Privacy Policy

Effective Date: 16 May 2017

We at OneTrust LLC and OneTrust Technology Limited (collectively, “OneTrust,” “we” and “us”) know you care about how your personal information is used and shared, and we take your privacy seriously. Please read the following to learn more about how we collect, store, use and disclose information about you when you interact or use any of the following websites: www.onetrust.comwww.cookielaw.orgwww.optanon.comwww.governor.co.uk, and https://cookiepedia.co.uk/ (collectively the “Websites”) or any related events, trade shows, sales or marketing, and/or if you use any of our products, services or applications (including any trial) (collectively the “Services”) in any manner.


What does this Privacy Policy cover?

This Privacy Policy covers our treatment of information that we gather when you are accessing or using our Websites or Services or when you contact us in any manner. We gather various types of information, including information that identifies you as an individual (“Personal Information”) from our users, as explained in more detail below.

What information does OneTrust Collect?

Information You Provide to Us:

When you use the Websites: We may collect any Personal Information that you choose to send to us or provide to us, for example, on our “Request a Demo” (or similar) online form or if you register for a OneTrust webinar. If you contact us through the Websites, we will keep a record of our correspondence.

When you use the Services: We receive and store information you provide directly to us. For example, when setting up new users, we collect Personal Information, such as name and e-mail address, to provide them with Services. The types of information we may collect directly from our customers and their users include: names, usernames, email addresses, postal addresses, phone numbers, job titles, transactional information (including Services purchased), as well as any other contact or other information they choose to provide us or upload to our systems in connection with the Services.

Information We Automatically Collect:

When you use the Websites: When you visit the Websites, we collect certain information related to your device, such as your device’s IP address, referring website, what pages your device visited, and the time that your device visited our Website.

When you use the Services: Usage information – we keep track of user activity in relation to the types of Services our customers and their users use, the configuration of their computers, and performance metrics related to their use of the Services.  Log information – we log information about our customers and their users when you use one of the Services including Internet Protocol (“IP”) address. Information collected by cookies and other similar technologies – we use various technologies to collect information which may include saving cookies to users’ computers.

For further information, please see the section below headed “Cookies and other Tracking Technologies”.

How do we use the information?

Websites: We will use the information we collect via our Websites:

  • To administer our Website, our events and for internal operations, including troubleshooting, data analysis, testing, statistical and survey purposes;
  • To improve our Website to ensure that content is presented in the most effective manner for you and for your computer;
  • Analyze customers’ use of the Websites for trend monitoring, marketing and advertising purposes;
  • For purposes made clear to you at the time you submit your information – for example, to fulfill your request for a demo, to provide you with access to one of our webinar’s or whitepaper’s or to provide you with information you have requested about our Services; and
  • As part of our efforts to keep our Website safe and secure.

 

Services: We may use the information we collect from our customers and their users in connection with the Services we provide for a range of reasons, including to:

  • To set up a user account,
  • Provide, operate and maintain the Services;
  • Process and complete transactions, and send related information, including transaction confirmations and invoices;
  • Manage our customers’ use of the Services, respond to enquiries and comments and provide customer service and support;
  • Send customers technical alerts, updates, security notifications, and administrative communications;
  • Investigate and prevent fraudulent activities, unauthorized access to the Services, and other illegal activities; and
  • For any other purposes about which we notify customers and users.

 

We may also use the information you send to us via the Websites and/or Services, to communicate with you via email and, possibly, other means, regarding products, services, offers, promotions and events we think may be of interest to you or to send you our newsletter, if this is in accordance with your marketing preferences.  However, you will always be able to opt-out of such communications at any time (see the “Your Choices” section below).

How do we share and disclose information to third parties?

We do not rent or sell your Personal Information to anyone. We may share and disclose information (including Personal Information) about our customers in the following limited circumstances:

Vendors, consultants and other service providers:  We may share your information with third party vendors, consultants and other service providers who we employ to perform tasks on our behalf. These companies include (for example) our payment processing providers, website analytics companies (e.g., Google Analytics), product feedback or help desk software providers (e.g. ZenDesk), CRM service providers (e.g., Salesforce), email service providers (e.g., Sendgrid) and others.

If OneTrust has received your Personal Information in the United States and subsequently transfers that information to a third party agent or service provider for processing, OneTrust shall remain responsible for ensuring that such third party agent or service provider processes your Personal Information to the standard required by our Privacy Shield commitments (see the section below headed “Additional Information for European Users”). Unless we tell you differently and you consent, our agents do not have any right to use the Personal Information we share with them beyond what is necessary to assist us.

Business Transfers: We may choose to buy or sell assets, and may share and/or transfer customer information in connection with the evaluation of and entry into such transactions. Also, if we (or our assets) are acquired, or if we go out of business, enter bankruptcy, or go through some other change of control, Personal Information could be one of the assets transferred to or acquired by a third party.

OneTrust Group Companies: We may also share your personal data with our parent companies, subsidiaries and/or affiliates for purposes consistent with this Privacy Policy.

Protection of OneTrust and Others: We reserve the right to access, read, preserve, and disclose any information as necessary to comply with law or court order; enforce or apply our agreements with you and other agreements; or protect the rights, property, or safety of OneTrust, our employees, our users, or others.

Disclosures for National Security or Law Enforcement: Under certain circumstances, we may be required to disclose your Personal Information in response to valid requests by public authorities, including to meet national security or law enforcement requirements.

Is Personal Information about me secure?

We use appropriate technical, organizational and administrative security measures to protect any information we hold in our records from loss, misuse, and unauthorized access, disclosure, alteration and destruction.  Unfortunately, no company or service can guarantee complete security. Unauthorized entry or use, hardware or software failure, and other factors, may compromise the security of user information at any time. Among other practices, your account is protected by a password for your privacy and security. You must prevent unauthorized access to your account and Personal Information by selecting and protecting your password appropriately and limiting access to your computer or device and browser by signing off after you have finished accessing your account.

Cookies and other tracking technologies

Our Websites and some of our Services use cookies (small text files containing a string of alphanumeric characters that we put on your computer) and other similar tracking technologies (like web beacons, tags and scripts) to uniquely identify your browser and to gather information about how you interact with the Websites and Services. We use this information for the following purposes:

  • Assisting you in navigation;
  • Assisting in registration, login, and your ability to provide feedback;
  • Analyzing your use of our products, services or applications; and
  • Assisting with our promotional and marketing efforts;

 

We also may use clear gifs in HTML-based emails sent to our users to track which emails are opened by recipients. This information is used to enable more accurate reporting, improve the effectiveness of our marketing, and make our Services and Websites better for our users.

We also utilize Google Analytics, a web analysis service provided by Google, to better understand your use of our Websites and Services. Google Analytics collects information such as how often users visit the Websites, what pages they visit and what other sites they used prior to visiting. Google uses the data collected to track and examine the use of the Websites, to prepare reports on its activities and share them with other Google services. Google may use the data collected on the Websites to contextualize and personalize the ads of its own advertising network. Google’s ability to use and share information collected by Google Analytics about your visits to the Websites is restricted by the Google Analytics Terms of Use and the Google Privacy Policy. Google offers an opt-out mechanism for the web available here.

Your Privacy Rights

What choices do I have?

You can always opt not to disclose information to us, but keep in mind some information may be needed to register with us or to take advantage of some of our features.

Cookies

You can set or amend your web browser controls to accept or reject cookies. If you choose to reject cookies, you may still use our Websites and Services, however your access to some functionality and areas of our Websites or Services may be severely restricted.

Marketing Communications

You can opt-out of receiving certain promotional or marketing communications from us at any time, by using the unsubscribe link in the emails communications we send or by contacting us at support@onetrust.com with the word “UNSUBSCRIBE” in the subject field of the email.  If you have any account for our Services, we will still send you non-promotional communications, like service related emails.

How can I update and access my information?

We provide individuals with the opportunity to access, review, update, and delete any Personal Information we hold about them. You can send an email to support@onetrust.com for this purpose.

If you ask us to delete your information, we will use our best efforts to promptly delete all of your Personal Information and cease any use thereof, provided that nothing in this Privacy Policy shall prevent us from using any aggregated and de-identified Personal Information that does not identify any individual. Please note that we may also retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

California residents are entitled to ask us for a notice identifying the categories of Personal Information which we share with our affiliates and/or third parties for marketing purposes, and providing contact information for such affiliates and/or third parties. If you are a California resident and would like a copy of this notice, please submit a written request to: support@onetrust.com

If you are resident in the European Economic Area, please see the section below headed “Additional Information for users in the European Economic Area” for further information about your privacy rights.

Additional information for users in the European Economic Area (“EEA”)

This section sets out the privacy principles we follow with respect to transfers of Personal Information from the EEA to the United States, including Personal Information we receive from individuals residing in the EEA who visits our Websites and/or who may use of our Services or otherwise interact with us.

Please note that for users located in the EEA, the term Personal Information used in this policy is equivalent to the term “personal data” under applicable European data protection laws.

OneTrust LLC complies with the EU-U.S. Privacy Shield Framework (“Privacy Shield”) as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of Personal Information from European Union member countries. OneTrust LLC has certified that it adheres to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability.  If there is any conflict between the policies in this Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.

To learn more about the Privacy Shield program, see the US Department of Commerce’s Privacy Shield website located at https://www.privacyshield.gov.  To view our certification on the Privacy Shield list, please visit https://www.privacyshield.gov/

In compliance with the EU-U.S. Privacy Shield Principles, we commit to resolve complaints about your privacy and our collection or use of your Personal Information.  Individuals located within the EEA with inquiries or complaints regarding this Privacy Policy should first contact OneTrust at:

Andrew Clearwater
Director of Privacy
aclearwater@onetrust.com

We will investigate and attempt to resolve any complaints or disputes regarding the use or disclosure of personal data within 45 days of receiving your complaint. OneTrust LLC has further committed to refer unresolved privacy complaints under the EU-U.S. Privacy Shield Principles BBB EU PRIVACY SHIELD, a non-profit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information and to file a complaint.

Under certain limited circumstances, individuals in the EEA may invoke binding Privacy Shield arbitration as a last resort if all other forms of dispute resolution (discussed above) have been unsuccessful. To learn more about this method of resolution and its availability to you, please visit https://www.privacyshield.gov/.

OneTrust LLC is subject to the jurisdiction of the U.S. Federal Trade Commission for purposes of Privacy Shield enforcement.

Please note that OneTrust LLC is required to disclose Personal Information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Swiss-U.S. Privacy Shield

We comply with the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from Switzerland to the United States. We have certified to the Department of Commerce that we adhere to the Privacy Shield Principles.  If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.  To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/.

In compliance with the Swiss-US Privacy Shield Principles, we commit to resolve complaints about your privacy and our collection or use of your personal information. Swiss individuals with inquiries or complaints regarding this privacy policy should first contact OneTrust at:

Andrew Clearwater
Director of Privacy
aclearwater@onetrust.com

OneTrust has further committed to refer unresolved privacy complaints under the Swiss-US Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit http://www.bbb.org/EU-privacy-shield/for-eu-consumers for more information and to file a complaint.

Under certain limited circumstances, individuals in Switzerland may invoke binding Privacy Shield arbitration as a last resort if all other forms of dispute resolution (discussed above) have been unsuccessful. To learn more about this method of resolution and its availability to you, please visit https://www.privacyshield.gov/.

International Data Transfers

Personal Information you submit on the Websites or through the Services is sent to the United States and will be primarily processed by us in the United States and potentially in other countries, on our servers or on our hosted service providers’ cloud servers on our behalf.  These countries may not have similar data protection laws to those in your country of residence. However, we will always protect your information in accordance with this Privacy Policy wherever it is processed. Some of our product offerings include the ability to host your data in servers located in the EU or other countries. To request this capability, contact support@onetrust.com.

California and Delaware “Do Not Track” Disclosures

California and Delaware law require OneTrust to indicate whether it honors “Do Not Track” settings in your browser concerning targeted advertising. “Do Not Track” is a standard that is currently under development. As it is not yet finalized, OneTrust adheres to the standards set out in this Privacy Policy and does not monitor or respond to Do Not Track browser requests.

Linked Websites

For your convenience, hyperlinks may be posted on the Websites that link to other websites (the “Linked Sites”). We are not responsible for, and this Privacy Policy does not apply to, the privacy practices of any Linked Sites or of any companies that we do not own or control. Linked Sites may collect information in addition to that which we collect on the Websites. We do not endorse any of these Linked Sites, the services or products described or offered on such Linked Sites, or any of the content contained on the Linked Sites. We encourage you to seek out and read the privacy policy of each Linked Site that you visit to understand how the information that is collected about you is used and protected.

Children

We do not knowingly collect or solicit personal information from anyone under the age of 13. If you are under 13, please do not attempt to register for the Services or send any Personal Information about yourself to us. If we learn that we have collected Personal Information from a child under age 13, we will delete that information as quickly as possible. If you believe that a child under 13 may have provided us Personal Information, please contact us at support@onetrust.com.

Will OneTrust ever change this Privacy Policy?

We’re constantly trying to improve our Websites and Services, so we may need to change this Privacy Policy from time to time as well. We will alert you to material changes by, for example, placing a notice on our Websites and/or by sending you an email (if you have registered your e-mail details with us) when we are required to do so by applicable law. You can see when this Privacy Policy was last updated by checking the date at the top of this page. You are responsible for periodically reviewing this Privacy Policy.

What if I have questions about this policy?

If you have any questions or concerns regarding our privacy policies, please send us a detailed message to support@onetrust.com, and we will try to resolve your concerns.

Industry Affiliations