How BoardEffect LLC Protects Your Privacy
Last Updated August 18, 2017
BoardEffect participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework. BoardEffect is committed to subjecting all personal data received from European Union (EU) member countries and Switzerland, respectively, in reliance on each Privacy Shield Framework, to the Framework’s applicable Principles. To learn more about the Privacy Shield Frameworks, and to view our certification, visit the U.S. Department of Commerce’s Privacy Shield List. [https://www.privacyshield.gov]
BoardEffect is responsible for the processing of personal data it receives, under each Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. BoardEffect complies with the Privacy Shield Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to the Privacy Shield Frameworks, BoardEffect is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, BoardEffect may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
Under certain conditions, more fully described on the Privacy Shield website [https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint], you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.
THIRD PARTY PERSONALLY IDENTIFIABLE INFORMATION
When using our service, we provide you the option to add an alternate contact. If you choose to enter an alternate contact we will collect personally identifiable information about the contact such as their name, email address and phone number. Your alternate contact may contact us at email@example.com to request that we remove this information from our database. When you provide us with personal information about your contacts we will only use this information for the specific reason for which it is provided. If you believe that one of your contacts has provided us with your personal information and you would like to request that it be removed from our database, please contact us at firstname.lastname@example.org.
Information Collection, Use, Choices and Data Integrity
You can generally visit our website (www.boardeffect.com) without actively revealing any personally identifiable information about yourself. However, in certain areas of this site, we may ask you to contact us with questions or comments, or request more information about our services.
Due to the nature of some of these activities, we may collect personally identifiable information, such as your name, title, employer/organization, address, email address and phone number, as well as any other information you elect to provide us. In certain circumstances, we also may ask for additional information about your company, such as annual operating budget, number of board members, number of committee members, and other details. We may also ask for demographic information in order to provide you with a more personalized experience.
When you download and use our mobile application, we proactively collect information on the type of device you use, operating system version, and the device identifier in order to optimize product experience.
If you request more information about our services, we may use your personally identifiable information to send you the information you have requested. We may also use this information to respond to customer service requests, and send updates about our latest events and products. We do not ask you for, access or track any location-based information from your mobile device at any time while downloading or using our App or services.
If you wish to subscribe to our newsletter(s), we will use your name and email address to send the newsletter to you. Out of respect for your privacy, you may choose to stop receiving our newsletter or marketing emails by following the unsubscribe instructions included in these emails, accessing the email preferences in your account settings page or you can contact us at email@example.com.
Web sites may use “temporary cookies” to track user navigation in order to make the user experience more useful. A temporary cookie is erased when the user closes the Web browser. The “temporary cookie”, also called a session cookie, is stored in temporary memory in the form of a text file on your computer, and is erased after the browser session is ended.
Cookies: This is a small data file sent from a server to your web browser or mobile device that is stored on your browser cache or mobile device. You can configure your browser’s settings to reflect your preference to accept or reject cookies.
ANALYTICS / LOG FILES
As is true of most web sites, we gather certain information automatically and store it in log files. This information may include Internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and/or clickstream data.
We may combine this automatically collected log information with other information we collect about you. We do this to improve services we offer you, to improve marketing, analytics, or site functionality.
We use mobile analytics software to allow us to better understand the functionality of our Mobile Software on your phone. This software may record information such as how often you use the application, the events that occur within the application, aggregated usage, performance data, and where the application was downloaded from. We do not link the information we store within the analytics software to any personally identifiable information you submit within the mobile app.
We partner with a third party to either display advertising on our Web site or to manage our advertising on other sites. Our third party partner may use technologies such as cookies to gather information about your activities on this site and other sites in order to provide you advertising based upon your browsing activities and interests. If you wish to not have this information used for the purpose of serving you interest-based ads, you may opt-out by clicking here (or if located in the European Union click here) Please note this does not opt you out of being served ads. You will continue to receive generic ads.
SHARING WITH THIRD PARTIES
BoardEffect does not rent, sell or share personally identifiable information it collects about you to or with third parties, except as follows:
- Upon request by the company that has made you an authorized user of the services.
- If required to do so by law or in the good faith belief that such action is necessary to: (1) conform to the edicts of the law or comply with legal process served on BoardEffect or the service; (2) protect and defend the rights or property of BoardEffect; or (3) act in urgent circumstances to protect the personal safety of users of BoardEffect, its website(s), product or services or the public from harm or harassment. If we receive legal process calling for the disclosure of any of your personally identifiable information we will, if permitted by law, attempt to notify you at least five (5) business days before we respond to the request.
- If BoardEffect should ever file or be subject to the filing of a petition in bankruptcy or other insolvency proceedings, or if BoardEffect should ever merge with another entity or undergo any other corporate reorganization, we may transfer and sell the information you provide to us through the service to a third party or share your personally identifiable information with any third party that acquires or succeeds to BoardEffect’s capital stock or business assets to which the services relate. You will be notified via email and/or a prominent notice on our website of any change in ownership or uses of your personally identifiable information, as well as any choices you may have regarding your personally identifiable information.
- We may provide your personally identifiable information to companies that provide services to help us with our business activities such as shipping your order or offering customer service. These companies are authorized to use your personally identifiable information only as necessary to provide these services to us.
LINKS TO OTHER SITES
Our site includes links to other websites whose privacy practices may differ from those of BoardEffect. If you submit personally identifiable information to any of those sites, your information is governed by their privacy policies. BoardEffect is not responsible for the privacy practices or the content of any sites to which www.boardeffect.com provides links. We encourage you to carefully read the privacy statement of any website you visit.
Social Media Widgets
Our website includes Social Media Features, such as the Facebook Like button, and Widgets, such as the Share this button or interactive mini-programs that run on our website. These Features may collect your Internet protocol address, which page you are visiting on our website, and may set a cookie to enable the Feature to function properly. Social Media Features and Widgets are either hosted by a third party or hosted directly on our website. Your interactions with these Features are governed by the privacy statement of the company providing it.
ACCESS TO PERSONALLY IDENTIFIABLE INFORMATION
Upon request BoardEffect will provide you with information about whether we hold any of your personal information. You may access, correct, or request deletion of your personal information by contacting us by telephone (Toll Free: 866-672-2666), or via email. We will respond to your request within a reasonable timeframe.
BoardEffect acknowledges that you have the right to access your personal information. BoardEffect has no direct relationship with the individuals whose personal data it processes. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data should direct their query to the BoardEffect’s Client Administrators (the data controller) or the BoardEffect Support Team. If requested to remove data, we will respond within a reasonable timeframe.
We will retain your information for as long as your account is active or as needed to provide you services. If you wish to cancel your account or request that we no longer use your information to provide you services, contact our Support Team. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
We may post customer testimonials on our website which might contain personally identifiable information. We obtain the customer’s consent via email prior to posting the testimonial to post their name, title, and organization name along with their testimonial. If you wish to update or delete your testimonial, you can contact us at firstname.lastname@example.org.
THE SECURITY OF YOUR INFORMATION
We use security measures (such as encryption technology) to protect your information including the personally identifiable information that we transmit and store. BoardEffect employs the following measures to secure data:
- Database level security — measures designed to prevent unauthorized users from accessing or modifying the data at the database level.
- System level security — measures designed to prevent unauthorized access to the systems that the database runs on, and to all systems that can access the database.
- Network level security — the database is designed to be inaccessible to the public internet. No machine that can directly access the database can be directly accessed from the internet.
- Firewall — designed to prevent unauthorized access to the network, and to protect against attacks.
- Intrusion Detection Systems — designed to alert us to any attack that might get past the network security and firewall, so that the attack can be stopped.
- Physical security — measures designed to ensure that the machines that can access the database are physically secured so that only the operations team can access them.
- We also prohibit our employees from accessing your personally identifiable information except on a need to know basis, and even then only under confidentiality agreements. Our engineers review the security measures on a regular basis to update and strengthen these protections. No security measures are completely fail-safe or impervious to circumvention. We are not responsible for events beyond our control, including without limitation, the malicious acts or willful misconduct of hackers or any other person.
- When you enter sensitive information (such as login credentials) we encrypt the transmission of that information using transport layer security technology (TLS).
We follow generally accepted standards to protect the personal information submitted to us, both during transmission and once we receive it. No method of transmission over the Internet, or method of electronic storage, is 100% secure, however. Therefore, we cannot guarantee its absolute security. If you have any questions about security on our Web site, you can contact us at email@example.com
BoardEffect’s Information Security Program is based off the NIST 2014 Cybersecurity Framework. BoardEffect uses the ISO 27001 standard to define the methodology for assessing and treating information risks and to define acceptable level of risk. BoardEffect classifies its information and assets according to risk and value. Any client information is marked as confidential and not shared with other entities.
BoardEffect’s Information Classification policy identifies any customer data or data received from clients in any form as Confidential. BoardEffect does not change or share such data in any way or form without explicit written permission from the client and maintains the highest possible levels of Confidentiality, Integrity and restricted Availability (CIA) of such data. Customer data is protected at rest or in transit via encryption standards.
REVISIONS TO THIS POLICY
If you have any questions about this privacy and security statement, the practices of this website, or your dealings with this website, please contact us via email or mail us at BoardEffect, LLC., 161 Leverington Ave., Suite #1001, Philadelphia, PA 19127