Information Builders Privacy Shield Policy

Effective: May 25, 2018

Information Builders, Inc. (together, “Information Builders,” “our,” “we” or “us”) complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Frameworks (together “Privacy Shield”) as set forth by the U.S. Department of Commerce regarding the collection, use and retention of Personal Data (as defined below) transferred from European Union member countries and Switzerland to the United States. Information Builders has certified that it adheres to the Privacy Shield Principles with respect to such data.  If there is any conflict between the policies in this privacy policy and data subject rights under the Privacy Shield Principles, the Privacy Shield Principles shall govern.

To learn more about the Privacy Shield program and to view our certification page, please visit https://www.privacyshield.gov/.

With respect to personal data received or transferred pursuant to the Privacy Shield Frameworks, Information Builders is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. 

Definitions

In this Information Builders Privacy Shield Policy:

Personal Data” means any information relating to a User that identifies or can be used to identify that User, either separately or in combination with other readily available data that is received by Information Builders in the U.S. from the EEA or Switzerland in connection with the Services, including information provided offline, including Sensitive Personal Data.

Sensitive Personal Data” means Personal Data regarding an individual's racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, genetic or biometric data that uniquely identifies an individual, physical or mental health, or sexual life or orientation.

Services” means Information Builders’ websites including the following domains:   informationbuilders.com, ibi.com, informationbuilders.fr, informationbuilders.nl, informationbuilders.pt, informationbuilders.de, informationbuilders.co.uk, informationbuilders.it, informationbuilders.es, informationbuilders.eu, omnihealthdata.com

User” means an individual who accesses and uses the Services and who resides in the EU or Switzerland.

Scope 

Information Builders commits to comply with the Privacy Shield Principles with respect to Personal Data received from Users in connection with the use of the Services.  This Information Builders Privacy Shield Policy does not apply to Personal Data transferred under Standard Contractual Clauses or any approved derogation under EU data protection law.

Privacy Shield Principles

Information Builders commits to processing Personal Data in accordance with the Privacy Shield Principles as follows:

1. Notice

Prior to collecting Personal Data, Information Builders notifies Users covered by this Information Builders Privacy Shield Policy about the categories of Personal Data that Information Builders collects and the purposes for collection and use of their Personal Data.  Information Builders will only process Personal Data in ways that are compatible with the purpose for which Information Builders collected it or for purposes later authorized.

The types of Personal Data that Information Builders collects from Users depends on the purpose for which each User chooses to use the Services.

  • When a User registers with Information Builders, Information Builders collects name, email address, mailing address and other contact information.  
  • When a User submits a request for support, Information Builders may collect the following types of Personal Data (some of which is Personal Data) name, telephone number, email address and other information that the User chooses to give us to respond to the support request.
  • Information Builders automatically collects the date and time of the User’s access to the Services.  Depending on the settings of a User’s computer or mobile device (“Device”), Information Builders also automatically collects: Internet Protocol (IP) address; MAC address; Device make, model and operating system version; mobile network information; internet service provider; browser type and language; country and time zone in which the Device is located; and metadata stored on the Device.  This information is collected through cookies and web server environment variables.
  • Information Builders may supplement Personal Data with information from other sources.  All of the supplementary information is treated as Personal Data when it directly or indirectly identifies the User.

All Personal Data is collected to operate, manage and improve the Services and ensure the technical functionality and security of the Services.  Before Information Builders uses Personal Data for a purpose that is materially different from the purpose for which Information Builders collected it or that was later authorized, Information Builders will provide Users with the opportunity to opt out.

2. Choice

If Information Builders collects Personal Data, we will obtain opt-out or opt-in consent whenever Privacy Shield requires, including if we disclose Personal Data to third parties or before Personal Data is used for a different purpose than that purpose for which it was collected or later authorized.

Please send requests to limit the uses or disclosures of Personal Data to privacy@informationbuilders.com.

3. Accountability for Onward Transfer

Information Builders shares Personal Data collected through the Services as follows:

  • Vendors/Partners/Contractors: We share information with our vendors, partners and contractors that enable Information Builders to provide marketing, billing, technology and cybersecurity services, debt collection and similar administrative services.  These third parties have access to Personal Data only to the extent required to perform the specific tasks for which they were contracted to perform and are subject to contractual arrangements that require the protection and confidentiality of the information that they process for us.  
  • Corporate Transaction: We may share and transfer personal data if we are involved in a merger, sale, acquisition, divestiture, restructuring, reorganization, dissolution, bankruptcy or other change of ownership or control by Information Builders or any affiliated company (in each case, whether in whole or in part).

If Information Builders transfers Personal Data covered by this Information Builders Privacy Shield Policy to a third party, Information Builders takes reasonable and appropriate steps to ensure that each third party transferee processes Personal Data transferred in a manner consistent with Information Builders’ obligations under the Privacy Shield Principles.  Information Builders will ensure that each transfer is consistent with any notice provided to Users and any consent they have given.  Information Builders requires a written contract with any third party receiving Personal Data that ensures that the third party (i) processes the Personal Data for limited and specified purposes consistent with any consent provided by Users, (ii) provides at least the same level of protection as is required by the Privacy Shield Principles, (iii) notifies Information Builders if it cannot comply with Privacy Shield, and (iv) ceases processing Personal Data or takes other reasonable and appropriate steps to remediate.  

Under certain circumstances, Information Builders may be required to disclose Personal Data in response to valid requests by public authorities, including for national security or law enforcement requirements.

Information Builders remains liable under the Privacy Shield Principles if an agent processes Personal Data covered by this Information Builders Privacy Shield Policy in a manner inconsistent with the Principles unless Information Builders is not responsible for the event giving rise to the damage.

4. Security

Information Builders takes appropriate measures to protect Personal Data covered by this Information Builders Privacy Shield Policy from loss, misuse and unauthorized access, disclosure, alteration, unavailability and destruction.  In determining these measures, Information Builders takes into account the risks involved in the processing and the nature of the Personal Data.

5. Data Integrity and Purpose Limitation

Information Builders takes reasonable steps to ensure that such Personal Data is reliable for its intended use, accurate, complete and current.  Information Builders adheres to the Privacy Shield Principles for as long as it retains Personal Data in identifiable form.  Information Builders takes reasonable and appropriate measures to comply with the requirement under the Privacy Shield to retain Personal Data in identifiable form only for as long as it serves a purpose of processing.

Information Builders limits the collection of Personal Data covered by this Information Builders Privacy Shield Policy to information that is relevant for processing.  Information Builders does not process Personal Data in a way that is incompatible with the purpose for which it was collected or subsequently authorized by a User.

6. Access

A User whose Personal Data is covered by this Information Builders Privacy Shield Policy has the right to access his or her Personal Data and to correct, amend, limit use of or delete the Personal Data if the Personal Data is inaccurate or processed in violation of the Privacy Shield Principles.  Information Builders is not required to grant the rights to access, correct, amend and delete Personal Data if the burden or expense of providing access, correction, amendment or deletion is disproportionate to the risks to the User’s privacy or if the rights of persons other than the User are or could be violated.

Please submit requests for access, correction, amendment or deletion to privacy@informationbuilders.com.

7. Recourse, Enforcement, and Liability

In compliance with the Privacy Shield Principles, Information Builders commits to resolve complaints about your privacy and our collection or use of your Personal Data transferred to the United States pursuant to Privacy Shield.  European Union and Swiss individuals with Privacy Shield inquiries or complaints should first contact Information Builders at privacy@informationbuilders.com.

Information Builders has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by the Council of Better Business Bureaus.  If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit http://www.bbb.org/EU-privacy-shield/for-eu-consumers for more information and to file a complaint.  This service is provided free of charge to you.  

If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction.

Information Builders commits to periodically review and verify its compliance with the Privacy Shield Principles and to remedy any issues arising out of failure to comply with the Privacy Shield Principles. Information Builders acknowledges that its failure to provide an annual self-certification to the U.S. Department of Commerce will remove it from the Department’s list of Privacy Shield participants.

Changes to this Information Builders Privacy Shield Policy

Information Builders may amend this Information Builders Privacy Shield Policy consistent with the requirements of the Privacy Shield, including notice about any amendment.

How to Contact Information Builders

If you have any questions about this Information Builders Privacy Shield Policy or would like to request access to your Personal Data, please contact us as follows:

Attention: Privacy Officer

Email: privacy@informationbuilders.com