You may be required to register in order to be granted access to certain information, services and/or products at this Site. At the time of registration, you may be prompted by one of our online forms to provide certain personal information to us, including your name, company name, and email address.
Use of Your Personal Information
The personal information that you provide to ABA Connection, may be stored, processed, and used by ABA Connection and its affiliates for the following purposes: (a) to provide information about our company, products and/or services, including updates, notifications, and details of any offers or promotions; (b) to assist us in improving our products, services or the content of this Site; (c) to contact you to participate in a market research survey, so that we can gauge customer satisfaction and develop better products; (d) for our own internal marketing and research purposes; (e) to promote user groups; (f) to make this Site or service easier to use by eliminating the need for you to repeatedly enter the same information or by customizing this Site or service to your particular interests or preferences; (g) to analyze information for trends and statistics. We may also provide this information to an agent acting on ABA Connection's behalf in connection with the activities described above.
You also hereby grant to ABA Connection a perpetual, non-cancelable, worldwide, non-exclusive right to utilize any data that arises from the use of this Site or any ABA Connection or its affiliates’ products by you for any legitimate business purpose, including the right to sublicense such data to third parties, subject to all legal restrictions regarding the use and disclosure of such information.
Bulletin Boards, Chat Rooms, and Live Chat
From time to time, portions of this Site may allow you to post information which other visitors to this Site will be able to access (such as on a "bulletin board" or during an interactive "chat" with other visitors). In the event that you choose to post information in this context, it becomes generally available to the public, and we have no ability to control or limit its use by visitors to our site. By posting the information on this Site you are providing ABA Connection and its affiliates the right to use the information in connection with the operation of ABA Connection's business. Therefore, we encourage you not to post any information you consider private or sensitive on this Site. Additionally, you may participate in live chat sessions with members of our sales organization. Information included in a live chat may be used to provide additional marketing communications to you, and you agree to receive those communications by participating in the live chat session.
ABA Connection's Site, software and services do not target, and are not structured to attract, children under the age of 13. ABA Connection does not collect any registration information from users who indicate they are under the age of 13. If ABA Connection discovers personal data from a child, ABA Connection will eliminate that data.
Security of Information
To protect the privacy of personal information provided by you, ABA Connection employs industry-standard controls including physical access controls, Internet firewalls, intrusion detection, and network monitoring. Additionally, only authorized administrators and staff have access to systems containing such information. We urge you to take every precaution to protect your personal data when you are on the Internet. Change your passwords often, use a combination of letters and numbers, and make sure you use a secure browser.
ABA Connection (“the Company”) is committed to preserving personal privacy. As part of that commitment, the Company adheres to the Safe Harbor Privacy Principles developed by the United States Department of Commerce in consultation with the European Commission and the Federal Data Protection and Information Commissioner of Switzerland (the “Safe Harbor program”) with respect to personal information within the scope of this Statement, pursuant to the European Commission's personal data directive (the “EU Personal Data Directive”) and the Swiss Federal Act on Data Protection.
The Company complies with the U.S.-EU Safe Harbor Framework and the U.S.-Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland. The Company has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view the Company's certification, please visit: www.export.gov/safeharbor/
This Statement applies to all personal information received by the Company (or its subsidiaries) in the United States from the European Economic Area (“EEA”) or Switzerland.
“Agent” means any third party that processes personal information pursuant to the instructions of, and solely for the benefit of, the Company, or to which the Company discloses personal information for processing on the Company's behalf.
“Data subject” means, as to personal information, the natural person as to which such personal information relates. Under this Statement, a data subject may be an employee of the Company or may be an employee, customer or other associate of the Company's client (provided that such customer or associate is a natural person), or may be any other natural person about which personal information is received by the Company (or its subsidiaries) in the United States from the European Economic Area or Switzerland.
“Personal information” means any information relating to an identified or identifiable natural person that is within the scope of the EU Personal Data Directive, received by the Company from the European Economic Area or Switzerland, and recorded in any form. An identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity. Personal information does not include anonymized information, aggregate information (to the extent an individual's identity cannot reasonably be derived from such information), or information as to which the data subject (who is not a Company employee) has freely given specific, informed and unambiguous consent for transfer to the United States.
'“Processing” of personal information means any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction.
“Sensitive personal information” means personal information that reveals a natural person's race, ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, or that concerns a natural person's sex life or health.
Safe Harbor Principles
The following principles are based on the Safe Harbor Privacy Principles. Additional information about the Safe Harbor program is available at the U.S. Department of Commerce's website at http://www.export.gov/safeharbor.
Where Company collects personal information directly from individuals in the EEA, it will inform them about the purposes for which it collects and uses personal information about them, the types of non–agent third parties to which Company discloses that information, the choices and means, if any, Company offers individuals for limiting the use and disclosure of personal information about them, and how to contact Company. Notice will be provided in clear and conspicuous language when individuals are first asked to provide personal information to Company, or as soon as practicable thereafter, and in any event before Company uses or discloses the information for a purpose other than that for which it was originally collected.
With respect to employees of the Company, on occasion, the Company transfers employee personal data to the United States in connection with the efficient management and operation of the Company, enabling all Company personnel to communicate with one another and work together, human resources and benefits administration, and safety and security processes. The Company may also transfer employee personal data to an agent of the Company in connection with the above purposes, such as a payroll provider or benefits provider. Data may also be processed and transferred to the United States in connection with collection and discovery requests in the context of litigation or government investigations, and in such context it may be made available to adverse parties in litigation or governmental entities. Except as permitted by the Safe Harbor Privacy Principles, the Company does not use sensitive employee personal information for a purpose other than that for which it was originally collected, or disclose sensitive employee personal information to a third party that is not an agent of the Company, without the employee's opt-in to such use or disclosure, respectively.
Where Company receives personal information from its subsidiaries, affiliates or other entities in the EEA, it will use and disclose such information in accordance with the notices provided by such entities and the choices made by the individuals to whom such personal information relates.
Company will offer individuals the opportunity to choose (opt-out) whether their personal information is (a) to be disclosed to a non-agent third party, or (b) to be used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual.
Employees of the Company who reside in the EEA or Switzerland have the choice to opt-out of having their personal information disclosed to a third party that is not an agent or used for a purpose other than that for which it was originally collected as described in the “Notice” section above. Employees so desiring to opt-out should contact their Human Resources representative or alternatively may contact the Office of the General Counsel using the contact information provided at the end of this Policy. Except as permitted by the Safe Harbor Privacy Principles, the Company does not use sensitive employee personal information for a purpose other than that for which it was originally collected, or disclose sensitive employee personal information to a third party that is not an agent of the Company, without the employee's opt-in to such use or disclosure, respectively.
This provision does not apply to public record information or publicly available information except in certain situations as defined by the Safe Harbor Program.
For sensitive personal information, the Company will give individuals the opportunity to affirmatively and explicitly (opt-in) consent to the disclosure of the information to a non-agent third party or the use of the information for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual.
The Company will provide individuals with reasonable mechanisms to exercise their choices.
The Company will obtain reasonable assurances from its agents that they will safeguard personal information collected by the Company consistently with this Statement and the Safe Harbor Privacy Principles. Examples of appropriate assurances may include: a contract obliging the agent to afford a level of protection to the personal information that is at least equivalent to the Safe Harbor Privacy Principles; Safe Harbor certification by the agent; or the agent being subject to EU Directive 95/46/EC or other law providing an adequate level of privacy protection.
This provision does not apply to public record information or publicly available information except in certain situations as defined by the Safe Harbor Program.
Upon an individual's request, the Company (or its client or its designee) will offer such individual reasonable access to his or her personal information and will afford such individual a reasonable opportunity to correct, amend, or delete inaccurate information. If a Company employee would like to access personal information maintained by the Company, the employee should make a written request to his or her local human resources representative. If a non-Company data subject would like to access personal information maintained by the Company, the individual should contact the Company using the contact information set forth in the “Contact Information” section below. For security purposes, the individual may need to provide the Company with various pieces of personal information to process the request. The Company may limit or deny access to personal information, or charge a fee, where providing such access would be unreasonably burdensome or expensive under the circumstances or as otherwise permitted by the Safe Harbor Privacy Principles.
The Company will take reasonable measures including technical, physical, and administrative measures and training to protect personal information from loss, misuse, and unauthorized disclosure, access, alteration, and destruction. The Company safeguards information according to established security standards and periodically assesses new technology for methods of protecting information. However, the Company cannot guarantee the security of personal information.
The Company will use personal information only in ways that are compatible with the purposes for which it was collected or subsequently authorized by the individual. The Company will take reasonable steps to ensure that personal information is relevant to its intended use, accurate, complete, and current.
Enforcement and Dispute Resolution
The Company will conduct periodic assessments to confirm the accuracy of, and verify its adherence to, this Statement. The Company will investigate suspected infractions. Any employee that the Company determines to be in violation of this Statement will be subject to disciplinary action, which may include termination of employment.
Any questions, concerns, or complaints concerning the collection and use of personal information by the Company should be directed to the Legal Department at the address given below. The Company will conduct a reasonable investigation of and will attempt to resolve any complaints in accordance with the principles contained in this Statement. For complaints that cannot be resolved between the Company and the complainant, the Company agrees to participate in the dispute resolution procedures of the panel established by the European Union data protection authorities (DPAs) to resolve disputes pursuant to the Safe Harbor Privacy Principles, and to cooperate and comply with the Federal Data Protection and Information Commissioner (FDPIC) of Switzerland. The EU DPA panel may be contacted at firstname.lastname@example.org and the EU DPAs may be contacted directly via the information provided at http://ec.europa.eu/justice/data-protection/bodies/authorities/eu/index_en.htm. The contact information for the Swiss FDPIC can be found at: http://www.edoeb.admin.ch/kontakt/index.html?lang=en.
The Company's adherence to the Safe Harbor Privacy Principles may be limited by any applicable legal, regulatory, ethical or public interest consideration, and as expressly permitted or required by any applicable law, rule, or regulation. Examples of such limitations include but are not limited to exceptions to the opt-in requirements for sensitive personal information permitted by Commission Decision 2000/520/EC of 26 July 2000, exceptions on access as permitted by Safe Harbor Privacy Principles, or under applicable European Economic Area member state or Swiss directives. The Company also may disclose personal information reasonably related to the sale or disposition of all or part of its business.
Modification of this Safe Harbor Privacy Statement
This Statement may be amended from time to time with or without notice in accordance with the Safe Harbor Privacy Principles. Any modified statement will be posted on the Company's website.