This is the Privacy Notice of ControlCase Inc. as well as our global subsidiaries, (“ControlCase”), whose corporate headquarters is located at 12015 Lee Jackson Highway, Suite 520, Fairfax, VA 22033, USA.
1. IMPORTANT NOTICE
ControlCase operates mainly in the business-to-business (B2B) software and services industry. Unlike many companies and Web sites, we do not focus on consumer users or the collection of consumer data. To the extent we collect information on-line, our purpose is to better serve our business clients and their employees.
ControlCase creates software and services that are designed to enable customers to meet their compliance goals in timely, transparent, and efficient manner.
ControlCase respects your privacy. This Privacy Notice sets out how ControlCase collects and processes your personal data when you access and use our Services, including the site www.controlcase.com (“Site”). This Privacy Notice also provides certain information that is legally required and lists certain of your rights in relation to your personal data under applicable law.
Certain sections of this Privacy Notice may apply only to residents of the U.S. (“U.S. Only”), while other sections apply only to residents outside of the U.S. (“Outside the U.S.”). We identify those sections accordingly. Sections not otherwise designated or not otherwise superseded by a country-specific statement apply globally.
We may amend this Privacy Notice from time to time. We encourage you to check our Privacy Notice regularly to understand how we may process your Personal Data.
2. INFORMATION ABOUT PERSONAL DATA PROCESSING
2.1. Personal Data
2.2. How We Collect Personal Data
- When you register for an account or interact with or utilize our Products or Services.
- E-Mail Lists
ControlCase maintains e-mail lists to keep interested parties informed about our company, events, products, support, and more. We do not sell the addresses on our list, but we may make information available to specific business partners, sponsors, or service providers.
Users may voluntarily request to join our mailing lists by signing up or opting in through a form on our Web site. To be removed from a ControlCase e-mail list, follow the “SafeUnsubscribe™” instructions on e-mails from ControlCase.
- When you communicate with us or sign up for promotional materials.
- When we collect data from third parties or publicly-available sources.
- When we leverage and/or collect cookies, device IDs, Location, data from the environment, and other tracking technologies.
- Users Under 18 Years of Age
2.3. How We Disclose Personal Data
We may disclose your Personal Data as described in this Privacy Notice, including:
- To Affiliates and Partners.
- To Service Providers and Vendors.
- For Advertising and Marketing.
- For Certain Analytics and Improvement.
- For Interest-Based Advertising.
- For Legal Compliance, Law Enforcement, and Public Safety Purposes
- Actual or Contemplated Sale, Acquisition, or Reorganization.
3. LEGAL BASIS FOR PROCESSING
We collect and process your personal data for a variety of different purposes which are set out in further detail below.
In some cases, we will ask for your consent so that we may process your Personal Data. However, in certain circumstances, applicable data protection laws allow us to process your Personal Data without needing to obtain your consent. In the U.S., you typically provide consent when you receive notice of this Privacy Notice. This section addresses the legal basis for processing your Personal Data if you reside outside the U.S.
3.1. Processing Personal Data Where Consent Not Obtained
In certain cases, separate consent is not required, including:
- For the performance of a contract.
- To comply with legal obligations.
- Legitimate Interests.
To operate our business and provide the Services, other than in performing our contractual obligations to you for ControlCase’s “legitimate interests” for the purposes of applicable law, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data. Legitimate interests may include:
- To communicate with you regarding the Services, including to provide you important notices regarding changes to our Terms and Conditions and to address and respond to your requests, inquiries, and complaints.
- To send you surveys in connection with our Services.
- To assist in the investigation of suspected illegal or wrongful activity, and to protect and defend our rights and property, or the rights or safety of third parties.
- To develop, provide, and improve our Services.
3.2. Matters That May Require Consent
In cases where we are not already authorized to process the Personal Data under applicable law, we may ask for your consent to process your Personal Data, including:
A “cookie” is a small text file that a web server stores in browser software. A browser sends cookies to a server when the browser makes a connection to the server (for example, when requesting a web page from the same domain that created the cookie). The purpose of cookies is to remember the browser over time and distinguish one browser instance (or user) from all others. Some cookies and other technologies may serve to recall Personal Data previously indicated by a web user. Most browsers allow you to control cookies, including whether or not to accept them, and how to remove them. Cookies can remember login information, preferences, and shopping cart contents. Other cookies, often placed by our partners or other third parties, are used for analytics, marketing, or advertising.
Cookies, as well as other tracking technologies, such as HTML5 local storage, Local Shared Objects (such as “Flash” cookies), web beacons, and similar mechanisms, may record information such as Internet domain and host names; Internet protocol (IP) addresses; browser software and operating system types; clickstream patterns; and dates and times that our Site is accessed.
Cookies used for analytics may use non-Personal Data that is not directly linked to you. We use analytics technologies to improve our Site and Services.
Users are advised that if they wish to deny the use and saving of cookies from the Site on to their computer’s hard drive, they should take necessary steps within their web browser’s settings to block all cookies from the Site and its external serving vendors. Please note that if you choose to erase or block your cookies, you will need to re-enter your original user ID and password to gain access to certain parts of the Site. For information on how to disable cookies, refer to your browser’s documentation.
3.3. Withdrawing Your Consent
You may at any time withdraw the consent you provide for the processing of your Personal Data for the purposes set forth in this Privacy Notice by contacting us at privacy@ControlCase.com provided that we are not required by applicable law or professional standards to retain such information.
If you want to stop receiving future marketing messages and materials, you can do so by clicking the “SafeUnsubscribe™.” link included in our email marketing messages and update your profile by clicking on “Update Profile”.
4. DE-IDENTIFIED OR ANONYMIZED DATA
We may create de-identified or anonymous data from Personal Data by excluding data components (such as your name, email address, or linkable tracking ID) that makes the data personally identifiable to you or through obfuscation or through other means. Our use of anonymized data is not restricted by this Privacy Notice.
5. DATA RETENTION
We will retain your Personal Data for as long as long as you maintain an account or as otherwise necessary to provide you the Services. We will also retain your Personal Data as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
Where we no longer need to process your Personal Data for the purposes set out in this Privacy Notice, we will delete your Personal Data from our systems.
Where permissible, we will also delete your Personal Data upon your request, as further described in the Data Subject Access, Modification, and Deletion Rights section of this Privacy Notice.
6. ADVERTISING AND ANALYTICS
Interest-based advertising is advertising that is targeted to you based on your web browsing and application usage over time. We disclose various types of de-identified information to enable interest-based advertising. You have the option to restrict the use of information for interest-based advertising and to opt-out of receiving interest-based ads.
You can make decisions about your privacy and the ads you receive. You can control whether companies serve you on-line behavioral advertising by visiting the Digital Advertising Alliance website and using its opt-out: http://www.aboutads.info/choices/ (U.S.) http://www.youronlinechoices.com/ (EU). The DAA opt-out requires that cookies not be blocked in your browser.
As an alternative to the DAA opt–out, you can also elect to block browser cookies from first parties (such as those from our website) and browser cookies from third parties (such as advertisers) by using the cookie blocking options built into your browser software. If you block browser cookies, some parts of our website may not function correctly. Also, blocking cookies will not stop third-parties from collecting IP address, data stored in “Flash” cookies, and certain other types of technical information that may uniquely identify your browser.
Due to the lack of consensus around a Do Not Track standard, our websites do not change how they collect or track data when they receive the “Do Not Track” flag.
7. SOCIAL NETWORK WIDGETS
Our Site may include social network sharing widgets that may provide information to their associated social networks or third-parties about your interactions with our web pages that you visit, even if you do not click on or otherwise interact with the plug-in or widget. Information is transmitted from your browser and may include an identifier assigned by the social network or third party, information about your browser type, operating system, device type, IP address, and the URL of the web page where widget appears. If you use social network tools or visit social networking sites, you should read their privacy disclosures, to learn what information they collect, use, and share.
8. WHY WE COLLECT AND PROCESS YOUR PERSONAL DATA
We need to process certain of your Personal Data in order to fulfil our contractual obligations to you and to provide you with the Services.
Where we ask for your consent to process your Personal Data, you have the right to withdraw such consent as described in this Privacy Notice. Please note, however, we may be unable to provide you certain Services that require the use of Personal Data.
Please note that even where your consent would otherwise be required, we may nevertheless process your Personal Data in accordance with our legitimate interests under applicable law, as described in this Privacy Notice.
9. TRANSFER AND STORAGE OF PERSONAL DATA
ControlCase and associated Services and systems may be stored on servers in the United States. If you are located outside of the United States, please be aware that Personal Data we collect will be processed and stored in the United States, a jurisdiction in which the data protection and privacy laws may not offer the same level of protection as those in the country where you reside or are a citizen.
By using our Services and/or submitting your Personal Data, you agree to the transfer, storage, and/or processing of your Personal Data in the United States.
10. DATA SUBJECT ACCESS, MODIFICATION, AND DELETION RIGHTS (OUTSIDE U.S.)
You have the right in certain circumstances to request confirmation from us as to whether or not we are processing your Personal Data. Where we are processing your Personal Data, you also have the right to request access to, modification of, or deletion of such Personal Data.
You have the right in certain circumstances to receive the Personal Data concerning you that you provided to us and have the right in certain circumstances to transmit such data to another controller.
To exercise your rights with respect to your Personal Data, please contact us at privacy@ControlCase.com . As permitted by law, certain data elements may not be subject to access, modification, and/or deletion. Furthermore, we may charge for this service and will respond to reasonable requests as soon as practicable and as required by law.
11. RIGHT TO LODGE A COMPLAINT WITH A SUPERVISORY AUTHORITY (OUTSIDE U.S.)
You may have a right to lodge a complaint with a supervisory authority.
12. SECURITY SAFEGUARDS AND LINKS TO OTHER WEBSITES
We implement appropriate technical and organizational safeguards to protect against unauthorized or unlawful processing of Personal Data and against the accidental loss, destruction, or damage of Personal Data. Please be advised, however, that we cannot fully eliminate security risks associated with the storage and transmission of Personal Data.
13. YOUR CALIFORNIA PRIVACY RIGHTS (U.S. ONLY)
Under Section 1798.83 of the California Code, residents of California have the right to request from a business, with whom the California resident has an established business relationship, certain information with respect to the types of Personal Data the business shares with third parties for those third parties’ direct marketing purposes, and the identities of the third parties with whom the business has shared such data during the immediately preceding calendar year. To exercise your rights, you may make one request each year by emailing us at privacy@ControlCase.com with “Request for California Privacy information” on the subject line and in the body of your message. Be sure to provide in the request sufficient information to properly identify you and/ or the members of your family.
14. REVISIONS AND CONTRACT INFORMATION
15. CONTACT US
For questions regarding this Privacy Notice, please contact us at: privacy@ControlCase.com.