How does Convercent and its Ethics Cloud Platform Operate? Convercent has entered into separate agreements with our clients to govern the delivery, access, and use of the Convercent Ethics Cloud Platform, including instructions for the processing of personal data on behalf of our clients. Our clients license Convercent technology and configure their instance of the Convercent Ethics Cloud Platform to enable their employees, contractors, customers, and other third parties (collectively “End Users”) to report ethics and compliance issues, file disclosures, receive and take educational courses, attest to corporate policies, and monitor third party vendors.
What Role Does Convercent Serve in Data Protection? It is important to note that Convercent acts both as a Data Controller and a Data Processor within the realm of data protection law compliance (including the GDPR). As a Data Controller, Convercent is responsible for safeguarding the data of visitors to the Site. As a Data Processor, Convercent is responsible for safeguarding the data of the End Users as it flows through the Convercent Ethics Cloud Platform.
Why Do We Need Your Personal Data? We need certain personal data in order to deliver the Services to you.
Privacy Shield Participation
Convercent is responsible for the processing of personal data it receives, under each Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. Convercent complies with the Privacy Shield Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to the Privacy Shield Framework, Convercent is subject to the investigation and regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, Convercent may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Under certain conditions, more fully described on the Privacy Shield website, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.
Convercent commits to cooperate with the panel established by the EU data protection authorities (DPA’s) and the Swiss Federal Data Protection and Information Commissioner (FDIPC), with regard to unresolved Privacy Shield complaints concerning Human Resources and non-Human Resources data transferred from the EU and Switzerland.
Information We Collect
Convercent may collect information about you from various sources. Specifically, we may obtain information about you:
- On the Site, through the Convercent platform, and through any of our mobile applications (e.g., when you request information on the Site, establish an account, or submit content to the Site);
- When you call us, email us, or communicate with us through social media; and
- From our affiliates or subsidiaries, service providers, business partners, and other third parties.
The types of personal information we may obtain include:
- Contact details (e.g., name, postal address, email address, and telephone number);
- Username and password for the account you may establish on our Site;
- Photographs, videos, comments, and other content you submit to us;
- Information you provide by interacting with us through social media; and
- Other details that you may submit to us or that may be included in the information provided to us by third parties.
Automatic Data Collection
As is true of most web sites, we gather certain information automatically. We may combine this automatically collected log information with other information we collect about you. We do this to improve services we offer you, to improve marketing, analytics, or site functionality and to analyze trends in the aggregate and administer the site. The information we may collect by automated means includes:
- Information about the devices our visitors use to access the Internet (such as the IP address and the device, browser and operating system type);
- URLs that refer visitors to our Site;
- Dates and times of visits to our Site; and/or clickstream data
- Internet service provider;
- Referring/exit pages;
- The files viewed on our site (e.g., HTML pages, graphics, etc.)
- Information on actions taken on our Site (such as page views and website navigation patterns);
- A general geographic location (such as country and city) from which a visitor accesses our Site or mobile applications; and
- Search terms that visitors use to reach our Site.
We use two broad categories of cookies: (1) first party cookies, served directly by us to your computer or mobile device, which are used only by us to recognize your computer or mobile device when it revisits our Services; and (2) third party cookies, which are served by service providers on our Services, and can be used by such service providers to recognize your computer or mobile device when it visits other websites.
Our Services use the following types of cookies for the purposes set out below:
|Type of cookie||Purpose|
|Essential Cookies||These cookies are essential to provide you with our Services and to enable you to use some of the features. For example, they help the content of the pages you request load quickly. Without these cookies, the services that you have asked for cannot be provided, and we only use these cookies to provide you with those services.|
|Functionality Cookies||These cookies allow our Services to remember choices you make when you use our Services, such as remembering your language preferences, remembering your login details and remembering the changes you make to other parts of our Services which you can customize. The purpose of these cookies is to provide you with a more personal experience and to avoid you having to re-enter your preferences every time you visit our Services.|
|Analytics and Performance Cookies||These cookies are used to collect information about traffic to our Services and how users use our Services. The information gathered does not identify any individual visitor. The information is aggregated and anonymous. It includes the number of visitors to our Services, the websites that referred them to our Services, the pages they visited on our Services, what time of day they visited our Services, whether they have visited our Services before, and other similar information. We use this information to help operate our Services more efficiently, to gather broad demographic information and to monitor the level of activity on our Services.|
We use Google Analytics for this purpose. Google Analytics uses its own cookies. It is only used to improve how our Services works. You can find out more information about Google Analytics cookies here: https://developers.google.com/analytics/resources/concepts/gaConceptsCookies
You can find out more about how Google protects your data here: https://www.google.com/analytics/learn/privacy.html.
You can prevent the use of Google Analytics relating to your use of Services by downloading and installing the browser plugin available via this link: http://tools.google.com/dlpage/gaoptout?hl=en-GB
|Targeted and advertising cookies||These cookies track your browsing habits to enable us to show advertising which is more likely to be of interest to you. These cookies use information about your browsing history to group you with other users who have similar interests. Based on that information, and with our permission, third party advertisers can place cookies to enable them to show ads which may be relevant to your interests while you are on third party websites.|
|Social Media Cookies||These cookies are used when you share information using a social media sharing button or “like” button on Services or you link your account or engage with our content on or through a social networking website such as Facebook, Twitter or Google+. The social network will record that you have done this.|
You can typically remove or reject cookies via your browser settings. In order to do this, follow the instructions provided by your browser (usually located within the “settings,” “help” “tools” or “edit” facility). Many browsers are set to accept cookies until you change your settings. Further information about cookies, including how to see what cookies have been set on your computer or mobile device and how to manage and delete them, visit www.allaboutcookies.org and www.youronlinechoices.com.
If you do not accept our cookies, you may experience some inconvenience in your use of our Services. For example, we may not be able to recognize your computer or mobile device and you may need to log in every time you visit our Services.
We, our third party service providers, advertiser or our partners may also use “web beacons” or clear .gifs, or similar technologies, which are small pieces of code placed on a web page, to monitor the behavior and collect data about the visitors viewing a web page. For example, web beacons may be used to count the users who visit a web page or to deliver a cookie to the browser of a visitor viewing that page.
How We Use the Information We Collect When Acting as a Data Controller
When you use or communicate with us through the Site, we may use the information we obtain about you to:
- Register you on our Site and manage and maintain your accounts on the Site;
- Provide products or services you request;
- Understand your needs and interests and tailor our products and services to suit your personal interests and the manner in which visitors use our Site, products, and Services;
- Communicate with you about products, services, based on the general geographic location transmitted by your mobile device;
- Maintain a record of general transactions on our Site;
- Respond to your questions and comments and provide customer support;
- Communicate with you through email, websites, mobile applications and social media about our products, services, offers, events and promotions, and offer you products and services we believe may be of interest to you;
- Enable you to communicate with us through our blogs, social networks, and other interactive media;
- Operate, evaluate, and improve our business and the products and services we offer;
- Analyze and enhance our marketing communications, and strategies (including by identifying when emails sent to you have been received and read);
- Analyze performance of our services and technology and to analyze trends and statistics regarding visitors’ use of our Site, mobile applications, and social media assets, and the transactions visitors conduct on our Site;
- Protect against fraud, unauthorized transactions, claims, and other liabilities, and manage risk exposure, including by identifying potential hackers and other unauthorized users;
- Enforce our Terms of Service; and
- Comply with applicable legal requirements and industry standards and our policies.
We also may use the information we obtain about you in other ways for which we provide specific notice at the time of collection.
Information Related to Convercent as a Data Processor
Access and Retention of Data Controlled by our Clients
Convercent acknowledges that you have the right to access your personal information. Convercent has no direct relationship with the individuals whose personal data it processes when acting as a data processor to our clients. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data should direct his query to Convercent’s client, the data controller.
To direct our ad network vendors not to use your data to deliver targeted advertising to you, please contact us at email@example.com. If you wish to not have this information used for the purpose of serving you targeted ads, you may opt-out by clicking here, or if located in the European Union click here. Please note this does not opt you out of being served advertising. You will continue to receive generic ads. Some Web browsers incorporate a “Do Not Track” feature that signals to websites that you visit that you do not want to have your online activity tracked. Each browser communicates “Do Not Track” signals to the actual website differently making it unworkable to honor each and every request correctly. To alleviate any communication error between browsers and website, we do not respond to Web browser “Do Not Track” signals at this time for every browser type. As the technology and communication between browser and website improves, we will reevaluate the ability to honor every browser “Do Not Track” signals and may make changes to our policy.
Information We Share
We also may disclose information about you (i) if we are required to do so by law such as to comply with a subpoena or other legal process (such as a court order), (ii) in response to a request by law enforcement authorities, or (iii) when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, or appropriate to prevent physical harm or financial loss or in connection with an investigation of suspected or actual illegal activity.
Your Rights When Convercent is Your Data Controller
If Convercent is your Data Controller as described above and you wish to exercise any of the following rights, please contact us using the details below. In your request, please make clear: (i) what personal data is concerned; and (ii) which of the rights you would like to enforce. For your protection, we may only implement requests with respect to the personal data associated with the particular email address that you use to send us your request, and we may need to verify your identity before implementing your request. We will try to comply with your request as soon as reasonably practicable and in any event, within one month of your request. Please note that we may need to retain certain information for recordkeeping purposes and/or to complete any transactions that you began prior to requesting such change or deletion.
Access. You may access the information we hold about you at any time by contacting us directly.
Amend. You can also contact us to update or correct any inaccuracies in your personal data.
Move. Your personal data is portable – i.e. you to have the flexibility to move your data to other service providers as you wish.
Erase and forget. In certain situations, for example when the information we hold about you is no longer relevant or is incorrect, you can request that we erase your data.
Convercent will retain your information for as long as your account is active or as needed to provide you services. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. Convercent will also retain customer data for a period of no longer than 365 days from date of termination of contracting party. The user account will remain active until responsible contracting company has either disabled the account or termination of service contract with Convercent.
How We Protect Personal Information
We maintain appropriate administrative, technical and physical safeguards designed to protect the personal information you provide on our Site and Ethics Cloud Platform against accidental unlawful, or unauthorized destruction, loss, alteration, access, disclosure, or use. For example, You understand that other personal information (not including payment card information) may be transferred unencrypted and involve (i) transmissions over various networks and (ii) changes to conform and adapt to technical requirements of connecting networks or devices. However, Convercent will use commercially reasonable efforts, like secure socket layer (SSL), to encrypt information such as your login credentials during transmission.
Please note that no electronic transmission of information can be entirely secure. We cannot guarantee that the security measures we have in place to safeguard personal information will never be defeated or fail, or that those measures will always be sufficient or effective.
Linked Websites and Social Networks
Our Site may provide links to third-party websites for your convenience and information. Convercent does not control linked websites, and we do not endorse or make any representations about third-party websites. Linked sites may have their own privacy policies, which you should review if you visit those websites. We are not responsible for the content of any websites not affiliated with Convercent, any use of those websites, or those websites’ privacy practices.
We may also provide social media features on our Site that enable you to share Convercent information with your social networks and to interact with Convercent on various social media websites. This includes social media features, such as the Facebook Like button and widgets, such as the Share this button or interactive mini-programs that run on our site. Your use of these features may result in the collection or sharing of information about you. These features may collect your IP address, which page you are visiting on our site, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on our site. We encourage you to review the privacy policies and settings on the social media websites with which you interact to help you understand those websites’ privacy practices.
We display personal testimonials of satisfied customers on our site in addition to other endorsements. With your consent we may post your testimonial along with your name. If you wish to update or delete your testimonial, you can contact us at firstname.lastname@example.org.
Convercent does not knowingly collect Personal Information or direct its Site to children under the age of 16. If we learn that a user of the Site is under 16 years old, we will promptly delete any personal information that the individual has provided to us.
How to Contact Us
Attn: Convercent Privacy Team
3858 Walnut Street, Suite #255
Denver, Colorado 80205
At Convercent we value open and honest communication. We always make our most up-to-date policies easily accessible.