Tech360 LLC owns the Website and its content. The term “you” refers to the user or viewer of www.tech360group.com.
Personal Information We May Collect
Where applicable, we indicate whether and why you must provide us with your Personal Information, as well as the consequences of failing to do so. If you do not provide Personal Information when requested, you may not benefit from our Service if that Information is necessary to provide you with the Service or if we are legally required to collect it.
We collect Personal Information from you so that we can provide you with a positive experience when utilizing our Website or and delivering services to you. We will only collect the minimum amount of Information necessary for us to fulfill our obligation to you. We may collect:
- A name and an email address so we can deliver our confirmations, receipts, service updates, as well as special promotions, coupons, and newsletters to you – you would be affirmatively consenting to this by providing this to us in our contact forms.
- Billing Information includes name, address and credit card Information to process payment to deliver our services to you under our contractual obligation.
- A name and an email address if you complete our contact form with a question. We may send you marketing emails with either your consent or believe we have a legitimate interest in contacting you based on your contact or question.
Please note that the Information above (“Personal Data”) that you are giving to us is voluntary, and by you providing this Information to us, you are giving consent for us to use, collect and process this Personal Data. You are welcome to opt-out or request for us to delete your Personal Data at any point by contacting us at email@example.com
If you choose not to provide us with certain Personal Data, you may not be able to participate in certain aspects of our Website.
Other Information We May Collect:
Anonymous Data Collection and Use
To maintain our Website’s high quality, we may use your IP address to help diagnose problems with our servers and administer the Website by identifying which areas of the Website are most heavily used and displaying content according to your preferences. Your IP address is the number assigned to computers connected to the Internet. This is essential “traffic data” that cannot personally identify you, but helps us for marketing purposes and improving our services. Traffic data collection does not follow a user’s activities on any other websites in any way. Anonymous traffic data may also be shared with business partners and advertisers on an aggregate basis.
Cookies and Similar Technologies
Like many websites, we also use “cookie” technology to collect additional website usage data and improve the Site and our Service. A cookie is a small data file that we transfer to your computer’s hard drive. A session cookie enables certain features of the Site and our Service and is deleted from your computer when you disconnect from or leave the Site. A persistent cookie remains after you close your browser and may be used by your browser on subsequent visits to the Site.
Persistent cookies can be removed by following your web browser help file directions. Most Internet browsers automatically accept cookies. Tech360 may use both session cookies and persistent cookies to understand better how you interact with the Site and our Service, monitor aggregate usage by our users and web traffic routing on the Site, and improve the Site and our Service.
We may also automatically record certain Information from your device by using various types of technology, including “clear gifs” or “web beacons.” This automatically collected Information may include your IP address or other device address or ID, web browser and/or device type, the web pages or sites that you visit just before or just after you use the Service, the pages or other content you view or otherwise interact with on the Service, and the dates and times that you visit, access, or use the Service. We also may use these technologies to collect Information regarding your interaction with email messages, such as whether you opened, clicked on, or forwarded a message, to the extent permitted under applicable law.
You can instruct your browser, by editing its options, to stop accepting cookies or to prompt you before accepting a cookie from the websites you visit. Please note that if you delete, or choose not to accept, cookies from the Service, you may not be able to utilize the Service’s features to their fullest potential.
Do Not Track
Tech360 does not process or respond to web browsers’ “do not track” signals or other similar transmissions that indicate a request to disable online tracking of users who use our Service.
What We Do With Information We Collect
We may contact you with Information that you provide to us based on these lawful grounds for processing:
- Consent. We may contact you if you give us your explicit, unambiguous, affirmative consent to contact you.
- Contract. We will contact you under our contractual obligation to deliver the services you purchase from us. This includes communicating with you to create and manage your account, provide our various services, verify your account preferences, and to respond to your inquiries and for informational and operational purposes, such as account management, customer service, or system maintenance, including by periodically emailing you service-related announcements; the creation and management of your account, the provision of our services and respond to your inquiries.
- Legitimate Interest. We may contact you if we feel you have a legitimate interest in hearing from us. For example, if you reserve an airport transfer, we may send you marketing emails regarding additional services you might be interested in purchasing. You will always have the option to opt-out of any of our emails.
We will use the Personal Data you give to us to process your payment to purchase services under a contract. We only use third-party payment processors that take the utmost care in securing data and comply with the GDPR.
Targeted Social Media Advertisements
We may use the data you provide to us to run social media advertisements and/or create look-alike audiences for advertisements.
Share with Third Party Processorss
We may share your Information with trusted third parties such as our newsletter provider to contact you via email, our merchant accounts to process payments, and Google/social media accounts to run advertisements.
Share With Network Partners
Viewing by Others
Note that whenever you voluntarily make your Personal Data available for viewing by others online through this Website or its content, it may be seen, collected, and used by others, and therefore, we cannot be responsible for any unauthorized or improper use of the Information that you voluntarily share (i.e., sharing a comment on a blog post, posting in a Facebook group that we manage, sharing details on a group coaching call, etc.).
Compliance with Laws and Law Enforcement
Tech360 cooperates with government and law enforcement officials or private parties to enforce and comply with the law. To the extent permitted under applicable law, we may disclose any information about you to the government or law enforcement officials or private parties as we believe necessary or appropriate to investigate, respond to, and defend against claims for the legal process (including subpoenas), to protect the property and rights of Tech360 or a third party, to protect Tech360 against liability, for the safety of the public or any person, to prevent or stop any illegal, unethical, fraudulent, abusive, or legally actionable activity, to protect the security or integrity of the Services we provide and any equipment used to make the Service available, or to comply with the law.
Submission, Storage, Sharing, and Transferring of Personal Data
Personal Data that you provide to us is stored internally or through a data management system. Your Personal Data will only be accessed by those who help to obtain, manage or store that Information or who have a legitimate need to know such Personal Data (i.e., our hosting provider, newsletter provider, payment processors, or team members).
We retain your Personal Data for the minimum amount of time necessary to provide you with the services you requested. We may include specific Personal Data for more extended periods of time if necessary for legal, contractual, and accounting obligations.
To use certain features of the Website, including our reservation system or other automated tools, you may need a username and password. You are responsible for maintaining the confidentiality of the username and password, and you are responsible for all activities, whether by you or by others, that occur under your username or password and within your account. We cannot and will not be liable for any loss or damage arising from your failure to protect your username, password, or account information. If you share your username or password with others, they may be able to obtain access to your Personal Data at your own risk.
You agree to notify us immediately of any unauthorized or improper use of your username or password or any other breach of security. To help protect against unauthorized or improper use, make sure that you log out at the end of each session, requiring your username and password.
We will use our best efforts to keep your username and password(s) private and will not otherwise share your password(s) without your consent, except as necessary when the law requires it or in the good faith belief that such action is necessary, mainly when disclosure is necessary to identify, contact or bring legal action against someone who may be causing injury to others or interfering with our rights or property.
How We Protect Your Personal Information
Tech360 is very concerned about safeguarding the confidentiality of your Personal Information. We employ administrative and electronic measures designed to appropriately protect your Personal Information against accidental or unlawful destruction, accidental loss, unauthorized alteration, unauthorized disclosure or access, misuse, and any other unlawful form of processing of the Personal Information in our possession. Please be aware that no security measures are perfect or impenetrable. We take commercially reasonable steps to protect the Personal Data you provide to us from misuse, disclosure, or unauthorized access. We only share your Personal Data with trusted third parties who use the same level of care in processing your Personal Data. That being said, we cannot guarantee that your Personal Data will always be secure due to technology or security breaches. Should there be a data breach of which we are aware, we will inform you immediately.
We will make any legally-required disclosures of any breach of the security, confidentiality, or integrity of your unencrypted electronically stored Personal Information to you via email or conspicuous posting on our Site in the most suitable time possible and without unreasonable delay, consistent with (i) the legitimate needs of law enforcement or (ii) any measures necessary to determine the scope of the breach and restore the reasonable integrity of the data system, and any other disclosures that may be required under applicable law.
We also take measures to delete your Personal Information or keep it in a form that does not permit identifying you when this Information is no longer necessary for the purposes for which we process it unless we are required by law to keep this Information for a more extended period. When determining the retention period, we take into account various criteria, such as the type of services requested by or provided to you, the nature and length of our relationship with you, possible re-enrollment with our services, the impact on the services we provide to you if we delete some information from or about you, mandatory retention periods provided by law and the statute of limitations.
How You Can Access, Update or Delete Your Personal Data
You have the right to:
- Request information about how your Personal Data is being used and request a copy of what Personal Data we use.
- Restrict processing if you think the Personal Data is not accurate, unlawful, or no longer needed.
- Rectify or erase Personal Data and receive confirmation of the rectification or erasure. (You have the “right to be forgotten”).
- Withdraw your consent at any time to the processing of your Personal Data.
- Lodge a complaint with a supervisory authority if you feel we are using your Personal Data unlawfully.
- Receive Personal Data portability and transference to another controller without interference.
- Object to our use of your Personal Data.
- Not be subject to an automated decision based solely on automatic processing, including profiling, which legally or significantly affects you.
You may unsubscribe from our e-newsletters or updates at any time through the unsubscribe link at the footer of all email communications. If you have questions or are experiencing problems unsubscribing, please contact us at firstname.lastname@example.org.
We take commercially reasonable steps to protect the Personal Data you provide to us from misuse, disclosure, or unauthorized access. We only share your Personal Data with trusted third parties who use the same level of care in processing your Personal Data. That being said, we cannot guarantee that your Personal Data will always be secure due to technology or security breaches. Should there be a data breach of which we are aware, we will inform you immediately.
We have a no spam policy and provide you with the ability to opt-out of our communications by selecting the unsubscribe link at the footer of all emails. We have taken the necessary steps to ensure that we are compliant with the CAN-SPAM Act of 2003 by never sending out misleading Information. We will not sell, rent, or share your email address.
We may link to other websites on our Website. We have no responsibility or liability for the content and activities of any other individual, company, or entity whose Website or materials may be linked to our Website or its content, and thus we cannot be held liable for the privacy of the Information on their Website or that you voluntarily share with their Website. Please review their privacy policies for guidelines as to how they respectively store, use, and protect your Personal Data privacy.
Children’s Online Privacy Protection Act Compliance
We do not collect any information from anyone under 18 years of age in compliance with COPPA (Children’s Online Privacy Protection Act) and the GDPR (General Data Protection Regulation of the EU). Our Website and its content is directed to individuals who are at least 18 years old or older. If we become aware that a child under 18 has provided us with Personal Information, we will delete such Information from our files.
Notification of Changes
Data Controller and Processors
We are the data controllers as we are collecting and using your Personal Data. We use trusted third parties as our data processors for technical and organizational purposes, including for payments and email marketing. We use reasonable efforts to make sure our data processors are GDPR- compliant.
If you are a resident of the European Union (“EU”), United Kingdom, Lichtenstein, Norway, or Iceland, you may have additional rights under the EU General Data Protection Regulation (the “GDPR”) with respect to your Personal Data, as outlined below.
For this GDPR Privacy Notice, we use the terms “Personal Data” and “processing” as they are defined in the GDPR, but “Personal Data” generally means information that can be used to individually identify a person, and “processing” generally covers actions that can be performed in connection with data such as collection, use, storage and disclosure. Tech360 will be the controller of your Personal Data processed in connection with the Services.
|Source of Data||Purpose of Processing||Grounds for Processing (e.g. contractual necessity, legitimate interest, consent)||Specific Legitimate Interest (if applicable)|
|Customer Account Data (e.g. first last name, email, IP address)||Data Subject||Analytics||Legitimate Interest||Category of Data|
|Customer Account Data (e.g. first last name, email, company)||Data Subject||Customer Success Communication||Legitimate Interest||Personalised service and communications related to the customer’s use of the product.|
|Customer Account Data||Data Subject||Marketing Campaign (email, list creation, ads)||Legitimate Interest||Personalization, market research, targeted advertisement, or direct marketing.|
|Customer Account Data (e.g. first last name, device type, browser)||Data Subject||Product Development||Legitimate Interest||Improving performance, troubleshooting bugs, other internal development needs.|
|Customer Account Data (e.g. first last name, email, company)||Data Subject||Sales Communication||Legitimate Interest||Targeted advertisement or direct marketing.|
|Customer Account Data (e.g. first last name, email)||Data Subject||Using Tech360 Products||Contractual Necessity||Contractual Necessity|
|Customer Account Data (e.g. image, gender)||Data Subject||Using Tech360 Products||Legitimate Interest||Creation of public profiles using public known data, personalized service and communications related to the customer’s use of the product.|
|Billing Data (e.g. first last name, card type, card country)||Data Subject||Analytics||Legitimate Interest||Monitoring and conducting analytics on website & app use, pages/links clicked, traffic demographics, patterns of navigation, on potential security/spam breach, on performance issues, etc.|
|Billing Data (e.g. first last name, card type, card country)||Data Subject||Customer Success Communication||Legitimate Interest||Personalised service and communications related to the customer’s use of the product|
|Billing Data (e.g. first last name, card type, card country)||Data Subject||Product Development||Legitimate Interest||Improving performance, troubleshooting bugs, other internal development needs|
|Customer Support Data (e.g. first last name, email, address)||Data Subject||Analytics||Legitimate Interest||Monitoring and conducting analytics on website & app use, pages/links clicked, traffic demographics, patterns of navigation, on potential security/spam breach, on performance issues, etc|
|Customer Support Data (e.g. first last name, email, address, last 4 digits of credit card)||Data Subject||Customer Success Communication||Legitimate Interest||Personalised service and communications related to the customer’s use of the product|
|Customer Support Data (e.g. first last name, email)||Data Subject||Marketing Campaign (email, list creation, ads)||Legitimate Interest||Personalization, market research, targeted advertisement, or direct marketing|
|Customer Support Data (e.g. first last name, email)||Data Subject||Product Development||Legitimate Interest||Improving performance, troubleshooting bugs, other internal development needs|
|Customer Support Data (e.g. first last name, email)||Data Subject||Sales Communication||Legitimate Interest||Targeted advertisement or direct marketing|
|Customer Support Data (e.g. first last name, email)||Data Subject||Using Tech360 Products||Contractual Necessity||Contractual Necessity|
|Person Public Data (e.g. first last name, news articles, company, investments)||Data Subject||Analytics||Legitimate Interest||Monitoring and conducting analytics on website & app use, pages/links clicked, traffic demographics, patterns of navigation, on potential security/spam breach, on performance issues, etc.|
|Person Public Data (e.g. first last name)||Data Subject||Customer Success Communication||Legitimate Interest||Personalised service and communications related to the customer’s use of the product|
|Person Public Data (e.g. first last name)||Data Subject||Marketing Campaign (email, list creation, ads)||Legitimate Interest||Personalization, market research, targeted advertisement, or direct marketing|
|Person Public Data (e.g. first last name, news articles, company, investments)||Data Subject||Product Development||Legitimate Interest||Improving performance, troubleshooting bugs, other internal development needs|
|Person Public Data (e.g. first last name)||Data Subject||Sales Communication||Legitimate Interest||Targeted advertisement or direct marketing|
|Person Public Data (e.g. first last name, news articles, company, investments)||Data Subject, Publicly-available web sources, Third Parties||Using Tech360 Products||Legitimate Interest||Creation of public profiles using public known data, personalized service and communications related to the customer’s use of the product|
|User Session Data (e.g. page url, utms)||Data Subject||Advertising||Legitimate Interest||Personalization, market research, targeted advertisement, or direct marketing|
|User Session Data (e.g. page url)||Data Subject||Mobile App Marketing||Legitimate Interest||Personalization, market research, targeted advertisement, or direct marketing|
|User Session Data (e.g. utms, logged in, xsrf token)||Data Subject||Using Tech360 Products||Legitimate Interest||Maintain logged-in state during a single browsing session. Maintain their logged in state across browsing sessions. Enable users to log back in when a new session is started. Prevent cross-site request forgery attacks. Product feature rollout, conducting analysis. Ad performance and conversion tracking. Personalization of Web Content|
How and With Whom Do We Share Your Data?
- Payment processors
- Fraud prevention service providers
- Ad networks
- Analytics service providers
- Staff augmentation and contract personnel
- Hosting service providers
- Co-location service providers
- Marketing service providers
- Product development service providers
- Customer success providers
We also share Personal Data when necessary to complete a transaction initiated or authorized by you or provide you with a product or service you have requested. In addition to those set forth above, these parties also include:
- Other users (where you post information publicly or as otherwise necessary to effect a transaction initiated or authorized by you through the Services)
- Social media services (if you interact with them through your use of the Services)
- Third party business partners who you access through the Services
- Your vendors and service providers, such as customer relationship management system providers
We also share Personal Data when we believe it is necessary to:
- Comply with applicable law or respond to valid legal process, including requests from law enforcement or other government agencies
- Protect us, our business or our users, for example to enforce our terms of service, prevent spam or other unwanted communications and investigate or protect against fraud
- Maintain the security of our products and services
We also share information with third parties when you give us consent to do so.
Last, we share Personal Data with our affiliates or other members of our corporate family. Furthermore, if we choose to buy or sell assets, user information is typically one of the transferred business assets. Moreover, if we, or substantially all of our assets, were acquired, or if we go out of business or enter bankruptcy, user information would be one of the assets that is transferred or acquired by a third party, and we would share Personal Data with the party that is acquiring our assets. You acknowledge that such transfers may occur, and that any acquirer of us or our assets may continue to use your Personal Information as set forth in this policy.
What Security Measures Do We Use?
We seek to protect Personal Data using appropriate technical and organizational measures based on the type of Personal Data and applicable processing activity.
- The Tech360 website uses SSL (https).
- Account passwords are hashed when stored in our database.
- The authenticity of request methods are verified to prevent CSRF (cross-site request forgery) attacks.
- Tech360 employees use Single Sign-On (SSO) and passwords and enable screen locking.
- Access to AWS and Payment Processors is limited on a need to know basis and requires Two-Factor Authentication (2FA).
- Access to production data requires VPN access which is restricted to only the people that need it.
- Tech360 performs third-party penetration testing.
How Long Do We Retain Your Personal Data?
We retain Personal Data about you for as long as you have an open account with us or as otherwise necessary to provide you Services. In some cases we retain Personal Data for longer, if doing so is necessary to comply with our legal obligations, resolve disputes or collect fees owed, or is otherwise permitted or required by applicable law, rule or regulation. Afterwards, we retain some information in a depersonalized or aggregated form but not in a way that would identify you personally.
Personal Data of Children
As noted in the Terms of Service, we do not knowingly collect or solicit Personal Data from anyone under the age of 16. If you are under 16, please do not attempt to register for the Services or send any Personal Data about yourself to us. If we learn that we have collected Personal Data from a child under age 16, we will delete that information as quickly as possible. If you believe that a child under 16 may have provided us Personal Data, please contact us at privacy@Tech360.com.
What Rights Do You Have Regarding Your Personal Data?
You have certain rights with respect to your Personal Data, including those set forth below. For more information about these rights, or to submit a request, please email privacy@Tech360.com. Please note that in some circumstances, we may not be able to fully comply with your request, such as if it is frivolous or extremely impractical, if it jeopardizes the rights of others, or if it is not required by law, but in those circumstances, we will still respond to notify you of such a decision. In some cases, we may also need you to provide us with additional information, which may include Personal Data, if necessary to verify your identity and the nature of your request.
Access: You can request more information about the Personal Data we hold about you and request a copy of such Personal Data by emailing privacy@Tech360.com.
Rectification: If you believe that any Personal Data we are holding about you is incorrect or incomplete, you can request that we correct or supplement such data. You can also correct some of this information directly by emailing privacy@Tech360.com.
Erasure: You can request that we erase some or all of your Personal Data from our systems.
Withdrawal of Consent: If we are processing your Personal Data based on your consent (as indicated at the time of collection of such data), you have the right to withdraw your consent at any time. Please note, however, that if you exercise this right, you may have to then provide express consent on a case-by-case basis for the use or disclosure of certain of your Personal Data, if such use or disclosure is necessary to enable you to utilize some or all of our Services.
Portability: You can ask for a copy of your Personal Data in a machine-readable format. You can also request that we transmit the data to another controller where technically feasible.
Objection: You can contact us to let us know that you object to the further use or disclosure of your Personal Data for certain purposes, such as for direct marketing purposes.
Restriction of Processing: You can ask us to restrict further processing of your Personal Data.
Right to File Complaint: You have the right to lodge a complaint about Tech360’s practices with respect to your Personal Data with the supervisory authority of your country or EU Member State.
Transfers of Personal Data: The Services are hosted and operated in the United States (“U.S.”) through Tech360 and its service providers, and if you do not reside in the U.S., laws in the U.S. may differ from the laws where you reside. By using the Services, you acknowledge that any Personal Data about you, regardless of whether provided by you or obtained from a third party, is being provided to Tech360 in the U.S. and will be hosted on U.S. servers, and you authorize Tech360 to transfer, store and process your information to and in the U.S., and possibly other countries. You hereby consent to the transfer of your data to the U.S.
Privacy Shield Certification: Tech360 has certified to the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks set forth by the U.S. Department of Commerce regarding the collection and use of Personal Data transferred from the EU and Switzerland to the U.S., respectively. While Privacy Shield is no longer a valid lawful basis on which to transfer Personal Data from the EU to the U.S., Tech360 continues to comply with both the EU-US and the Swiss-US Privacy Shield Frameworks. For more information about the Privacy Shield Program, and to view Tech360’s certification, please visit www.privacyshield.gov. Tech360 is committed to the Privacy Shield Principles of (1) notice, (2) consent, (3) accountability for onward transfer, (4) security, (5) data integrity and purpose limitation, (6) access and (7) recourse, enforcement and liability with respect to all Personal Data received from within the EU and Switzerland in reliance on the Privacy Shield. The Privacy Shield Principles require that we remain potentially liable if any third party processing Personal Data on our behalf fails to comply with these Privacy Shield Principles (except to the extent we are not responsible for the event giving rise to any alleged damage). Tech360’s compliance with the Privacy Shield is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission.
Please contact us at privacy@Tech360.com with any questions or concerns relating to our Privacy Shield Certification and to resolve your complaints. We commit to cooperate with the panel established by the EU data protection authorities (DPAs) or the Swiss Federal Data Protection and Information Commissioner, as applicable, and comply with the advice given by the panel or Commissioner. EU individuals wishing to reach their area DPA’s may locate them by going to http://ec.europa.eu/justice/article-29/strrtfr4ucture/data-protection-authorities/index_en.htm. Swiss individuals wishing to contact their local FDPIC may locate them by going to https://www.edoeb.admin.ch/edoeb/en/home/the-fdpic/links/data-protection—switzerland.html. Under certain conditions, you may also be entitled to invoke binding arbitration for complaints not resolved by other means.
What If You Have Questions Regarding Your Personal Data?
If you have any questions about this GDPR Privacy Notice or our data practices generally, please contact us using the following information:
Email address for contact: email@example.com
An organization is responsible for personal information under its control. It must appoint a Privacy Officer whose purpose is to ensure compliance with PIPEDA.
The Privacy Officer at Tech360 LLC is the Managing Partner, Simon Gare. Simon ensures that all policy and procedure at Tech360 is in line with GDPR and PIPEDA. Compliance is ensured through the thorough development of policy and procedure and regular compliance checks.
2. Identifying Purposes
Tech360 must identify the purposes for which personal data is being collected before or at the time of collection.
Data is collected at Tech360 to identify users to support them and their booking entities/employers with the relevant evidence of compliance to each jurisdiction’s professional standards.
Individuals’ consent is needed to collect, use, or disclose personal information.
The user gives full disclosure of what is collected and how their data will be used.
4. Limiting Collection
Information must be collected by fair and lawful means and must be limited to the data needed for the purpose identified by Tech360.
Data is collected directly from the user, and only information relevant to identifying the user and tracking training progress is collected and stored.
5. Limiting Use, Disclosure, and Retention
Personal information can only be used or disclosed for the purposes for which it was collected and must be kept solely for the duration required to serve those purposes unless the individual consents otherwise or it is required by law.
Data is only disclosed with the user’s express permission to validate the information provided by the user’s organization to Tech360. Data is kept for a duration required to validate and provide supporting evidence of compliance to the information requirements of Tech360. A user may request that their data is deleted at any time, and a hard driver deletion can be enacted.
Personal information must be as accurate, complete, and as up-to-date as possible to properly satisfy the purposes for which it is to be used.
The user provides data, and data integrity is checked where possible.
Personal information must be protected through appropriate security safeguards against loss or theft, as well as unauthorized access, disclosure, copying, use, or modification.
Data is stored in secure platforms that have undergone third-party penetration testing to ensure safety. All employees with access to data have read, understood, and signed the Tech360 confidentiality agreements and trained in the company data protection policy.
Tech360 is open about their policies and practices relating to personal data management and ensure that such information is readily available to individuals in a generally understandable format.
Tech360 has a data management policy freely available to individuals.
9. Individual Access
Upon request, an individual must be informed of the existence, use, and disclosure of their personal information and be given access to it. Individuals have the right to challenge the accuracy and completeness of that information and have it amended as appropriate. Tech360 may deny access to personal data if the information cannot be disclosed for legal, security, or commercial proprietary reasons or is subject to solicitor-client or litigation privilege.
Independent Controller Data Processing Addendum
Revised March 1, 2021
You or the entity you represent (“Customer”) are entering (or have entered) into an agreement with Tech360, Inc. (“Tech360” and together with Customer, the “Parties,” each, a “Party”) for the provision of certain Tech360 data and materials (the “Data License”). The Parties agree that the Tech360 Materials (as defined in the Data License) may include certain personal information such as names, employment or educational history, social media identifiers, and other information. This Data Processing Addendum (“Addendum”) shall apply to all personal information, personal data, and other personal identifiers that may be included in the Tech360 Materials, however, defined by applicable law (“Personal Data”). All terms used but not defined in this Addendum shall have the meanings set forth in (a) the Data License or (b) applicable privacy law(s).
I. Certain Definitions
“Applicable Privacy Law” means the CCPA, GDPR, and any other data protection, privacy, data breach, or similar or related laws applicable to a party’s use or other processing of Personal Data.
“CCPA” means the California Consumer Privacy Act of 2018, as amended.
“GDPR” means EU Regulation 2016/679 of the European Parliament and of the Council of April 27, 2016.
“Included Data” means any Personal Data included in the Tech360 Materials.
For purposes of the GDPR, the Parties acknowledge that they are each a separate and independent controller of any Included Data. The Parties do not and will not process Included Data as joint controllers. Each Party shall comply with the obligations that apply to it as a controller under the GDPR, and each Party shall be individually and separately responsible for its compliance.
In the event that Customer receives a request from an individual relating to the processing of such individual’s data by Tech360, the Customer will (i) promptly notify Tech360 of such request, (ii) direct the individual to Tech360 in order to enable Tech360 to respond directly to the request, and (iii) reasonably cooperate with Tech360 in responding to such request. Without limiting the foregoing, Customer agrees that it will promptly (and in any event within five (5) business days) notify Tech360 of any request pursuant to Article 16 (Right to rectification), Article 17 (Right to erasure), or Article 18 (Right to restriction of processing) of the GDPR that relates in any way to the Tech360 Materials.
The Customer acknowledges that, from time to time, Included Data may be updated, modified, augmented, or removed from the Tech360 Materials. Tech360 shall provide a delete API to the Customer reflecting any such changes to the Included Data, and the Customer shall regularly check such delete API and ensure that it is using the most up-to-date version of the Included Data. Without limiting the foregoing, Customer agrees to promptly delete and, if applicable, cease all sales of any Included Data for which Tech360 notifies Customer (including by updating the delete API) that Tech360 has received a deletion or opt-out request and will indemnify Tech360 for any claims relating to Customer’s breach of the foregoing.
Each Party shall implement appropriate technical and organizational measures to protect the
Included Data. At a minimum, Customer shall use at least the same level of privacy protection as is required by the EU-US and Swiss-US Privacy Shield Framework and Principles issued by the U.S. Department of Commerce, both available at https://www.privacyshield.gov/EU-US-Framework (the “Privacy Shield Principles”), and shall promptly notify Tech360 of any inability to provide such protection. Every transfer of Included Data by Customer from the European Economic Area or Switzerland to the United States shall be made pursuant to the Privacy Shield Principles, and Customer shall certify to and comply with the Privacy Shield Principles for the duration of the Agreement.
In the event that Customer suffers any actual or suspected data breach (including any unauthorized access or use) with respect to the Included Data, Customer shall notify Tech360 without undue delay, and the Parties shall reasonably cooperate with each other in taking such measures as may be necessary to notify affected individuals, comply with each Party’s obligations under Applicable Privacy Law, and mitigate or remedy the effects of such data breach.
If and to the extent Customer transfers any Included Data to any third party, Customer shall first enter into contractual arrangements with such third Party obligating such third Party to process the Included Data in accordance with the requirements of Applicable Privacy Law. Customer shall comply with Applicable Privacy Law in connection with its transfer (including any sale) of Included Data to third parties.