Last Revision Date: January 17, 2024
Integreon, Inc. and its group of companies (“Integreon” or “We” or “Us” or “Our”) recognizes the importance of protecting your privacy. The following privacy policy (“Privacy Policy”) applies to all of Our customers, employees, contractors, and website visitors and describes what information Integreon collects on this website (the “Site”) and through its business activities, how Integreon collects that information, and how Integreon stores, uses, transfers, and discloses (collectively “Uses”) the collected information. This Privacy Policy is subject to Integreon’s Terms of Use at https://www.integreon.com/terms-of-use/. Integreon may update or amend this Privacy Policy from time to time, as Integreon deems necessary. When Integreon updates or amends its Privacy Policy, We will post the revision date of the updated or amended Privacy Policy at the top of the document. The Privacy Policy applicable to EU and UK citizens can also be found on the Site.
INTERNATIONAL TRANSFERS
Integreon is committed to and fully complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Integreon has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. Integreon has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view Our certification, please visit https://www.dataprivacyframework.gov/. Integreon affiliates that are also covered entities under the Data Privacy Framework are: Integreon Intermediate LLC, Integreon BES LLC, Integreon Managed Solutions (North Dakota), Inc., Integreon Discovery Solutions, Inc., and Integreon Discovery Solutions (DC), Inc. Please see Our EU/UK privacy policy on the Site for details of transfers which are subject to the requirements of GDPR or UK GDPR.
AFFILIATE, PARTNER AND THIRD-PARTY WEBSITES
This Privacy Policy applies to this Site only. To the extent that this Site permits you to link to other websites of Integreon’s affiliates, partners, or other third parties, separate privacy policies may apply to those linked websites. Those separate privacy policies may contain different terms that are not the same as those terms contained in Integreon’s Privacy Policy. Your access to and use of such linked websites through links that are provided on this Site are not governed by this Privacy Policy. Rather, your access to and use of such linked websites are governed by the privacy policies in those linked websites, and Integreon expressly disclaims any and all responsibility for your access to and use of such linked websites, as well as for any use of the Personal Information (defined below) that you may provide, or any Personal Information that may be collected about you (including via cookies), at such linked websites.
PURPOSE OF COLLECTION OF PERSONAL INFORMATION
“Personal Data” is any information that relates to you and that identifies you either directly from that information or indirectly, by reference to other information that We have access to. Integreon collects Personal Information in order to provide you with enhanced features such as customized content, access to special sections on Our website, or e-mail delivery of blog posts. Further, this Personal Information will enable Us to respond to your requests, to communicate with you, to support or enhance your relationship with Us, and improve Our services. Where you have consented to a particular processing, you have a right to withdraw the consent at any time.
WHAT PERSONAL INFORMATION INTEGREON ACTIVELY COLLECTS
- When you choose to register with Our Site for newsletters or white papers or when you choose to participate in an online forum, contest, sweepstakes, survey or voting procedure, We may collect Personal Information that includes, but is not limited to, your name, position or role, company name, physical mailing address, your email address, and phone number(s). We may also ask you to provide Us with demographic information or information regarding your interests, hobbies or similar information.
- When you attend trade shows, conferences or other events, We may collect Personal Information that includes, but is not limited to, your name, position or role, company, address, email address, work address, and phone numbers.
- We may provide you the opportunity to e-mail a friend an invitation to join the Site. The e-mail addresses you supply Us for such activity will be used to send the requested e-mail and will not be used to send you or your friend any other e-mail communications.
- When you visit the careers section of the website or register your interest in working for Us, you may be asked to provide your email address, residence, education, work experience and other similar information.
- If you access one or more of Integreon’s web-based technology platforms, you may be asked to provide certain Personal Information in order to access those web–based services.
- When you contact an Integreon sales executive or an Integreon sales executive contacts you, we may collect your contact information, your job title, and information related to the opportunity that was discussed or related opportunities.
Such Personal Information is provided by you on a voluntary basis, and by submitting your Personal Information you consent to its use in a manner consistent with the Privacy Policy. You can choose not to provide certain information, but then you may not be able to take advantage of or participate in some of the Site’s features.
WHAT PERSONAL INFORMATION INTEGREON PASSIVELY COLLECTS: COOKIES AND OTHER TECHNOLOGIES
This Site, Integreon’s online services, applications, platforms, email messages, and advertisements, if any, may use “cookies” and other technologies to collect information about you. A cookie is a small data file stored on the web browser on your computer’s hard drive. A cookie associates the identification numbers built into the cookie with information about you that you have provided to Us. This association allows Us to recognize you when you arrive at Our website. Other technologies tell Us where on Our website you have visited, counts how many users visited certain web pages within Our website, and measures the effectiveness of advertisements, if any, and web searches. Please see Our Cookies Policy at Cookies Policy for further information.
Like most websites, We also automatically collect some tracking information and store that tracking information in an anonymous, aggregated and non-personal format. This tracking information includes Internet Protocol (IP) addresses, browser type and language, Internet Service Provider (ISP), operating system used, date and time stamps and click stream data. We use this tracking information to understand and analyze trends, to administer Our website, and to learn about user behavior on Our website. However, Integreon may use IP addresses to identify you when Integreon feels, in its sole discretion, that it is necessary to enforce compliance with its Terms of Use, this Privacy Policy, to protect Our services, website, systems, information, employees, business partners, affiliates, users, customers or others, or when required by law. We also may determine what technology is available through your browser in order to serve you the most appropriate version of a web page. For example, We may determine that you have installed a version of Flash, and We will then send you the appropriate Flash version of the web page rather than an HTML page.
LIMITATIONS ON USE AND DISCLOSURE OF PERSONAL INFORMATION
As a general rule, Integreon does not share with or disclose to any third parties any specific Personal Information collected from you, except (a) as otherwise described in this Privacy Policy, (b) when Integreon has your permission, (c) other than to support Integreon’s operations and as necessary to facilitate the purpose for which you provided it, or (d) under special circumstances such as, but not limited to, when Integreon believes in good faith that the law requires such disclosure, or when the disclosure will protect the safety of others.
Where the GDPR or UK GDPR applies to Our processing of Personal Information any sharing of this Personal Information is in line with Our EU/UK privacy policy also on the Site.
Affiliates: Integreon may share any or all of your Personal Information with and among Our affiliated or related entities, including Integreon affiliates located in the EU and elsewhere. These affiliated companies will use your Personal Information only to accomplish the purposes for which the Personal Information was collected. Any onward transfer of your Personal Information may also be done to allow these entities to offer you information about their businesses, products or services that may be of interest to you, or for other lawful business purposes. Integreon Managed Solutions Limited acts as the representative of Integreon in relation to UK GDPR matters. If you wish to contact Integreon in relation to any issues related to Integreon processing personal data which is subject to UK GDPR, you can contact Our UK representative at DPO@integreon.com.
Accountability for Onward Transfer (Transfers to Third Parties): If Integreon transfers information to a third party that is acting as its agent, Integreon will require the third party to have adequate privacy protection as is required by the relevant Data Privacy Framework Principles or under other data protection laws. With respect to onward transfers, Integreon remains liable under the Data Privacy Framework Principles if Our agent processes personal information in a manner inconsistent with the Data Privacy Framework Principles, unless Integreon proves that it is not responsible for the event giving rise to the damage.
Other: Integreon may, if required by law, legal process, litigation and/or requests from public or governmental authorities, disclose your Personal Information. We may also disclose Personal Information about you if We determine, in good faith and in Our sole discretion, that such disclosure is necessary for purposes of national security, law enforcement, the prevention of a crime, or other issues of public importance. We may also disclose Personal Information about you if We determine, in Our sole discretion, that it is reasonably necessary to enforce the Terms of Use, or to protect Our operations or users. Additionally, in the event of a corporate reorganization, merger or acquisition, or sale, We may transfer any and all Personal Information we collect to a relevant third party. Disclosures and transfers of personal data which are subject to EU GDPR or UK GDPR will be effected in accordance with the relevant requirements of such legislation.
OPTING OUT: HOW YOU CONTROL THE USE OF YOUR PERSONAL INFORMATION
In the event you decide that you want to opt out from Integreon’s use of your Personal Information that you previously provided to Integreon, you may opt out of Our use of your Personal Information by using the “Contact Us” option at http://www.integreon.com/contact-us/.
Additionally, you can contact Us regarding exercising the following rights:
- Access data
- Change or correct data
- Delete data
- Object to or restrict the use of certain personal data
- Request access to your data
Where the GDPR or UK GDPR applies to Our processing of Personal Information any sharing of this Personal Information your rights are set out in Our EU/UK privacy policy also on the Site.
INTEGRITY, PROTECTION AND RETENTION OF YOUR PERSONAL INFORMATION
While Integreon endeavors to protect your Personal Information, We cannot warrant the security of any Personal Information, and ultimately you provide your Personal Information to Us at your own risk. Integreon uses commercially reasonable efforts and security practices to safeguard your Personal Information, and employs security measures designed to protect your Personal Information from access by unauthorized persons. Some of those measures include, but may not be limited to, encryption, physical access controls, restricted access to data, monitoring for threats and vulnerabilities, and firewalls and use of Secure Socket Layers (SSL). Integreon retains your Personal Information for the period necessary to fulfil the purpose for which it was collected, as outlined previously in this Privacy Policy, unless a longer retention period is mandated or permitted by law.
CHILDREN
This website is not intended for use by children. Integreon does not knowingly solicit or collect Personal Information from children under the age of 16. If you are under the age of 16, you must obtain the consent of your parent or guardian to use this website. Integreon encourages parents and guardians to take an active role in their children’s online activities and interests.
Where EU GDPR or UK GPDR applies, the processing of Personal Information of children under the age of 16 will be carried out in accordance with EU GDPR or UK GDPR.
FEDERAL TRADE COMMISION ENFORCEMENT POWERS
The Federal Trade Commission has jurisdiction over Integreon’s compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF). Under the Federal Trade Commission Act, an organization’s failure to abide by commitments to implement the Data Privacy Framework Principles may be challenged as deceptive by the FTC. The FTC has the power to prohibit such misrepresentations through administrative orders or by seeking court orders.
INQUIRIES AND COMPLAINTS
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Integreon commits to resolve DPF Principles-related complaints about Our collection and use of your personal information. EU and UK and Swiss individuals with inquiries or complaints regarding Our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF should first contact Integreon at:
E-mail: DPO@integreon.com
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Integreon commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner’s Office (ICO) and the Gibraltar Regulatory Authority (GRA) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning Our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF. These independent dispute resolution bodies are designated to address complaints and provide appropriate recourse free of charge. As set out above, Integreon has appointed Integreon Managed Solutions Limited as its UK representative in relation to issues under UK GDPR. You may have the ability, under certain conditions, to invoke binding arbitration for complaints regarding Integreon’s Data Privacy Framework compliance not resolved by any of the other Data Privacy Framework mechanisms. For additional information regarding this arbitration, please visit https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf?tabset-35584=2.
California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) Compliance
California residents, as well as residents of certain other US states, have been afforded new rights under the CCPA/CPRA and laws of certain other US states. Specifically, a California (or other certain US state) resident has the right to:
- Request disclosure of Integreon’s business data collection and sales practices, including the categories of personal information that Integreon has collected, the source of the information, Integreon’s use of the information, and if the information was disclosed or sold to third parties, the categories of personal information disclosed or sold to third parties and the categories of third parties to whom such information was disclosed or sold.
- Request a copy of the specific personal information collected about them during the 12 months before their request (such request can only be made twice in a 12-month period).
- Have such information deleted (with exceptions).
- Request that personal information not be sold to or shared with third parties, if applicable.
- Correct inaccurate personal information.
- Limit the use and disclosure of sensitive personal information collected about them.
- Not be discriminated against if rights are exercised.
Personal information, erasure, third-party sharing restrictions and limiting the purposes for the use of sensitive information requests may be emailed to DPO@integreon.com. Alternatively, such requests can be made by calling the following toll-free number: +1 (866) 312-7023. If you choose to exercise your rights, Integreon will not discriminate against you in any way.
In the past twelve months since the policy effective date, Integreon has collected the following categories of personal data, including personal data that would be considered sensitive information under the CPRA: contact information, government IDs (sensitive information), cookies, financial information (sensitive information), social security numbers (sensitive information), health information (sensitive information), information on race, gender, and ethnicity (sensitive information), and professional, educational, and employment information. The source of all of these categories’ personal information is either from (i) law firm or corporate clients for whom Integreon processes data on behalf of (almost always electronically); (ii) Integreon’s human resources department via the receipt of resumes and job applications on the Integreon website as well as the receipt of updated information during the annual employee benefits renewal process or through emails communicating life changes to the human resources department; (iii) and Integreon’s marketing department via cookies on the Integreon website as well as a “Contact Us” submission page. All categories of data are used either in support of the data processing services Integreon provides to its clients as a business process outsourcing company, for its own internal market research and human resources functions, or for legal and compliance purposes. Integreon only discloses personal information for its business process outsourcing operations in accordance with instructions it receives from its clients — the data controllers. Integreon does not sell personal information. Integreon will only retain personal data for as long as needed to serve the purposes for which it was obtained as was disclosed at the time of receipt, which may include purposes such as human resources management, provision of services as provided under services agreements, and to comply with legal obligations. Moreover, you have the right to opt out of the use of your personal data being used with automated decision-making technology.
CHANGES TO THIS PRIVACY POLICY AND NOTIFICATION TO YOU
Integreon reserves the right, in its sole discretion, to make changes to this Privacy Policy. When changes are made to the Privacy Policy, the “Last Revision Date” field at the top of the Privacy Policy will be updated accordingly. Changes to the Privacy Policy become effective upon posting and updating the “Last Revision Date.” Integreon encourages you to periodically review the Privacy Policy to be informed of any changes. Integreon will at a minimum update the Privacy Policy annually.