Privacy Is The Law –
- Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR) effective in the European Economic Association (EEA); Data Protection Act of 2018 in the United Kingdom (UK GDPR); California Consumer Privacy Act (CCPA) in the State of California (USA); Protection of Personal Information Act of 2013 in South Africa (POPI); Personal Information Protection and Electronic Documents Act in Canada (PIPEDA); Lei Geral de Proteção de Dados Pessoais (General Data Protection Law) of 2018 in Brazil (LGPD).
What Personal Information Do We Gather?
- You may use the Website with or through Internet Service Providers (“ISP”) or a third-party service which links to or directs you to the Website (such as a payment portal, a hyper link on a search engine, or a navigation aid). Automatically we receive periodically some data from these third-party services. You can control what data these services collect from you though we are not organized to assist you in that effort.
- If you provide your email address or mobile phone number to us then you are consenting to allow us to send information to you from time to time. If you do not want to receive “unsolicited communications” from us, you may manage your communications settings on your side or we can manage the setting on our side to allow you to “opt out” from our “unsolicited emails”. If you want us to remove you from the “unsolicited communications” list, then please send an instruction to us through the Website “Contact Us” link with the reference line stating “Opt Out”. You will receive a confirming email for security purposes to which you must reply from the same outbound device or MAC address, and then within 24 hours you will no longer receive “unsolicited communications” from us.
Where Personal Information Is Stored?
- Data is collected and stored in several formats including through in Client Relationship Management (“CRM”) data storage software (such as “Salesforce” https://www.salesforce.com/, Microsoft Dynamics 365 https://dynamics.microsoft.com/, or other CRM or client relationship software); Data is collected by ISP interactions such as Google Web Fonts, Google Analytics, Google Maps, Cookies, and Server Log Files. Data is collected and stored through employment and human resources platforms (such as Shadowmatch for recruitment, Sage Cloud VIP Premier for payroll, and Microsoft Dynamics 365 Business Central for ERP) when you apply for employment or seek credit enhancements. These three principal sources of collection and storage do not exclude other sources which may become prevalent in the business over time.
- Please note that you might have more than one “profile” with us if you have interacted with through one of its affiliates, or were “on boarded” to the Website using a different personal identifier(s), email address, or login. If you are seeking access to your data then you must provide the profile you used on the Website.
- Your data is stored in the “cloud” which commonly means it is stored in one or more countries on storage devices connected to the World Wide Web though encrypted and accessed only through Multifactor Authentication (MFA) and other cyber security protocols. To the extent that your data is stored in a location outside the European Economic Area (“EEA”) there are laws offering different (in method and magnitude) protections for your data, and the EEA requires your express consent to that storage arrangement. In particular, the European Union General Data Protection Regulation (“GDPR”) requires us to inform you that “the United States of America does not protect your data in the same manner as that same data is protected inside the EEA.” Nonetheless, you expressly consent to the storage arrangement we have implemented when you provide data to us.
What Is the Purpose of Data Collection?
- Data is required in order to transact in business and deliver services to you at your request. We use the data to provide and improve the Website, using technical information to help us identify your specific device, and link that device to your profile which aids in fraud prevention.
- Data is required for law enforcement purposes. You must provide sufficient data to satisfy the “Know Your Customer” (“KYC”) and Financial Intelligence Center(re) Act (“FICA”) obligations of the Company as applicable under the relevant law enforcement and regulatory obligations. Unless otherwise excluded, then the data must be sufficient to comply with the European Union sanctions regimes https://www.eeas.europa.eu/eeas/european-union-sanctions_en including sanctions against persons, groups and entities, https://data.europa.eu/data/datasets/consolidated-list-of-persons-groups-and-entities-subject-to-eu-financial-sanctions?locale=en . The United Kingdom sanctions regimes apply including the Sanctions and Anti-Money Laundering Act 2018 (the Sanctions Act) and under other UK legislation such as the Export Control Order 2008 and the Anti-Terrorism, Crime and Security Act 2001. https://www.gov.uk/government/collections/uk-sanctions-regimes-under-the-sanctions-act; S. Department of the Treasury, List of Foreign Financial Institutions Subject to Correspondent Account or Payable-Through Account Sanctions (the “CAPTA List” formerly the “Part 561” list); the U.S. Department of the Treasury Office of Foreign Assets Control (“OFAC”) which publishes a list of individuals and companies owned or controlled by, or acting for or on behalf of, targeted countries. It also lists individuals, groups, and entities, such as terrorists and narcotics traffickers designated under programs that are not country specific. Collectively, such individuals and companies are called “Specially Designated Nationals” or “SDNs”; (including the Foreign Sanctions Evaders List, the List of Persons Identified as Blocked Solely Pursuant to E.O. 13599, the Non-SDN Iran Sanctions Act List, the Sectoral Sanctions Identifications List and the Non-SDN Palestinian Legislative Council List).
Do We Share the Data We Receive?
How Secure Is Information About Me?
- Your data is stored in the “cloud” on platform(s) maintained by reputable companies in the business of data storage, subject the national laws of the jurisdictions where the companies do business, and consistent with service contracts executed by us with these companies. That data is accessed by us using individual devices connected to the Internet and/or connected to a Local Area Network (LAN) which is connected to the Internet in turn providing access to your data on our workstations and our devices under the authority and control of us. Your data is encrypted when stored on the cloud, when moving to, from, and between the cloud and these data connections. All of our data access points are protected by Multifactor Authentication (MFA).
- Professional information security companies manage and monitor our storage of your data, periodically upgrade our security protocols and tools, and alert us in the event of any type of data “loss” caused by a security failure. In the event of a “data breach” (a security failure causing the loss of control of your data by us) we will notify you within 72 hours of when we learn of our own data breach, advise you of our corrective actions, and recommend to you any appropriate course of reaction.
- You remain responsible for your own cyber security and the data which you store on your own devices, including your obligation to use best practices to safeguard your own devices.
Your Rights & Your Data?
- You have several “rights” as it relates to your data and us. First, you have the right to know and inspect what “personal information” of yours we have in our data collection (such as your name, address, and email address). We may not be able to show you any types of data held by the online hosts, nor the data which is stored on your own devices (such as cookies). Second, you have the right to have us repair, correct, or remove any “inaccurate” data points. Third, you have the right to restrict how we use your data, object to being “profiled” using your data, or to have your data “forgotten” (erased) entirely by us (to the extent the law allows). We can remove your “personal information” but only to the extent that removal doesn’t impair our ability to comply with the applicable laws (such as retaining information to demonstrate to law enforcement our KYC). We can request our data security service to make anonymous any of your data that they can locate using your user identification, profile, or login details but cannot erase. Fourth, you have the right to receive your data which we hold in a “portable” format (such as on a USB stick in a machine readable format). Fifth, you may ask to be informed if we use your data to “profile” you and ask to be informed about what that profiling means, and to object to being “profiled.” We do not use artificial intelligence to profile you, make decisions which have an effect upon you, and if you suspect such conduct you may contact us directed (below) in order to address any such actions.
Contact Us About Privacy –
(Last updated August 12, 2022)
How can we help you?
Partner with us as we navigate the landscape together.