Services Privacy Policy
Privacy Policy
Scope
This policy covers the privacy practices that CLDigital (“We”, “Us” or “Our”) and its subsidiaries employs when providing support, consulting, and CL360 services (the “services”) to its customers (“you” or “your”). This Privacy Policy describes how CLDigital collects, uses, shares, and secures the personal information you provide, as well as the human resources data of our employees. It also describes your choices regarding use, access, and correction of your personal information. CLDigital established this privacy policy to clarify that the use of information to which it may be provided access in order to provide services is more limited than the use of information covered by CLDigital’s privacy policy.
EU-U.S. Privacy Shield
CLDigital participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework. CLDigital is committed to subjecting all personal data received from European Union (EU) member countries, in reliance on the Privacy Shield Framework, to the Framework’s applicable Principles. To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce’s Privacy Shield List. https://www.privacyshield.gov
CLDigital is responsible for the processing of personal data it receives, under the Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. CLDigital complies with the Privacy Shield Principles for all onward transfers of personal data from the EU, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to the Privacy Shield Framework, CLDigital is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, CLDigital may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third-party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
CLDigital has further committed to cooperate with the EU data protection authorities (DPAs) for EU employees regarding unresolved Privacy Shield complaints concerning human resources data transferred from the EU, in the context of the employment relationship.
Under certain conditions, more fully described on the Privacy Shield website [https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint], you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.
Customer Information and Services Data
Customer as a Data Exporter (Controller)
Customer Information: When using the Site, you may choose to provide us with certain personal information such as your name, email address, and phone number. This information is used to communicate with you by responding to your requests, comments, questions, and perform the services provided by CLDigital.
Under the Privacy Shield Principles, individuals have the right to opt out of (i) disclosures of their personal information to third parties; or (ii) uses of their personal information. If you wish to opt out or change your information, please send an email to the privacy officer at the address listed below.
Services Data
If data that resides on CL360 systems to which CLDigital is provided access to perform services (including test, development and production environments that may be accessed to perform CLDigital consulting and support services). CLDigital treats services data according to the terms of this policy, and treats services data as confidential in accordance with the terms of your order for services
To illustrate the difference between customer information and services data, when a customer contracts with CLDigital for CL360 services, the customer provides information about itself, including its name, address, and some employee contact information. CLDigital may also collect other information about the customer and some employees, for example through its web sites, as part of that interaction. All of that information is customer information and is treated according to CLDigital’s privacy policy.
In contrast, having contracted with CLDigital for CL360 or other services, the customer provides CLDigital access to its production, development, or test environment, which may include personal information about its employees, customers, partners, or suppliers (collectively “end users”).
CLDigital as a Data Importer (Processor)
Below are the conditions under which CLDigital may access, collect and/or use services data. The data importer is Continuity Logic, LLC. In this instance, data importer is providing a Software as a Service (SaaS) application for the data exporter to store and manage their Business Continuity, Disaster Recovery, Incident Management and Governance, Risk & Compliance programs.
CLDigital may receive the above data exporter information through system interface(s) to provide users with accurate information during the creation and maintenance of application usage.
To Provide Services and to Fix Issues
Services data may be accessed and used to perform services under your order for support, consulting, or general CL360 services and to confirm your compliance with the terms of your order. This may include testing and applying new product or system versions, patches, updates, and upgrades; monitoring and testing system use and performance; and resolving bugs or other issues you have reported to CLDigital. Any copies of services data created for these purposes are only maintained for time periods relevant to this purpose.
Because of Legal Requirements
CLDigital may be required to retain or provide access to services data to comply with legally mandated reporting, disclosure, or other legal process requirements.
We may also disclose your personal information as required by law, such as to comply with a subpoena or other legal process, when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request. If CLDigital is involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified via email and/or a prominent notice on our website, of any change in ownership, uses of your personal information, and choices you may have regarding your personal information. We may also disclose your personal information to any other third party with your prior consent.
Some of our pages utilize framing techniques to serve content to/from our partners while preserving the look and feel of our website. Please be aware that you are providing your customer information to these third parties and not to https://www.continuitylogic.com.
If CLDigital hires subcontracts to assist in providing services, their access to services data will be consistent with the terms of your order for services and this services privacy policy. CLDigital is responsible for its subcontractors’ compliance with the terms of this policy and your order. These companies are authorized to use your personal information only as necessary to provide these services to us.
CLDigital does not use services data except as stated above or in your order. CLDigital may process services data but does not control your collection or use practices for services data. If you provide any services data to CLDigital, you are responsible for providing any notices and/or obtaining any consent necessary for CLDigital to access, use, retain and transfer services data as specified in this policy and your order.
Access Controls
Upon request CLDigital will provide you with information about whether we hold any of your customer information. You may correct, or request deletion of your customer information by contacting us at info@continuitylogic.com. We will respond to your request within a reasonable timeframe.
CLDigital’s access to services data is based on job role/responsibility. Service data residing in CLDigital-hosted systems is controlled via an access control list (ACL) mechanism, as well as the use of an account management framework. You control access to services data by your end users; end users should direct any requests related to their personal information to you. Please see “Information Related to Data Collected through the CL360 application” section below.
Opt-out Preferences
You may sign-up to receive email or newsletter or other communications from us. If you would like to discontinue receiving this information, you may do so by using the “Unsubscribe” link found in emails we send to you or by contacting us at info@continuitylogic.com.
We may also send you service-related email announcements on rare occasions when it is necessary to do so. For instance, if our service is suspended for maintenance, we might send you an email. You do not have an option to opt out of these emails, which are not promotional in nature.
Tracking Technologies / Cookies
CLDigital and its partners use cookies or similar technologies to analyze trends, administer the website, track users’ movements around the website, and to gather demographic information about our user base. Users can control the use of cookies at the individual browser level, but if you choose to disable cookies, it may limit your use of certain features or functions on our website or service.
As is true of most websites, we gather certain information automatically. This information may include Internet protocol (IP) addresses, browser type, Internet service provider (ISP), referring/exit pages, the files viewed on our site (e.g., HTML pages, graphics, etc.), operating system, date/time stamp, and/or clickstream data to analyze trends in the aggregate and administer the site.
We partner with a third party to display advertising on our website or to manage our advertising on other sites. Our third-party partner may use cookies or similar technologies to provide you advertising based upon your browsing activities and interests. If you wish to opt out of interest-based advertising, click here or if located in the European Union click here. Please note you will continue to receive generic ads.
Security and Breach Notification
CLDigital is committed to the security of your services data, and has in place physical, administrative, and technical measures designed to prevent unauthorized access to that information. CLDigital security policies cover the management of security for both its internal operations as well as the services. These policies, which are aligned with the ISO/IEC 27001:2005 standard, govern all areas of security applicable to services and apply to all CLDigital employees. CLDigital’s Support, Consulting and CL360 lines of business have developed detailed statements of security practices that apply to many of their service offerings.
CLDigital’s policies and procedures are reviewed and overseen by CLDigital Global Information Security (CLGIS). CLGIS is responsible for security oversight, compliance, and enforcement, and for conducting information security assessments and leading the development of information security policy and strategy.
CLDigital is also committed to reducing risks of human error, theft, fraud, and misuse of CLDigital facilities. CLDigital’s efforts include making personnel aware of security policies and training employees to implement security policies. CLDigital employees are required to maintain the confidentiality of services data. Employees’ obligations include written confidentiality agreements, regular training on information protection, and compliance with company policies concerning protection of confidential information.
CLDigital promptly evaluates and responds to incidents that create suspicions of unauthorized handling of services data. CLGIS and Legal are informed of such incidents and, depending on the nature of the activity, define escalation paths and response teams to address the incidents. If CLDigital determines that your services data has been misappropriated (including by a CLDigital employee) or otherwise wrongly acquired by a third party, CLDigital will promptly report such misappropriation or acquisition to you. If you have any questions about the security of your personal information, you can contact us at info@continuitylogic.com.
Links to Third Party Sites
Our web site includes links to other sites whose privacy practices may differ from those of CLDigital. If you submit customer information to any of those sites, your information is governed by their privacy policies. We encourage you to carefully read the privacy policy of any web site you visit.
Information Related to Data Collected through the CL360 application
Information Related to Data Collected for our Customers:
- CLDigital collects information under the direction of its Customers and has no direct relationship with the individuals whose personal data it processes. If you are a customer of one of our Customers and would no longer like to be contacted by one of our Customers that use our service, please contact the Customer that you interact with directly. We may transfer personal information to companies that help us provide our service. Transfers to subsequent third parties are covered by the service agreements with our Customers.
Access and Retention of Data Controlled by our Customers:
- CL Digital acknowledges that you have the right to access your personal information. CLDigital has no direct relationship with the individuals whose personal data it processes. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data should direct his/her query to the CLDigital’s Customers (the data controller). If requested to remove data, we will respond within a reasonable timeframe.
- CLDigital will retain personal data we process on behalf of our Customers for as long as needed to provide services to our Customer. CLDigital will retain this personal information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
Changes to this Privacy Policy
CLDigital may update this Privacy Policy to reflect changes to our information practices. If we make any material changes we will notify you by email (sent to the e-mail address specified in your account) or by means of a notice on this website prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.
Compliance
CLDigital privacy policy adheres to the principles set by Privacy Shield. CLDigital has appointed a Chief Privacy Officer. If you believe your services data has been used in a way that is not consistent with this policy, or if you have further questions related to this policy, please contact the Chief Privacy Officer. Written inquiries may be addressed to:
Chief Privacy Officer,
CLDigital
140 S Falkenberg Road #206
Riverview, FL 33578
info@cldigital.com