CORIZANCE PRIVACY POLICY

Updated August 2020
CORIZANCE Limited and its affiliate companies (collectively, “CORIZANCE”, “We”, or “Us”) are committed to protecting the privacy of individuals who visit CORIZANCE’s web sites (“Visitors”), individuals who register to use the Services as defined below (“Customers”), and individuals who register to attend CORIZANCE’s corporate events (“Attendees”).

This Privacy Policy describes CORIZANCE’s privacy practices in relation to the use of CORIZANCE’s web sites and the related applications and services offered by CORIZANCE (the “Services”). This Privacy Policy and associated practices are intended to demonstrate CORIZANCE’s commitment to transparency, accountability, and choice regarding the collection and use of your personal information.

1. WEB SITE COVERED & LINKS TO OTHER SITES
This Privacy Policy covers the information practices of the web sites and applications operated by CORIZANCE, including but not limited to CORIZANCE.com, www.CORIZANCE.com, ftp.CORIZANCE.com, login.CORIZANCE.com, and other subdomains of CORIZANCE.com (collectively, the “Websites”).

For your convenience, CORIZANCE may provide links to other web sites and web pages that We do not control. CORIZANCE encourages you to review the privacy policies of other web sites to understand their information practices and terms of use.

2. USERS FROM OUTSIDE THE UNITED KINGDOM
Unless otherwise agreed in writing by us, the Websites are provided from within the United Kingdom and is subject to the applicable state and country laws of the United Kingdom. Unless otherwise agreed in writing by us, if you are located outside the United Kingdom, please be aware that your information is being transferred to and stored in the United Kingdom.

3. WE OPERATE IN THE UNITED KINGDOM
Our servers and offices are located in the United Kingdom, so your information may be transferred to, stored, or processed in the United Kingdom unless otherwise agreed in writing by us. While the data protection, privacy, and other laws of the United Kingdom might not be as comprehensive as those in your country, we take many steps to protect your privacy, including offering a data processing agreement to acknowledge our compliance with requirements regarding the cross-border transfer of Personal Data originating from the European Economic Area (EEA), including the EU Directive 95/46/EC on the Protection of Individuals with Regard to the Processing of Personal Data and on the Free Movement of Such Data (as implemented in national law), and effective from 25 May 2018 the requirements under the Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (EU General Data Protection Regulation) (as implemented in national law in the case of EEA member states which are not part of the EU, and as amended from time to time).

By using our Websites, you understand and consent to the collection, storage, processing, and transfer of your information to our facilities in the United Kingdom and those third parties with whom we share it as described in this policy unless otherwise agreed in writing by us.

4. INFORMATION COLLECTED
When expressing an interest in obtaining additional information about the Services or registering to use the Services, We require you to provide us with personal contact information, such as name, company name, address, phone number, and email address (“Required Contact Information”). When purchasing the Services, CORIZANCE may require you to provide financial qualification and billing information, such as billing name and address, credit card number, and the number of employees within the organization that will be using the Services (“Billing Information”). CORIZANCE may also ask you to provide additional information, such as company annual revenues, number of employees, or industry (“Optional Information”). Required Contact Information, Billing Information, and Optional Information about Customers are referred to collectively as “Data About CORIZANCE Customers”, or in the case of Attendees, “Data About CORIZANCE Attendees”.

As you navigate CORIZANCE’s web sites, CORIZANCE may also collect information through the use of commonly-used information-gathering tools, such as cookies and web beacons (“Web Site Navigational Information”). Web Site Navigational Information includes standard information from your Web browser (such as browser type and browser language), your Internet Protocol (“IP”) address, and the actions you take on CORIZANCE’s web sites (such as the web pages viewed and the links clicked). Additional information about the collection of Web Site Navigational Information by CORIZANCE can be viewed in Section 4 of this Privacy Policy.

With respect to employees and non-employee personnel of CORIZANCE, on occasion, transfers personnel data to the United Kingdom in connection with the efficient management and operation of CORIZANCE, enabling all CORIZANCE personnel to communicate with one another and work together, human resources and benefits administration, and safety and security processes. CORIZANCE may also transfer employee and non-employee personnel data to an agent of CORIZANCE in connection with the above purposes, such as a payroll provider, benefits provider, or background-screening provider. Personnel data may also be processed and transferred to the United Kingdom in connection with collection and discovery requests in the context of litigation or government investigations, and in such context, it may be made available to adverse parties in litigation or governmental entities.

5. USE OF INFORMATION COLLECTED
CORIZANCE uses Data About CORIZANCE Customers to perform the services requested. For example, if you fill out a “Contact Me” Web form, CORIZANCE will use the information provided to contact you about your interest in the Services.
CORIZANCE also uses Data About CORIZANCE Attendees to plan and host corporate events in which event attendees may participate and to populate online profiles for Attendees on CORIZANCE’s web sites. Additional information on CORIZANCE’s privacy practices with respect to Data About CORIZANCE Attendees may be found in additional privacy policies on the event web sites, as the case may be.

CORIZANCE may also use Data About CORIZANCE Customers and Data About CORIZANCE Attendees for marketing purposes. For example, CORIZANCE may use information you provide to contact you to further discuss your interest in the Services and to send you information regarding CORIZANCE, its affiliates, and its partners, such as information about promotions or events.
CORIZANCE uses credit card information solely to check the financial qualifications and collect payment from prospective Customers and Attendees.
CORIZANCE uses Web Site Navigational Information to operate and improve CORIZANCE’s web sites. CORIZANCE may also use Web Site Navigational Information alone or in combination with Data About CORIZANCE Customers and Data About CORIZANCE Attendees to provide personalized information about CORIZANCE.

6. WEB SITE NAVIGATIONAL INFORMATION
As stated previously, CORIZANCE uses commonly-used information-gathering tools, such as cookies and Web beacons, to collect information as you navigate the Company’s Web sites (“Web Site Navigational Information”). This section describes the types of Web Site Navigational Information used on CORIZANCE’s web sites and how this information may be used.

6.1 Cookies. CORIZANCE uses cookies to provide additional functionality to the website and to help Us analyze site usage more accurately. When you visit one of CORIZANCE’s web sites, CORIZANCE’s servers send a cookie to your computer. Standing alone, cookies do not personally identify you; they merely recognize your web browser. Unless you choose to identify yourself to CORIZANCE, either by responding to a promotional offer, opening an account, or filling out a web form, you remain anonymous to CORIZANCE.

CORIZANCE uses cookies that are session-based and persistent-based. Session cookies exist only during one session. They disappear from your computer when you close your browser software or turn off your computer. Persistent cookies remain on your computer after you close your browser or turn off your computer. Please note that if you disable your web browser’s ability to accept cookies, you will be able to navigate CORIZANCE’s web sites, but you will not be able to successfully use the Services.

6.2 Web Beacons. CORIZANCE uses web beacons alone or in conjunction with cookies to compile information about Customers and Visitors’ usage of CORIZANCE’s web sites and interaction with emails from CORIZANCE. Web beacons are clear electronic images that can recognize certain types of information on your computer, such as cookies, when you viewed a particular web site tied to the web beacon, and a description of a web site tied to the web beacon. For example, CORIZANCE may place web beacons in marketing emails that notify CORIZANCE when you click on a link in the email that directs you to one of CORIZANCE’s web sites. CORIZANCE uses web beacons to operate and improve CORIZANCE’s web sites and email communications.

6.3 IP Addresses. When you visit CORIZANCE’s web sites, CORIZANCE collects your Internet Protocol (“IP”) addresses to track and aggregate non-personal information. For example, CORIZANCE uses IP addresses to monitor the regions from which Customers and Visitors navigate CORIZANCE’s web sites.
CORIZANCE also collects IP addresses from Customers when they log into the Services as part of CORIZANCE’s “Identity Confirmation” and “IP Range Restrictions” security features.

7. SHARING OF INFORMATION COLLECTED
7.1 Service Providers. CORIZANCE may share Data About CORIZANCE Customers and Data About CORIZANCE Attendees with CORIZANCE’s contracted service providers so that these service providers can provide services on CORIZANCE’s behalf. CORIZANCE may also share Data About CORIZANCE Customers with CORIZANCE’s service providers to ensure the quality of the information provided. Unless described in this Privacy Policy, CORIZANCE does not share, sell, rent, or trade any information with third parties for their promotional purposes.

7.2 Business Partners. From time to time, CORIZANCE may partner with other companies to jointly offer products or services. If you purchase or specifically express interest in a jointly-offered product or service from CORIZANCE, We may share Data About CORIZANCE Customers collected in connection with your purchase or expression of interest with our joint promotion partner(s). CORIZANCE does not control our business partners’ use of the Data About CORIZANCE Customers we collect, and their use of the information will be in accordance with their own privacy policies. If you do not wish for your information to be shared in this manner, you may opt not to purchase or specifically express interest in a jointly offered product or service.
CORIZANCE does not share Data About CORIZANCE Attendees with business partners unless: (1) you specifically opt into such sharing via an event registration form or (2) you register to attend a CORIZANCE corporate event, including webinars. If you do not wish for your information to be shared in this manner, you may choose not to opt-in via event registration forms and elect not to have your badge scanned at CORIZANCE events. If you choose to share your information with business partners in the manners described above, your information will be subject to the business partners’ respective privacy policies.

7.3 Billing. CORIZANCE uses a third-party service provider to manage credit card processing. This service provider is not permitted to store, retain, or use Billing Information except for the sole purpose of credit card processing on CORIZANCE’s behalf.

7.4 Compelled Disclosure. CORIZANCE reserves the right to use or disclose information provided if required by law or if CORIZANCE reasonably believes that use or disclosure is necessary to protect CORIZANCE’s rights and/or to comply with a judicial proceeding, court order, or legal process.

8. INTERNATIONAL TRANSFER OF INFORMATION COLLECTED
To facilitate CORIZANCE’s global operations, CORIZANCE may transfer and access Data About CORIZANCE Customers and Data About CORIZANCE Attendees from around the world, including the United Kingdom. This Privacy Policy shall apply even if CORIZANCE transfers Data About CORIZANCE Customers or Data About CORIZANCE Attendees to other countries.

9. COMMUNICATIONS PREFERENCES
CORIZANCE offers Visitors, Customers, and Attendees who provide contact information a means to choose how CORIZANCE uses the information provided. You may manage your receipt of marketing and non-transactional communications by clicking on the “unsubscribe” link located on the bottom of CORIZANCE’s marketing emails. Additionally, you may send a request specifying your communications preferences to enquiries@CORIZANCE.com. Customers cannot opt-out of receiving transactional emails related to their account with CORIZANCE or the Services.

10. CUSTOMER DATA
CORIZANCE Customers may electronically submit data or information (including personal data) to the Services for hosting and processing purposes (“Customer Data”). CORIZANCE will not review, share, distribute, or reference any such Customer Data except as provided in a Master Services Agreement (or comparable agreement with CORIZANCE), or as may be required by law. In accordance with a Master Services Agreement (or comparable agreement with CORIZANCE), We may access Customer Data only for the purpose of: (i) providing the Services (including with our contracted service providers as further described in Section 5.1 hereto); (ii) preventing or addressing service or technical problems; (iii) at a Customer’s request in connection with customer support matters; or (iv) as may be required by law.

11. Security
CORIZANCE uses robust security measures to protect Customer Data from unauthorized access, maintain data accuracy, and help ensure the appropriate use of Customer Data. When the Services are accessed using Internet Explorer version 11.0 or later, Firefox version 48.0 or later, Chrome version 56.0 or later, Safari version 10.0 or later, Secure Socket Layer (“SSL”) technology protects Customer Data using both server authentication and data encryption. These technologies help ensure that Customer Data is safe, secure, and only available to the Customer to whom the information belongs and those to whom the Customer has granted access.
CORIZANCE also implements an advanced security method based on dynamic data and encoded session identifications, and CORIZANCE hosts its web sites in a secure server environment that uses firewalls, intrusion detection systems, and other advanced technology to prevent interference or access from outside intruders. CORIZANCE also offers enhanced security features within the Services that permit Customers to configure security settings to the level they deem necessary. Customers are responsible for maintaining the security and confidentiality of their CORIZANCE usernames and passwords.

Because CORIZANCE uses the Services to maintain Data About CORIZANCE Customers and Data About CORIZANCE Attendees, this information, which is stored in the Services, is secured in the same manner as described above for Customer Data.

12. CORRECTING AND UPDATING YOUR INFORMATION
CORIZANCE shall allow you access to your personal data and allow you to correct, amend or delete inaccurate information, except where the rights of persons other than you would be violated. Any requests We receive by email or web form to access, change, or delete your information will be completed within thirty (30) days. Normally, Customers may update or change their registration information by editing their user profiles or organization records at the appropriate CORIZANCE website. Normally, Attendees may update or change their registration information after logging into the appropriate CORIZANCE website for the given CORIZANCE corporate event.

13. CHANGES TO THIS PRIVACY POLICY
CORIZANCE reserves the right to change this Privacy Policy. When needed, CORIZANCE will provide notification of the material changes to this Privacy Policy through CORIZANCE’s web sites at least thirty (30) business days prior to the change taking effect.

14. ENFORCEMENT
CORIZANCE uses a self-assessment approach to assure compliance with this Privacy Policy and periodically verifies that this Privacy Policy is accurate, comprehensive for the information intended to be covered, prominently displayed, completely implemented and accessible and in conformity with the UK Laws.

CORIZANCE has a designated employee who oversees and is accountable for the security of Data on CORIZANCE’s web sites.

15. CONTACTING US
Questions regarding this Privacy Policy or the information practices of CORIZANCE’s web sites should be addressed to CORIZANCE’s designated contact by emailing enquiries@CORIZANCE.com.