Privacy Policy Introduction
Data Risk Consultants, LLC (“DRC ” or “We”) respect your preferences concerning the treatment of personal information that we may collect from your use of the DRCLLC.com Web sites and your interactions with DRC off-line. This policy lets you know how we collect and use your personal information, and how you can control its use. This policy describes the broadest potential use of personal information throughout the DRCLLC.com Web sites and in off-line transactions. We may make far less use of personal information than we have outlined in this policy.
Because of the differences in how certain DRC lines of business and software offerings collect and use personal information, DRC has established separate privacy policies that govern those different activities. The following privacy policies are specifically tailored to the relevant line of business or offering, and are separate and distinct from the activities governed by this privacy policy:
The services privacy policy, which addresses customer data to which we may be provided access in order to perform consulting, product support, outsourcing and other services.
The DRCLLC.com Web sites provide links to non-DRC sites we believe may be of interest to you. Those sites are beyond our control. You are advised to check the privacy policies and terms of use of any non-DRC sites before providing your personal information to them.
Types of Personal Information We Collect and How We Collect It
Personal Information: This policy covers the following personal information that DRC collects through your use of the DRC Web sites and in connection with off-line communications. Specifically, DRC may collect this information from offline and online registrations, forms and communications and interactions, and sales inquiries and transactions. DRC also may use third party sources, such as obligations arising from the private use of our software products or services.
Contact information, such as name, physical address, telephone number, email address, and company. The majority of the information collected under this category is business contact information. Transactional information, including information about the products and services you request, purchase or download. User preferences, such as product requirements, areas of industry interest, newsletters, community choices and other information you select in the customer profile when registering on DRCLLC.com or it’s software. Financial/credit card and payment information (If applicable) Event and conference participation information, such as lectures, classes or booths attended or visited during an event or conference hosted or attended by DRC. If we use electronic tracking technologies at an event, we will provide notice in the event registration materials and/or correspondence.
Electronic Communications Protocols and Cookies: In addition to the information specified above, DRC may collect information about your use of the DRC Web sites/software through electronic communications protocols and cookies. As is true when you visit most Web sites, DRC may automatically receive personal information from you as part of the communication connection itself, which often consists of network routing information (where you came from), equipment information (browser type), and date and time. DRC also uses cookies, embedded URLs and embedded pixels to capture additional information.
Cookies: DRC’s server will query your computer to see if there are “cookies” previously set by the DRC Web sites. A cookie is a small piece of information sent by a Web server to store on a Web browser so it can later be read back from that browser. Cookies on the Web sites may collect a unique identifier, user preferences and profile information and membership information. DRC also uses cookies to collect general usage and volume statistical information (which does not include personally identifiable information). Some cookies may remain on the user’s computer after they leave the Web site, and the majority are set to expire within 30 to 365 days. While we do not offer an opt-out for cookies, browsers provide you information and control over cookies. You can set your Web browser to alert you when a cookie is being used, and accept or reject the cookie. You can also set your browser to refuse all cookies or accept only cookies returned to the originating servers. Users can generally disable the cookie feature on their browser without affecting their ability to use the site, except in some cases where cookies are used as an essential security feature necessary for transaction completion.
Embedded URLs: DRC also uses a tracking technique that employs embedded URLs to allow use of the site without cookies. Embedded URLs allow limited information to follow you as you navigate the site, but is not associated with personal information and is not used beyond the session.
Embedded Pixels: On the Web site, DRC may use embedded pixel technologies on selected pages for the purposes of identifying unique user visits to the DRCLLC.com Web sites as opposed to aggregate hits. In addition, these technologies are used in emails to provide information on when the email was opened to track marketing campaign responsiveness.
Use and Sharing of Personal Information
DRC uses (and, where specified, shares) your personal information for the following purposes:
To engage in transactions. DRC may use personal information such as name, physical address, telephone number, email address, policy number and company name to engage in transactions with you, including contacting you about your order/software registration.
To process transactions. DRC may use financial/credit card and payment information to process your order. DRC may need to share some of this information with delivery services, credit card clearing houses and other similarly situated third parties to complete the transaction.
To provide support or other services. DRC may use your personal information to provide you support or other services you have ordered, as well as product updates, product patches and fixes and other similar communications.
To tailor marketing to your needs and respond to your requests. DRC may use information from your order/software registration, your DRC.com profile, or other specified requirements to provide you with notices of new product releases and service developments. DRC also may use your personal information to respond directly to your requests for information, including registrations for newsletters or other specific requests, or pass your contact information to the appropriate DRC software distributor, reseller or private label business partner to respond to your request. In addition, DRC may ask if you wish to have your contact information shared with other selected partners that offer complementary products or services. If you agree, DRC will provide your contact information to those partners. Please review the specific partner’s privacy policy regarding any further interactions with them.
To provide online forums. Some services available on the Web sites permit you to participate in interactive discussions or post comments or opportunities to a bulletin board or exchange. Some of these services are moderated; all may be accessed for technical reasons. DRC does not control the content that users post to these forums. You should carefully consider whether you wish to submit personal information to these forums and should tailor any content you submit appropriately and in accordance with the relevant terms of use.
To administer product downloads. DRC may contact you if you download products so that it may confirm certain information about your order/software registration (for example, that you did not experience problems in the registration process) or to discuss the registered products or to provide marketing or sales information about related products and services. DRC also may use this information to confirm compliance with licensing and other terms of use.
To select content, improve quality and facilitate use of the Web Sites. DRC may use your personal information, including the information gathered as a result of site navigation and electronic protocols and cookies (including third party cookies), to help create and personalize Web site content, facilitate your use of the Web sites (for example, to facilitate navigation and the login process, avoid duplicate data entry, enhance security, keep track of shopping cart additions and preserve order information between sessions), improve Web site quality, track marketing campaign responsiveness, and evaluate page response rates.
To provide various DRC communities, such as partners, with relevant product alerts and updates. If you sign up for a DRC community, DRC will also provide you information in which you have expressed an interest related to new product releases, alerts, updates, prices, terms, special offers and associated campaigns.
To power joint sales or product promotions. DRC and its partners may engage in joint sales or product promotions. Such promotions will always reference the partners involved. Both DRC and the partner(s) will have access to that information, and either DRC or our partners may provide you the sales or product promotion information. We recommend you review the privacy policies of these partners to address your particular needs and concerns.
To communicate with you about a conference or event. We or our partners may communicate with you about a conference or event hosted or co-sponsored by DRC or one of our partners. This may include information about the event’s content, event logistics, payment, updates, and any additional meetings, special demonstrations or other customer facilitation that we may provide related to the event. DRC may contact you after the event about the event and related products and services. DRC will also permit designated partners or conference sponsors to send you up to two communications through the services of a third party bonded warehouse. Please note that our partners or conference sponsors may directly request your personal information at their conference booths or presentations; however, providing your information is optional, and you should review their privacy policies to address your particular needs and concerns.
To comply with legal requirements. DRC may be required to disclose your personal information in order to comply with legally mandated reporting, disclosure or other legal process requirements. DRC will use reasonable efforts to limit the personal information it provides for this purpose.
Please note that your personal information may be transferred, accessed and stored globally as necessary for the uses stated above in accordance with this policy.
Registration, Customization, Preferences and Opt-Out
DRC allows you to establish an online registration profile for marketing communications at DRC. You may use the profile to customize and control your preferences for receiving electronic information, including opting into (or out of) communities. You can return to the registration profile to customize it at any time to change your elections or modify your profile at http://www.drcllc.com Please login as usual and follow the prompts to “update my profile.”
Opting Out. DRC enables you to opt out of some or all email marketing by modifying your online registration profile. A link to this profile will be available in marketing emails. You can also unsubscribe to all email marketing by sending an email to our general unsubscribe automated link at unsubscribe@drcllc.com. If you would like to opt out of receiving postal mail or telephone solicitations, please access the link at http://www.drcllc.com under “Support”, click on the link for Login/Access Issues for Risk Utilities System. If you have any problems using any of these opt-out mechanisms, please send an email to privacy@drcllc.com, indicate opt-out in the subject line and specify what problem you have encountered in the body of the message.
Some non-marketing communications are not subject to general opt-out, such as communications related to product download, sales transactions, software updates and other support related information, patches and fixes, quality assurance surveys, conferences or events for which you have registered, and disclosures to comply with legal requirements, as well as communications with partners about product alerts, updates, and other notices related to partner status.
Information-Sharing Choices. DRC only shares personal information with selected companies after providing users the ability to either opt out of or opt into the sharing. There are limitations to opting out of such sharing in the case of (1) joint sale or joint events where the data goes to both DRC and the other party at the same time; (2) where the customer has requested follow up, which involves DRC partners; and (3) where third parties are required to accomplish the transaction or perform the service, including delivery and credit card clearing services.
Third Party Permission-Based Lists. On occasion, DRC may use a third party permission-based list to send communications about DRC products and services. These lists are maintained by third parties whose users have consented to receive emails from other companies, such as DRC. We do not have access to the names and contact information on these lists. We require the list owners to identify themselves as the mailers of the email and to provide appropriate opt-out mechanisms. If you wish to be removed from a third-party list, you should direct your opt-out request to the list owner, not to DRC. If you have trouble opting out, or if you wish to make us aware of any issues related to a third-party mailing, you may contact us directly at privacy@drcllc.com. When third-party mailings are sent with a DRC reply address, DRC also will provide a notice with information about how to opt-out of future DRC marketing communications.
Access and Profile Updates
You have the ability to update your DRC.com profile and related personal information at any time. To change this information, please login at http://www.drcllc.com and follow the prompts to “update my profile.” Please contact us at privacy@drcllc.com if you require further assistance concerning your information or if you have trouble accessing your profile; please indicate access in the subject line and let us know what the access problem is in the body of the message. You may also obtain assistance concerning access to your personal information by writing to us at the following address:
Data Risk Consultants
13220 Metcalf Ave, Suite 250
Overland Park, KS 66213
Attn: Privacy
While the majority of questions and issues related to access can be handled quickly, complex requests may take more research and time. In such cases, issues will either be addressed within thirty days or you will be contacted regarding the nature of the problem and appropriate next steps.
Advertising
DRC may use some third parties to administer a limited set of DRC advertisements on its Web sites. No personal information is provided to the advertisers as part of this process, but aggregate profile information, such as user community, may be used in the selection of advertising to make sure that it has relevance to the user. On some banner ads, an embedded pixel may be present, and while it does not associate with a cookie or other personal profile information, it may return session connection information that allows advertisers to better determine how many individual users have clicked on the ad banner.
Security
The security of your personal information is very important to DRC. We have in place physical, administrative and technical safeguards designed to protect your personal information from unauthorized access. In addition, DRC uses standard security protocols and mechanisms to exchange the transmission of sensitive data such as credit card details.
In the event that your personal information is acquired, or is reasonably believed to have been acquired, by an unauthorized person and applicable law requires notification, DRC will notify you of the breach by email or fax or, if DRC is unable to contact you by email or fax, then by U.S. mail. DRC will give you notice promptly, consistent with the reasonable needs of law enforcement and/or DRC to determine the scope of the breach and to investigate and restore the integrity of the data system.
Compliance Issues
DRC has appointed a Privacy Administrator. If you believe your personal information has been used in a way that is not consistent with this policy or your specified preferences, or if you have further questions related to this policy, please contact the Privacy Administrator by email at privacy@drcllc.com. Written inquiries may be addressed to:
Privacy Administrator
Data Risk Consultants, LLC,
13220 Metcalf Ave, Suite 250
Overland Park, KS 66213
United States of America.
Under California Civil Code Section 1798.83 (also known as S.B. 27), if you are a California resident and your business relationship with DRC is primarily for personal, family, or household purposes, you may request certain data regarding DRC’s disclosure, if any, of personal information to third parties for the third-parties’ direct marketing purposes. To make such a request, please send an email message to privacy@drcllc.com with “Request for California Privacy Information” in the subject line; you may make such a request up to once per calendar year. If applicable, we will provide you, by email, a list of the categories of personal information disclosed to third parties for their direct marketing purposes during the immediately preceding calendar year, along with the third parties’ names and addresses. Please note that not all personal information sharing is covered by S.B. 27′s requirements.
Policy Updates
We may update this policy from time to time. We will post a prominent notice in this section of this policy notifying users when it is updated. If we are going to use your personal information in a manner different from that stated at the time of collection, we will notify you via email, and you will have a choice as to whether or not we use your personal information in this different manner.
We appreciate your comments on DRC’s privacy practices: privacy@drcllc.com
Date Created: October 8, 2009
Last Updated: June 24, 2010.
Corporate Headquarters
Data Risk Consultants, LLC’s corporate headquarters are located at:
13220 Metcalf Ave, suite 250
Overland Park, KS 66213, USA
Tel: +1.800.639.1920