Effective as of January 1, 2020
This Website (“Website”) is operated by Datasite LLC (“Datasite”). The terms “Datasite,” “we,” “us,” “our” and “ours” when used in this privacy notice (“Privacy Notice”) includes subsidiaries, divisions, branches, affiliates or companies under the control of Datasite. The terms “you,” “your” and “yours” when used in this Privacy Notice means any user of this Website.
IMPORTANT: BY SUBMITTING PERSONAL DATA TO US AND/OR BY USING OUR WEBSITE, YOU GIVE YOUR CONSENT THAT ALL PERSONAL DATA THAT YOU SUBMIT MAY BE PROCESSED BY US IN THE MANNER AND FOR THE PURPOSES DESCRIBED BELOW.
Scope of Privacy Notice
This Privacy Notice describes our current policies and practices with regard to personal data collected by us from you directly and/or through the Website or Online Services (as defined below). The term “personal data” refers to information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with you or your device. This Privacy Notice applies only to operation of Websites and Online Services that directly link to this notice when you click on the Privacy Notice link. We adopt this notice to comply with applicable law. Nothing in the Privacy Notice shall be interpreted or construed to limit, undermine, curtail other rights granted to you by applicable law.
We provide online services and service facilitation tools such as: Datasite Diligence™, Datasite Outreach™ and Datasite Acquire™ (“Online Services”). These Online Services are part of a business relationship. If you have been invited to an Online Service, you have been so by a Datasite client or client advisor. By accepting the invitation to the Online Service, you are agreeing to the use of your contact details in accordance with this Privacy Notice. If you request access to an Online Service, you are agreeing to the use of your personal data in accordance with this Privacy Notice.
Notification of changes to this Notice
Datasite is continually improving our methods of communication and adding new functionality and features to this Website and to our existing services. Because of these ongoing changes, changes in the law and the changing nature of technology, our data practices may change. We encourage you to check this page frequently and anytime you submit personal data via the Website.
Collection, Use and Disclosure of your personal data
Datasite as a Data Processor OR SERVICE PROVIDER
Some of Datasite’s services require Datasite to process data that you have uploaded, stored and shared via Datasite’s clients. Datasite does not review or analyze the content of the data. However, it may contain personal data which Datasite processes pursuant to its clients’ instructions. Datasite does not control such data; rather it handles this type of data as a data processor only. Datasite processes such data as governed by written agreements in place with its clients and to the extent necessary to comply with applicable laws. As a result, Datasite’s clients are responsible for individual notification of purpose and for obtaining appropriate consent when they collect personal data. Personal data that is transferred to Datasite by its clients to be processed shall be deemed to have been collected with appropriate notification. Datasite assumes no responsibility for obtaining or validating that appropriate consent has been obtained with respect to data provided by its client(s).
Datasite as a Data Controller OR BUSINESS
DATA COLLECTED DIRECTLY FROM YOU
When you use our Online Services, request information through the Website or exchange, provide contact information with one of our sales representative, or partner constituents, apply for employment, or have included your Personal Data in an event registration form, we may request and obtain personal data about you such as your name, employer’s address, e-mail address, job title, and telephone number. We may also ask for demographic information to enable us to provide you with a personalized service. The information you provide is either manually or electronically stored in our databases.
Data collected through this Website AND ONLINE SERVICES
We may also use technology to collect information indirectly about the use of our Website or Online Services. For example, if you are already identified as a user in our database, our Web server automatically logs interactions with our Website, Online Services or advertisements, including IP addresses, device type, regional location and which Web browsers our visitors use. Our Website contains hyperlinks to other pages on our Website. We may use technology to track how often these links are used and which pages on our Website and Online Services our visitors choose to view.
In order to collect the anonymous data described herein, we may use temporary “cookies” that remain in the cookies file of your browser until the browser is closed. Cookies by themselves cannot be used to discover the identity of the user. A cookie is a small piece of information which is sent to your browser and stored on your computer’s hard drive. Cookies do not damage your computer. You can set your browser to notify you when you receive a cookie. This enables you to decide if you want to accept it or not.
USE OF PERSONAL DATA
We may share your personal data with other companies within our group of companies in order to use your personal data under these limited circumstances:
· To provide you with the requested information on products or services;
· For direct marketing purposes and market research. If you do not wish to receive e-mails or post from us for these purposes, please let us know by following the “unsubscribe” procedure described herein;
· To administer this Website;
· For testing, research, analysis, and product development in order to help us develop new services or help us improve or personalize our services;
· To provide you support upon your request;
· To obtain feedback regarding our products and services upon your consent. We may use your feedback or reviews of your experience to understand and respond to the feedback;
· To retain and use for support, transition and maintenance, as well as to comply with reporting, audit and data retention requirements;
· To conduct an internal analysis of your usage of the Online Services and maintain a history of your access to the Online Services. This will be recorded and use internally within Datasite and may also be made available to your employer or entity on whose behalf you are accessing the Online Service;
· To personalize your Website or Online Service experience and to deliver content and product and service offerings relevant to your interests, including targeted offers and ads through our Website, third-party sites, and via email or text message (with your consent, where required by law)
· To create, maintain, customize, and secure your account with us;
· To process an order, issue invoices, take payment from, make payment to your organization, or manage account or payment history;
· To disclose the information in our databases and server logs to comply with a legal requirement, for the administration of justice, for the purposes of national security only to the extent that is strictly necessary and proportionate, to interact with anti-fraud databases, to protect your vital interests, to protect the security or integrity of our databases or this Website, to take precautions against legal liability, or in the event of our sale, merger, reorganization, dissolution or similar event;
· If you submit your resume or CV, we will use the information to process your inquiry and to monitor recruitment statistics. Personal data about unsuccessful candidates will be held for 12 months before being destroyed or deleted; and
· In the event of a corporate sale, merger, reorganization, dissolution or similar event, your personal data may be part of an asset transfer or sale.
Datasite will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice.
SHARING OF PERSONAL DATA
Datasite may disclose your personal information to various third-party service providers for the following business purposes:
· To support our information technology;
· For customer service management;
· To supplement, update, or correct the data or provide additional publicly available data;
· To handle mailings on our behalf;
· To aggregate data collected through our Online Services;
· To perform back-end services related to our Online Services;
· To assist with direct marketing efforts;
· To facilitate marketing events and customer surveys; and
· To process an order, issue invoices, take payment from, make payment to your organization, or manage account or payment history.
When we disclose your personal data for a business purpose, we enter a contract that requires that all third-party processors process your personal data with the same level of protection and in a manner consistent with the uses agreed upon in this Notice.
Datasite does not sell your personal data.
Datasite retains personal data only as long as necessary to fulfill the stated purposes or as legally required and thereafter securely destroys such information. When personal data is no longer necessary or relevant for the stated purpose or to fulfill a legal or business requirement, it shall be securely destroyed. Datasite will either physically or electronically erase the personal data.
We will maintain, monitor and enforce reasonable organizational, administrative, technical and physical safeguards to protect the security and confidentiality of your personal data from loss, misuse, unauthorized access or disclosure.
Data quality, access and corrections
If Datasite collects data as a Controller or Business, Datasite will make reasonable efforts to keep personal data accurate, complete and up-to-date as is necessary to fulfill the purposes for which the information is to be used. Unless Datasite is permitted or required by law to prohibit access, upon receipt of your written request and by providing enough information to permit us to verify your identity, we will disclose to you the specific pieces of personal data we collected about you, as well as its sources, purpose, and categories of third parties with who we share, for which we may make a charge, if excessive, repetitive, or manifestly unfounded. Upon request, we will correct, amend or delete any personal data that is inaccurate and notify any third-party recipients of the necessary changes. You may update any information you have given to us by contacting us at the address given below. Requests to delete personal data are subject to any applicable legal and ethical reporting, any legitimate business purpose that necessities retention, or document retention obligations imposed on us.
If Datasite collects personal data as a Processor or Service Provider, Datasite relies on its clients to supply Datasite with accurate, complete and up-to-date information. Datasite makes reasonable efforts to maintain the integrity of the data within its Online Services as necessary to fulfill the stated purpose for which the information is used. If a request for personal data is submitted to Datasite by an individual, Datasite, in its role as a Processor (as described above), will direct the individual to the client for access.
Links to other Websites
This Website may contain hyperlinks to Websites that are not operated by us. These hyperlinks are provided for your reference and convenience only and do not imply any endorsement of the activities of these third-party Websites or any association with their operators. We do not control these Websites and are not responsible for their operation, data or privacy practices. We urge you to review any privacy notice posted on any site you visit before using the site or providing any personal data about yourself.
Datasite uses Microsoft Azure’s owned and operated data centers located in the U.S., and Germany to host its Online Services. If you are visiting this Website from a country other than the country in which our servers are located, the various communications may result in the transfer of information across international boundaries. If you are accessing an Online Service, the content data will be stored in accordance with the terms and conditions outlined in an agreement. However, your access information (e.g. user id and password), may be stored in the server located in the U.S. (see Datasite’s Continued Adherence to Privacy Shield Framework Principles below). Any personal data will be protected in accordance with this Privacy Notice as well as with adequate protections in place in compliance with applicable laws and standards. Our customer support, depending on the time that support is requested by a user, and back-end services may be provided by personnel located in our affiliates offices in the U.S., UK or Hong Kong or by third parties located outside the U.S., UK or EEA. The transfer to our affiliates and third parties is govern by Standard Contractual Clauses and/or Privacy Shield Framework Principles approved by the European Commission.
Continued Adherence to Privacy Shield Framework
Datasite maintains compliance with the EU-U.S. Privacy Shield Framework Principles and the Swiss-U.S. Privacy Shield Framework Principles regarding the collection, use and retention of personal data as well as the notice, choice, onward transfer, security, data integrity, access and enforcement requirements from European Union member countries, the United Kingdom and Switzerland. If there is any conflict between the terms in this Notice and the Privacy Shield Principles, the Privacy Shield Principles shall govern. For a listing of U.S. organizations that have self-certified to the Department of Commerce and declared their commitment to adhere to the Principles, visit https://www.privacyshield.gov/list.
By adopting the Privacy Shield Framework Principles, Datasite understands that it is subject to the investigatory and enforcement powers of the Federal Trade Commission and may be liable, under U.S. law, in cases of onward transfer of data to third parties outside the permitted uses agreed upon in this Notice.
We will regularly review how we are meeting privacy objectives. If you have questions, requests or complaints about our privacy practices, you may contact us by e-mailing firstname.lastname@example.org. If you do not receive timely acknowledgment of your complaint from us, or if we have not resolved your complaint, we agree to participate in the dispute resolution procedures established by Judicial Arbitration and Mediation Services (JAMS). If necessary, you may submit a complaint, free of charge to JAMS at https://www.jamsadr.com/about/submitacase. Under certain conditions, you may invoke binding arbitration.
Contact us; EXERCISING RIGHTS; unsubscribe
To exercise the access and deletion rights described above, please submit a verifiable consumer request by either submitting a request to email@example.com, or through https://www.datasite.com/us/en/contact/support.html. Only you may make a request related to your personal information. We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt, which may be extended with written notification, and deliver our response (or reasons we cannot comply with a request) via electronic mail. We will not discriminate against you for exercising any of your rights.
If you no longer wish to receive electronic mail, please click the “unsubscribe” link located at the bottom of the e-mail, or, by contacting firstname.lastname@example.org or visiting https://www.datasite.com/us/en/contact/support.html . We will not honor opt out request made on behalf of other individuals, regardless of their affiliation to the requestor.