CSI complies with the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union, the United Kingdom and Switzerland to the United States, respectively. CSI has certified to the Department of Commerce that it adheres to the Privacy Shield Principles.
If there is any conflict between the terms in this Policy and the Privacy Shield Privacy Principles, the Privacy Shield Privacy Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov.
CSI is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).
CSI personnel may access and use personal data only if they are authorized to do so and only for the purposes for which they are authorized. All CSI employees who handle personal data from EU, UK and Swiss individuals are required to comply with the Principles stated in this Policy.
Collection and Use of Personal Data
CSI collects only the information necessary to serve those customers and visitors who request information by way of our website. When you visit our website, www.csiweb.com, you may provide us with two basic types of information: personal information that you consciously choose to disclose on an individual basis and the website use information (IP Address, Browser data, etc.) of the computer used to access our website.
You may also provide personal information that we request in order for you to register and gain access to our whitepapers, policy guides and complimentary webinars. This information may include but is not limited to:
- First and Last Name
- Company Name
- Phone Number
- Email Address
- Physical Address
CSI may periodically use the personal information provided to inform you about products and services or special offers that may be relevant to you and your industry.
At times, job opportunities may be posted to our Careers page. You may choose to provide CSI with a resume in response to one of these postings. CSI will only use the information included on your resume to evaluate you as a candidate for employment. CSI employees reside in the United States.
CSI is a strong advocate for protecting the privacy of children online. Our website and services are not intended to be used by children, nor do we intentionally collect personal information from children under the age of 18. If you are under the age of 18 years, please do not register or otherwise provide information to CSI on a CSI website. CSI does not sell personal information about children under the age of 18. CSI is diligent in its compliance with laws and regulations regarding the privacy of children and complies with the Children’s Online Privacy Protection Act.
Internet Protocol (IP) Address Collection
All computers that browse the Internet have an IP address assigned to them. When you visit our website, your assigned IP address and browser data are collected and sent to our CRM (customer relationship management) system and search provider partner. This information provides CSI the ability to locate the geographic region of the computers that visit our website.
CSI may periodically use the personal information provided to inform you about products and services or special offers that may be relevant to you and your industry. If you choose not to receive these emails, you may opt-out by notifying us at firstname.lastname@example.org or by clicking the opt-out link within the body of an email message.
Visitors are not required to register to use this website.
Information from Third Party Services
For certain products, CSI serves as a service provider. In our capacity as a service provider, we will receive, store, and/or process personal data. In such cases, we are acting as a data processor and will process the personal information on behalf of and under the direction of the third party that contracted our services. This information may include:
- Individual’s Name
- Place of Birth
- Date of Birth
- Identification Numbers
- Phone Number
- Email Address
CSI uses personal data that it collects indirectly in its role as a service provider for the following business purposes, without limitation:
- delivering and providing the requested products/services;
- storing and processing data, including personal data, in computer databases and servers located in the United States;
- verifying individual customers identity; and
- as otherwise required by law.
Individuals whose data is being handled by CSI in our capacity as a data processor and who wish to exercise their right to access their personal data or exercise the ability to opt-out of having their data used or shared in ways not originally authorized should address their concerns to the data controller, which is the company with which they originally placed their data. Contact CSI through the methods specified in the section titled ‘Questions or Complaints’ below, to assist with this process.
Disclosures / Onward Transfers of Personal Data
For individuals who have placed their data directly with us, CSI does not sell, share, or disclose any provided information to a third party, except as otherwise provided herein. CSI discloses personal data only to Third Parties who reasonably need to know such data only for the scope of the initial transaction and not for other purposes. Such recipients must agree to abide by confidentiality obligations.
CSI may provide personal data to Third Parties that act as agents, consultants, and contractors to perform tasks on behalf of and under our instructions. For example, CSI may store such personal data in the facilities operated by Third Parties. Such Third Parties must agree to use such personal data only for the purposes for which they have been engaged by CSI and they must contractually agree to provide adequate protections for the personal data that are no less protective than those set out in this Policy.
Please be aware that CSI may be required to disclose an individual’s personal information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements. In cases of onward transfer to third parties of data of EU, UK and Swiss individuals received pursuant to the EU-US and Swiss-US Privacy Shield, CSI is liable unless we can prove we were not a party to the events giving rise to the damages.
Your Rights and Choices Regarding Your Data
European Union, United Kingdom and Swiss Individuals Right to Access, Change or Delete Personal Data
Individual customers have the right to know what personal information about them is included in the databases and to ensure that such personal data is accurate and relevant for the purposes for which CSI collected it. Individual customers may review their own personal data stored in the databases and correct or amend any data that is incorrect, as permitted by applicable law and CSI policies. Furthermore, EU, UK and Swiss individuals may request deletion of information that has been processed in violation of the Principles. Upon reasonable request and as required by the Privacy Shield principles, CSI allows individual customers access to their personal data, in order to correct or amend such data where inaccurate.
CSI will endeavor to respond in a timely manner to all reasonable requests to view, modify, or inactivate personal data. You may visit our privacy request portal to exercise rights via our website.
Direct any questions or complaints through the methods specified in the section titled ‘Questions or Complaints’ below.
In compliance with the EU-US and Swiss-US Privacy Shield Principles, CSI commits to resolve complaints about your privacy and our collection or use of your personal information. European Union, United Kingdom or Swiss individuals with inquiries or complaints regarding this Policy should contact:
Computer Services, Inc. (CSI)
ATTN: Data Protection Officer
3901 Technology Drive
Paducah, KY 42001
CSI has further committed to refer unresolved privacy complaints under the EU-US and Swiss-US Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://bbbprograms.org/programs/all-programs/bbb-privacy-shield/file-a-complaint for more information and to file a complaint.
If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction.
The California Consumer Privacy Act provides California residents with the additional rights listed below. To exercise these rights, see the “Exercising Your California Privacy Rights” section.
Right to Know: You have the right to know and see what data we have collected about you over the past 12 months, including:
- The categories of personal information we have collected about you;
- The categories of sources from which the personal information is collected;
- The business or commercial purpose for collecting your personal information;
- The categories of third parties with whom we have shared your personal information; and
- The specific pieces of personal information we have collected about you.
Right to Delete: You have the right to request that we delete the personal information we have collected from you (and direct our service providers to do the same). There are a number of exceptions; however, that include, but are not limited to, when the information is necessary for us or a third party to do any of the following:
- Complete your transaction;
- Provide you a good or service;
- Perform a contract between us and you;
- Protect your security and prosecute those responsible for breaching it;
- Protect the free speech rights of you or other users;
- Engage in public or peer-reviewed scientific, historical, or statistical research in the public interests that adheres to all other applicable ethics and privacy laws;
- Comply with a legal obligation; or
- Make other internal and lawful uses of the information that are compatible with the context in which you provided it.
Right to Opt-Out: You have the right to opt-out of the sale of personal information.
Other Rights: You also have the right not to be discriminated against for exercising any of the rights listed above.
Exercising Your California Privacy Rights: To request access to or deletion of your personal information, or to exercise any other data rights under California law, please contact us by using one of the following methods:
Online Privacy Request: You may visit our privacy request portal to exercise rights via our website.
Toll Free Number: You may call (833) 700-6909 to exercise rights. Please listen to the prompts closely so that we can process your request in an efficient manner.
Response Timing and Verification: CSI aims to respond to a consumer request for access or deletion within 45 days of receiving that request. If we require more time, we will inform you of the reason and extension period in writing. A consumer privacy request is free and may be made once a year.
Please note, to help protect your privacy and maintain security, we take steps to verify your identity before granting access to your personal information or complying with deletion requests.
Authorized Agent: California residents may designate an authorized agent to make right to know or right to request that we delete the personal information we have collected from you. CSI takes steps to verify that you have provided the authorized agent written permission to make the request and we also verify the identity of the authorized agent.
California Information We’ve Collected
In the previous 12 months, we have collected the following categories of information from California residents:
|Categories of Personal Information under the California Consumer Privacy Act|
|Category||Sources of information||How we use it||Types of individuals affected||How we share it|
|Identifiers||We collect this information directly from our website visitors submitting registrations or technical information when you use our sites, people who supply data on social media platforms, CSI Customer Conference registration, Marketing activities (i.e., web registrations, surveys, webinars, whitepapers, tradeshows lead collection, marketing mailing lists)||To enable the use of our sites; Marketing and advertising; To provide services related to employment such as benefits, insurance, job recruiting, and payroll||People who use our sites; CSI employees, dependents, beneficiaries; Job applicants; CSI Customer Conference attendees; Tradeshow attendees providing data||We share marketing data with our marketing service providers.
We share employment and job applicant data with our human resource service providers.
We share CSI Customer Conference attendee names and the attendee company name with conference sponsors.
|Personal information under California Civil Code section 1798.80||We collect this information from our employees||To provide services related to employment such as benefits, insurance, and payroll||CSI employees, dependents, and beneficiaries||We share this data with our human resource service providers|
|Protected Classifications||We collect this information from our employees||To provide services related to employment such as benefits and insurance||CSI employees||We share this data with our human resource service providers|
|Commercial information||We don’t collect this data||None||None||None|
|Biometric information||We don’t collect this data||None||None||None|
|Electronic network activity information||We collect this information from users of our sites||To enable use of our sites, to understand how our users interact with our sites, fraud and crime prevention||People who use our sites||We share this data with marketing service providers|
|Geolocation data||We collect this information from the users of our sites||To understand how our users interact with our sites, and to improve our offerings||People who use our sites||We share this data with our marketing service providers|
|Audio, electronic, visual, thermal, olfactory, or similar information||We collect video footage (e.g., CCTV) surrounding our facilities||Fraud or crime prevention||People who are in range of CCTV cameras near our facilities||We don’t share|
|Professional or employment-related information||We collect this information from our employees||To provide services related to employment such as benefits, insurance, and payroll||CSI employees, dependents, and beneficiaries||We share this data with our human resource service providers|
|Education information||We don’t collect this data||None||None||None|
|Inferences||We generate these internally||To understand how users interact with our sites||People who use our sites||We don’t share|
Data Integrity and Security
CSI uses secure encryption technology to protect certain categories of personal data. To secure customer data sufficiently, we have implemented industry-accepted physical and logical security policies and procedures to safeguard against the unauthorized access, disclosure, alteration or destruction of our customers’ information. Despite these precautions, no data security safeguards guarantee 100% security all of the time.
Changes to this Policy
Computer Services, Inc. (CSI)
ATTN: Data Protection Officer
3901 Technology Drive
Paducah, KY 42001
Last Updated: July 17, 2020
Effective Date: November 25, 2016