide our Services to you.
Data on Marketing Research Respondents
Through our CiviSelect Website (civiselect.com), we collect information for individuals who desire to be included in our CiviSelect respondent database or in an active research study. Individuals who wish to participate must provide their first and last name, phone number, email address, country, and whether or not they have high speed internet in order to be considered for a marketing research study.
Additional information, such as address, ethnicity, birthdate, gender, health information, income, and other demographics may be required for a specific study based on client requirements to participate. These requirements also apply to any individual who replies to any of our respondent recruiting solicitations or by way of a third party respondent recruiter or panel (“Respondent Information” is incorporated under the definition of “Personal Information”).
Respondent Information shared with us by our clients as a part of a specific study may include similar information as the above. As part of our facilitation role we will contact you based on the information provided to us and in order to include you in the study.
In order to participate you must agree in writing that you have elected to provide any data beyond what you initially agreed to by completing the website application.
When you are a respondent in a marketing research study, we or our clients may ask your opinions and views on products and services external to our company or theirs.
Researchers who engage with us in our facilitation of a research study may have their own privacy policies which apply to studies involving you. Those privacy policies may detail how they handle your personally identifiable information. We encourage you to become familiar with any such policies.
When you register to use our mobile apps, we may collect information sent by your device to our servers. Your Device ID and email address is automatically collected to identify you. Other Personal Information may include your name, company, email address, phone number, and text messages, photos, videos and voice recordings you attach.
We use mobile analytics software to allow us to better understand the functionality of our Mobile Apps on your mobile device. This software may record information such as how often you use the application, the events that occur within the application, aggregated usage, performance data, and where the application was downloaded from. When you use our Mobile Apps we also collect your device model and version, and device identifier (or “UDID”).
If you have enabled your GPS, we collect your latitude/longitude coordinates, cell tower and WiFi-based location information.
We send push notifications from time to time in order to update you about new comments or available exercises within the scope of the research and events or promotions. If you no longer wish to receive such communications, you may turn them off at the device level.
We may link information we store within the analytics software to Personal Information you submit within the Mobile App. We do this to improve services we offer you and improve our analytics and site functionality.
If you sign up for one of our services using Facebook or Google, we do not use your Facebook or Google credentials for any reason other than to enable you to use the service your signed up for unless you provide your permission for us to do so.
If you provide your business card to us at a trade event, we consider this your opt in to receive information about our Services and will use your contact details to send you information and resources that we think may be valuable to you. If you an EU/Swiss natural person, you can opt out at any time by clicking on an unsubscribe link in an email sent by us or by emailing us your request to unsubscribe at GDPR@civi.com.
When You Become a Customer
When you sign up for an account or contact us for support, we may collect both Personal Information about you and non-Personal Information associated with you. This information includes your name, company, email address, and/or telephone number, billing information, and any other information you provide.
Information About Children
Our websites are not intended for or targeted at children under 13, and we do not knowingly or intentionally collect information about children under 13. If you believe that we have collected information about a child under 13, please contact us at firstname.lastname@example.org, so that we may delete the information.
If a marketing research study requires a child under 13 to become a respondent, a written consent of the parent or legal guardian is required.
How Civicom Uses the Information It Collects
We may use information that was collected from you for a number of reasons:
- To respond to demo requests, pricing inquiries, and questions about our Services
- To address reports of technical issues
- To provide you with Services requested
- For billing purposes
- To conform to legal requirements or comply with legal process
- To protect or defend the rights and property of Civicom
- To enforce the Terms of the Service Agreement
- To protect the rights of our account holders or others
- For normal business operations
- To improve our Services
- For any other purpose disclosed by us when you provide the information
- For shipping and handling required to deliver our Services to you
- When we have any reason, in good faith, to believe that disclosure is necessary to prevent or respond to fraud, defend our websites and mobile apps against attacks, or protect the property and safety of Civicom, our employees, customers, or the public
- If we merge with another company, if all or a portion of our assets are acquired by another company, or if we sell a Civicom website, mobile app, or business unit
You may receive emails directly from a person who is assigned to you as an Account Manager in the course of our relationship with you. You may elect to not respond to these emails or to inform the Account Manager that you no longer wish to be contacted by replying via email to the person who corresponded with you.
In addition, from time to time we may periodically send you marketing emails which are sent to multiple parties in our database simultaneously. These emails are subject to unsubscribe rules and will contain a link offering you the opportunity to unsubscribe from our list by clicking on the unsubscribe link.
In the case of EU/Swiss natural persons, when you have supplied Personal Information to us, we will ask you to check a box granting your permission for Civicom to have your Personal Information provided and to consent to receiving information from Civicom. This box will include a message informing you that you may withdraw your permission at any time by contacting GDPR@civi.com.
Retention of Personal Information
We retain Personal Information that you provide to us as long as we consider it potentially useful in contacting you about your account or our other Services, or as needed to comply with our legal obligations, resolve disputes and enforce our agreements.
We will delete your Personal Information at an earlier date if you so request, as described under our “Unsubscribe” links or through contacting us to change or delete your information. You can contact us via your Account Manager, or by email to any party you have received emails from at our company. If you do not have a contact person to reach out to, email us at email@example.com. In the case of EU/Swiss natural persons, contact us at GDPR@civi.com.
If you are an agent or other party who provides information to our customers as part of their use of our Services, the customers decide how long to retain the Personal Information that is collected on their behalf. If a customer terminates its use of our Services, then we will provide the customer with access to all information stored for the customer upon their request, including any Personal Information. After an account ends, we may, unless legally prohibited, delete customer information, including Personal Information.
For marketing research studies, we delete project details and Respondent Information when requested to do so, in writing, by the client associated with the Respondent Information.
Third Party Service Providers and Clients
Civicom uses third party service providers to deliver some of our services. We may share your Personal Information with our third party service providers to fulfill their obligations to us on your behalf.
We may disclose the Personal Information you provide to our clients who use our tools and software platforms, and/or to contractors, service providers and other third parties we use to support our business (and who are bound by contractual obligations to keep Personal Information confidential and use it only for the purposes for which we disclose it to them).
We use a third party PCI-DSS compliant service provider for credit card payments in order to process your transaction.
Security of Personal Information
We are committed to protecting your privacy and have implemented reasonable administrative, technical, and physical security controls to secure your Personal Information.
If a password is provided to help protect your projects and Personal Information, it is your responsibility to keep your password confidential.
Where Civicom Stores My Personal Information
We use a variety of security technologies and procedures to help protect your Personal Information from unauthorized access, use or disclosure. Your Personal Information and files are stored in our servers and those hosted by our authorized third party storage providers. We secure the Personal Information you provide on computer servers in a controlled, secure environment, protected from unauthorized access, use or disclosure.
If you have any questions about the security of your Personal Information, you can contact us at firstname.lastname@example.org.
Access to My Personal Information
Civicom recognizes the right of individuals to access their Personal Information. As an account holder, you have the ability to view or edit your Personal Information online or cancel your account.
If you have an online account with Civicom, you can view or edit your Personal Information online or cancel your account at any time.
If you do not have an online account but are our client or customer, you may contact us by way of your Account Manager or by contacting us at email@example.com in order to edit your information or cancel your account with us.
If you are not a customer or client, but would like to change your mind about receiving information from Civicom you also can contact us at firstname.lastname@example.org to have your information changed or removed.
As an EU/Swiss natural person, you may reach us to modify your information, review the information we have on file about you, or request that your information be removed from our system by emailing us at GDPR@civi.com.
In the case where we are your data processor and not your data controller, you will need to contact your data controller to request to your Personal Information with us.
The above paragraphs on access to your Personal Information are subject to our need to comply with our legal obligations or contractual agreements.
For requests for changes or deletions of personally identifiable information, we reserve the right to validate your identity and/or to charge you an adequate handling fee before providing access to data, except as required by the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks.
Personal Information Across National Borders
Who To Contact With Questions Or Concerns