Privacy Policy

Causeway – Privacy Policy

 

Last Modified: May 07, 2018

Introduction

This Causeway website (“Website”) is a service of Vital Technical Marketing, Inc., dba VTM Group, (“VTM” or “We”) provided to the company or organization through which you are accessing this Website (“Company”). We respect your privacy and are committed to protecting it through our compliance with this Privacy Policy (“Policy”). This Policy describes the types of information we may collect and our practices for collecting, using, maintaining, protecting, and disclosing that information. This Policy is supplemented by and includes our Privacy Shield Policy and GDPR Compliance Policy

If you do not agree with our policies and practices, your choice is not to use our Website. By accessing or using this Website, you agree to this Policy. This Policy may change from time to time (see Changes to Our Privacy Policy Your continued use of this Website after we make changes is deemed to be acceptance of those changes, so please check the Policy periodically for updates.

We have recently updated this Policy in our effort to be a compliant data processor under the GDPR. Please see our section on GDPR Compliance

What information do we collect? 

We collect information from you when you register on this Website, that you may provide when you visit the Website, and that is generated by the use of the Website by you and others. We collect the following types of information:

  • Personally identifying personal data (Name only),
  • Social network personal data (LinkedIn and Twitter),
  • Computer device personal data (IP Address only), and
  • Professional and professional contact personal data.

This information is collected through the following means:

  • When registering on Causeway, you will be required to enter your name, the company you work for, and your work e-mail address. All of this information is required to have an account on this Website.  You will also have the option to select your country.
  • When registering on Causeway and in your user profile, you will also have the option to enter additional information: phone number, mailing address, job title, and LinkedIn and Twitter URLs (“Optional Data”). This data may be edited or deleted by you at any time via your user profile.
  • When you and others use the Website, information is automatically collected as you and others navigate and use the functions of the Website (“Activity Data”), which includes work group use, tasks assigned or performed, voting, calendar entries, wiki and document creation and edits, discussions sent, and news posts. Activity Data is also kept in user activity logs, which also include your IP address.

Activity Data includes your contributions to the Website (“User Contributions”), such as wiki creation and edits, voting, discussions, and news posts. Your User Contributions are posted on and transmitted to others at your own risk. Although we limit access to certain pages and the Website overall, please be aware that no security measures are perfect or impenetrable. Additionally, we cannot control the actions of other users of the Website who may have access to your User Contributions. Therefore, we cannot and do not guarantee that your User Contributions will not be viewed by unauthorized persons.

Accessing and Correcting Your Information

You can review and change or delete your Optional Data at any time by logging into the Website and visiting your account profile page.

To understand the personal data that can be deleted and circumstances for doing so, you must contact the administrator(s) of the Website.

Proper access and use of information provided on the Website, including User Contributions, is governed by our Terms of Service

What do we use your information for? 

Any of the information we collect from you may be used in any of the following ways: 

  • To carry out our obligations and enforce our rights arising from our agreement to provide a Causeway site to the Company (your User Contributions are a key part of the Service we provide under our agreement with the Company)
  • To personalize your experience (your information helps us to better respond to your individual and the Company’s needs) 
  • To improve our website (we continually strive to improve our website offerings based on the information and feedback we receive from you) 
  • To improve customer service (your information helps us to more effectively respond to your customer service requests and support needs) 
  • To send periodic emails (The email address you provide may be used to send you information, respond to inquiries, and/or other requests or questions)

How do we protect your information? 

We implement a variety of security measures to maintain the safety of your personal information when you enter, submit, or access your personal information. 

We offer the use of a secure server. All supplied sensitive information is transmitted via Secure Socket Layer (SSL) technology and then entered into our Database. This information is only accessed by individuals who are authorized with special access rights to our systems, and who are required to keep the information confidential. 

We do not collect or store private information such as credit card numbers, social security numbers, or other sensitive financial information within Causeway.

Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our Website. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Website.

Do we use cookies? 

Yes. Cookies are small files that a site or its service provider transfers to your computer’s hard drive through your Web browser (if you allow) that enables the site or service provider systems to recognize your browser and capture and remember certain information. You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if you select this setting you may be unable to access certain parts of our Website. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our Website.

We use cookies to track your activity while using the Website. The unique Session ID that is stored in the cookie is also stored on our server for a period of 3 hours and is then deleted.

Do we disclose any information to outside parties? 

We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information. This does not include trusted third parties who assist us in operating the Website, conducting our business, or servicing you or the Company, so long as those parties agree to keep this information confidential. We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others’ rights, property, or safety. 

We may disclose aggregated information about our users, and information that does not identify any individual, without restriction.

California Online Privacy Protection Act Compliance 

Because we value your privacy we have taken the necessary precautions to be in compliance with the California Online Privacy Protection Act. We therefore will not distribute your personal information to outside parties without your consent.

As part of the California Online Privacy Protection Act, all users of our Website may make any changes to their information at any time by logging in to Causeway and going to the 'My Profile' page. 

Children’s Online Privacy Protection Act Compliance 

We are in compliance with the requirements of COPPA (Children’s Online Privacy Protection Act), we do not collect any information from anyone under 13 years of age. Our website, products and services are all directed and intended to people who are at least 13 years old or older, and no one under age 13 may provide any information to or on the Website. If we learn we have collected or received personal information from a child under 13 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 13, please contact us at
support@causeway.com.

Online Privacy Policy Only 

This online privacy policy applies only to information collected through our website and not to information collected offline. 

Your Consent 

By using our site, you consent to this Policy. 

Changes to our Privacy Policy 

If we decide to change this Policy, we will post those changes on this page, and/or update the Policy modification date below. If we make material changes to how we treat our users' personal data, we will notify you through a notice on the Website home page or by email to the email address specified in your account. The date the privacy policy was last revised is identified at the top of the page. You are responsible for ensuring we have an up-to-date active and deliverable email address for you, and for periodically visiting our Website and this privacy policy to check for any changes.

This Policy was last modified on May 07, 2018.

Contacting Us 

If there are any questions regarding this Policy, you may contact us using the information below. 

Causeway c/o VTM Group
3855 SW 153rd Drive
Beaverton, OR 97003
USA
inquire@causewaynow.com
+1.503.619.0583

 


 

GDPR Compliance Policy

Last Modified: May 07, 2018

Introduction

This GDPR Compliance Policy describes how Vital Technical Marketing, Inc., dba VTM Group, in the United States (“US”) (“VTM,” “we,” or “us”) processes certain personal data that we receive in the US from the European Economic Area (“Personal Data”). This GDPR Compliance Policy supplements our Website Privacy Policy only insofar as you are an EU Data Subject as defined below, and unless specifically defined in this GDPR Compliance Policy, the terms in this GDPR Compliance Policy have the same meaning as the Website Privacy Policy.

Definitions

  • “Data Protection Legislation” means the Regulation (EU) 2016/679, commonly known as the Global Data Protection Regulation or GDPR.
  • “EU Data Subject” means an individual located in the European Union and the countries of Iceland, Liechtenstein and Norway and, if applicable, Switzerland.

Any term not defined herein has the same meaning as it is defined under the Data Protection Legislation if and only if it is specifically defined under the Data Protection Legislation.

Data Processor

VTM is the data processor on behalf of the Company processing data via Causeway. The Company is the data controller.

Data Collection and Processing

VTM processes the personal data set out in the section of the Website Privacy Policy titled What information do we collect?  and for purposes set out in the section of the Website Privacy Policy titled ‘What do we use your information for?’.  A full table setting out all the information collected and its deletion and retention policy is set forth at the very bottom of this GDPR Compliance Policy - Personal Data Deletion and Retention Policy Table. 

Basis for Processing

VTM processes your personal data to fulfill its contractual obligations under VTM’s Service Agreement with the Company and as a result of your express consent to the Privacy Policy and Terms of Service and your implied consent in continuing to use this Website.

Sharing of Your Personal Data

VTM only shares your personal data with the Company or VTM’s sub-processor Amazon Web Services (“AWS”).

Your Rights

As the data controller, the Company is your point of contact to enforce your rights under the Data Protection Legislation. However, to assist with the Company’s obligation of transparency, we have set forth the table below to help you enforce your rights.

  1.  Right to access personal data about you: You can ask the Company, who is an administrator of the Website, if they are processing your personal data via the Website. If so, the Company can also provide you with a copy of that personal data.
  2. Right to object to processing: You may contact the Company, who is an administrator of the Website, and ask them to have us stop processing your personal data.
  3. Right to data portability: You may contact the Company, who is an administrator of the Website, and ask them for a copy of your personal data.
  4. Right to complain: You have the right to report a problem with the way we have handled your personal data with the data protection authority that is authorized to hear your concern.
  5.  Right to object to automated decision making: As we don’t have any decisions based upon automated decision making, this right is fully met by the Company’s agreement with VTM.
  6.  Right to rectification: The Optional Data (as described in the section of the Website Privacy Policy titled ‘What information do we collect?can be modified at any time via your user profile. All other personal data can be modified by contacting the Company, who is an administrator of the Website.
  7.  Right to be forgotten: The Optional Data (as described in the section of the Website Privacy Policy titled ‘What information do we collect?’ can be deleted at any time via your user profile.  You may contact the Company, who is an administrator of the Website, and ask them to delete any other information. Where possible, the Company’s administrator can delete your personal data or have it anonymized.


Personal Data Deletion and Retention Policy Table

Personal Data

Retention Policy and Procedures

Account Data:

  • Name
  • Company
  • Email (work)
  • Country (can select unspecified)

The Company site administrator has the ability to anonymize a user’s data as set forth above. Otherwise, the information is kept for the life of the Agreement between Company and VTM.

Optional Account Data:

  • Phone
  • Mailing Address
  • Job Title
  • LinkedIn URL
  • Twitter URL
  • Email Mailing Lists

This data is optional and may be edited and/or deleted at any time by the end-user via their profile. Otherwise, the information is kept for the life of the Agreement between Company and VTM.

Cookies:

  • Keeps track of user activity during login session

The unique Session ID that’s stored in the cookie is also stored on the Causeway server file system (on AWS) for a period of 3 hours and is then deleted.

Work Group

  • Member List
  • Name
  • Company
  • Email Address
  • Joined Workgroup Date
  • Status
  • Roles

The Company site administrator has the ability to anonymize a user’s data as set forth above. Otherwise, the information is kept for the life of the Agreement between Company and VTM.

Tasks

  • Description
  • Workgroup
  • Project
  • Assigned To
  • Assigned By
  • Created
  • Start Date
  • Reminder Date
  • Due Date
  • Priority
  • Status
  • Attachments
  • Closed By
  • Comments

The Company site administrator has the ability to anonymize a user’s data as set forth above. Otherwise, the information is kept for the life of the Agreement between Company and VTM.

Voting

  • Who Voted
  • Date Voted
  • Comments

The Company site administrator has the ability to anonymize a user’s data as set forth above. Otherwise, this information is kept for the life of the Agreement between Company and VTM.

Calendar

  • Track attendance by user
  • Track roster for meeting (name and company)
  • Track who requested the meeting

The Company site administrator has the ability to anonymize a user’s data as set forth above. Otherwise, this information is kept for the life of the Agreement between Company and VTM.

Wiki

  • Tracks who created and edited a page (Name, Date)

The Company site administrator has the ability to anonymize a user’s data as set forth above. Otherwise, the information is kept for the life of the Agreement between Company and VTM.

Discussions

  • Email Archives
  • Sender
  • Recipient List
  • Date

The Company site administrator has the ability to anonymize a user’s data as set forth above. Otherwise, the information is kept for the life of the Agreement between Company and VTM.

Documents

  • Title
  • Date
  • Author
  • Company

The Company site administrator has the ability to anonymize a user’s data as set forth above. Otherwise, the information is kept for the life of the Agreement between Company and VTM.

News

  • Title
  • Author
  • Owning Workgroup
  • Status
  • Post At
  • Expires At

The Company site administrator has the ability to anonymize a user’s data as set forth above. Otherwise, the information is kept for the life of the Agreement between Company and VTM.

User Activity Log:

  • User
  • Date
  • Entry Type (Activity)
  • Resource (if applicable)
  • Sub-Resource (if applicable)
  • IP Address
  • Referring Page

The Company site administrator has the ability to anonymize a user’s data as set forth above. Otherwise, this information is kept for the life of the Agreement between Company and VTM.

Outgoing Email Log:

  • Recipient Address
  • Sender
  • Sent
  • Date Sent
  • Subject

The Company site administrator has the ability to anonymize a user’s data as set forth above. Otherwise, this information is kept for the life of the Agreement between Company and VTM.

Inactive User Log:

  • Full Name
  • Email Address
  • Company
  • Last Login
  • Status
  • Last Bounce
  • Bounce Count

The Company site administrator has the ability to anonymize a user’s data as set forth above. Otherwise, this information is kept for the life of the Agreement between Company and VTM.

 


Causeway – Privacy Shield Policy

Last Modified: May 07, 2018

This Privacy Shield Policy (“Policy”) describes how Vital Technical Marketing, Inc., dba VTM Group, in the United States (“US”) (“VTM,” “we,” or “us”) collects, uses, and discloses certain personally identifiable information that we receive in the US from the European Economic Area (“EEA Personal Data”) and Switzerland (“Swiss Personal Data”). This Policy supplements our Website Privacy Policy, and unless specifically defined in this Policy, the terms in this Policy have the same meaning as the Website Privacy Policy.

VTM recognizes that the EEA and Switzerland have established strict protections regarding the handling of EEA and Swiss Personal Data, including requirements to provide adequate protection for EEA and Swiss Personal Data transferred outside of the EEA and Switzerland respectfully. To provide adequate protection for certain EEA and Swiss Personal Data about corporate customers and their members received in the US, VTM has elected to self-certify to the EU-US Privacy Shield Framework and Swiss-US Privacy Shield Framework respectfully, administered by the US Department of Commerce (“Privacy Shield”). VTM adheres to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement, and Liability.

For purposes of enforcing compliance with the Privacy Shield, VTM is subject to the investigatory and enforcement authority of the US Federal Trade Commission. For more information about the Privacy Shield, see the US Department of Commerce's Privacy Shield website located at: https://www.privacyshield.gov. To review the Privacy Shield list, see the US Department of Commerce's Privacy Shield self-certification list located at: https://www.privacyshield.gov/list.

Personal Data Collection and Use

Our Website Privacy Policy describes the categories of EEA and Swiss Personal Data that we may receive in the US as well as the purposes for which we use that EEA and Swiss Personal Data. We process EEA and Swiss Personal Data for the following primary purpose: to fulfill our contractual obligations and carry out our rights under our agreement with the company or organization through which you are accessing this Website (“Company”). Other purposes for which we process EEA and Swiss Personal Data include those set out in ‘What do we use your information for?’  VTM will only process EEA and Swiss Personal Data in ways that are compatible with the purposes that VTM collected it for, or for purposes the individual later authorizes. Before we use your EEA and Swiss Personal Data for a purpose that is materially different than the purposes we collected it for or that you later authorized, we will provide you with the opportunity to opt out. VTM maintains reasonable procedures to help ensure that EEA and Swiss Personal Data is reliable for its intended use, accurate, complete, and current.

We do not collect any category of sensitive EEA and Swiss Personal Data.

Data Transfers to Third Parties

Third-Party Agents or Service Providers. We may transfer EEA and Swiss Personal Data to our third-party agents or service providers who perform functions on our behalf, including Amazon Web Services, which is the data hosting server for all EEA and Swiss Personal Data. Where required by the Privacy Shield, we enter into written agreements with those third-party agents and service providers requiring them to provide the same level of protection the Privacy Shield requires and limiting their use of the data to the specified services provided on our behalf. We take reasonable and appropriate steps to ensure that third-party agents and service providers process EEA and Swiss Personal Data in accordance with our Privacy Shield obligations and to stop and remediate any unauthorized processing. Under certain circumstances, we may remain liable for the acts of our third-party agents or service providers who perform services on our behalf for their handling of EEA and Swiss Personal Data that we transfer to them.

If we transfer your EEA and Swiss Personal Data to one of our affiliated entities within our corporate group, we will take steps to ensure that your EEA and Swiss Personal Data is protected with the same level of protection the Privacy Shield requires.

Disclosures for National Security or Law Enforcement. Under certain circumstances, we may be required to disclose your EEA and Swiss Personal Data in response to valid requests by public authorities, including to meet national security or law enforcement requirements.

Security

VTM maintains reasonable and appropriate security measures to protect EEA and Swiss Personal Data from loss, misuse, unauthorized access, disclosure, alteration, or destruction in accordance with the Privacy Shield.

Access Rights

You may have the right to access the EEA and Swiss Personal Data that we hold about you and to request that we correct, amend, or delete it if it is inaccurate or processed in violation of the Privacy Shield. These access rights may not apply in some cases, including where providing access is unreasonably burdensome or expensive under the circumstances or where it would violate the rights of someone other than the individual requesting access. If you would like to request access to, correction, amendment, or deletion of your EEA and Swiss Personal Data, you can submit a written request to the contact information provided below. We may request specific information from you to confirm your identity. In some circumstances we may charge a reasonable fee for access to your information.

Questions or Complaints

You can direct any questions or complaints about the use or disclosure of your EEA and Swiss Personal Data to us at:

Causeway, c/o Lindsay Adamson

3855 SW 153rd Drive
Beaverton, OR 97003
USA
inquire@causewaynow.com
+1.503.619.0853

We will investigate and attempt to resolve any complaints or disputes regarding the use or disclosure of your EEA and Swiss Personal Data within 45 days of receiving your complaint. For any unresolved complaints, we have agreed to cooperate with Insight Association. If you are unsatisfied with the resolution of your complaint, you may contact Insight Association for further information and assistance.

Binding Arbitration

You may have the option to select binding arbitration for the resolution of your complaint under certain circumstances, provided you have taken the following steps: (1) raised your complaint directly with VTM and provided us the opportunity to resolve the issue; (2) made use of the independent dispute resolution mechanism identified above; and (3) raised the issue through the relevant data protection authority and allowed the US Department of Commerce an opportunity to resolve the complaint at no cost to you. For more information on binding arbitration, see US Department of Commerce's Privacy Shield Framework: Annex I (Binding Arbitration).

Contact Us

If you have any questions about this Policy or would like to request access to your EEA and Swiss Personal Data, please contact us as follows:

Causeway, c/o Lindsay Adamson

3855 SW 153rd Drive
Beaverton, OR 97003
USA
inquire@causewaynow.com
+1.503.619.0853

Changes to This Policy

We reserve the right to amend this Policy from time to time consistent with the Privacy Shield's requirements.

Effective Date: May 25, 2018

Last Modified: May 7 2018