(Effective Date September 2016)
As a condition of use of this website and related Service (as defined below), You (“User(s)”) agree on your own behalf and on behalf of each entity on whose behalf you act, to the terms of this Policy, as amended from time to time, and to the practices for the collection, use, or disclosure of your personal information as described herein.
Collection and Use of Information
Perfect and its Global Subsidiaries collect, use, and retain information, including “Personal Information,” (“Information”), about Users and “User Companies” through our websites, through third party vendors, and through hosted on-demand software as a service software application, to service, identify, and communicate with Users and potential customers (collectively, the “Service”). Perfect and its Global Subsidiaries’ work with third parties consisting of, vendors, suppliers, buyers, users, auditors, subcontractors, and agents such as lawyers and accountants.
Perfect and its Global Subsidiaries are aware of the potential liability in cases of onward transfers of Privacy Shield data to third parties, and employ at a minimum, reasonable industry standard precautions to mitigate any potential risks. When transferring personal data to authorized third parties, Perfect and its Global Subsidiaries agree to the following: (i) transfer such data only for its limited and specified purposes (ii) ensure that third parties provide at least the same level of privacy protection as is required by the Principles (iii) take reasonable and appropriate steps to ensure that third parties effectively process the personal information transferred in a manner consistent with Perfect’s and its Global Subsidiaries’ obligations under the Principles (iv) upon notice, take reasonable and appropriate steps to stop and remediate unauthorized processing and (v) upon request, provide a summary or a representative copy of the relevant privacy provisions of the contract with the third party to the Department.
Public Facing Marketing Websites and Prospective Customers
Perfect and its Global Subsidiaries publish a public website for marketing purposes (www.perfect.com) which is hosted in the Commonwealth of Virginia, in the United States.
As a general policy, Perfect and its Global Subsidiaries do not automatically collect or store Information concerning visitors to our public websites except information generally considered “Website Visitor Analytics Data” such as:
The Internet address of the website from which User linked directly to our site, if any, and if navigating from a search engine site, may collect search information through one or more third party service providers,
The type of web browsing software User uses to view Perfect and its Global Subsidiaries’ sites, such as Microsoft Internet Explorer, and
The date and time User accesses our site.
Website Visitor Analytics Data are not matched or cross referenced with other data except in conjunction with evaluating website effectiveness. Visitors to public facing marketing websites for Perfect and its Global Subsidiaries may be asked to provide personal contact information with the purpose of soliciting contact by Perfect and/or its Global Subsidiaries. The contact information that these visitors provide is added to a “Marketing List,” which is contained in a third party provided software as a service customer relationship management database hosted by a large U.S. based provider.
For the purpose of identifying potential business customers, Marketing Lists may be supplemented or additional contacts may be added from time to time through the use of third party marketing list providers such as Zoom Information, Inc. or Hoovers. Perfect and its Global Subsidiaries currently do not purchase marketing lists for European markets, except as provided in connection with fees for participation in a tradeshow or similar event. Whenever marketing lists are purchased, Perfect requires providers to make appropriate contractual representations regarding compliance with the privacy laws of the countries where the contacts are located. In addition, Information may be added to Marketing Lists from tradeshows or through personal interactions with employees or agents. Contact information typically included in the Marketing List includes name, title, business name, address, phone number, and e-mail address.
Perfect, its Global Subsidiaries, or a contracted third party marketing firm will use the Marketing List to communicate on a regular basis with potential customers using email and/or a dynamic e-Newsletter with a Perfect domain and e-mail as the sender. Click through responses are collected, scored, and stored with the Marketing List. If the score is significant, a phone call will be placed to the target which will ask the target for confirmation that the user is interested. At any time, any person on a Marketing List may request to be removed, may request for access to their personal data, or may request a correction, amendment, or deletion be made to incorrect personal data, and such requests will be reasonably accommodated, except where providing access would be disproportionate to the risks to the individual’s privacy in the case in question, or where the rights of persons other than the individual would be violated.
Software as a Service Application
In addition to maintaining useful Marketing Lists, Perfect and/or its Global Subsidiaries may use Information to provide Users with information relating to products and services provided by Perfect or its Global Subsidiaries, to respond to specific questions from Users, to comply with certain reporting laws and regulations, to design or improve our products and services, to extend invitations to participate in sourcing events, and to communicate with Users regarding our offerings.
If User becomes a Customer of Perfect or one of its Global Subsidiaries, (“Customer”), User will provide Perfect with additional information about User in order to facilitate transactions that User or User Companies may initiate through Perfect’s software as a service application.
If a Customer initiates a transaction through any software as a service application, that Information User provides will be used to facilitate the completion of the transaction.
If User subscribes to the Perfect Open Supplier Network (OSN) as a “Supplier,” Information may be shared with other Customers who use the OSN as “Buyers” as part of the Perfect trading partner directory, unless User exercises the Opt-out procedures below or otherwise restricts authorization of use as part of a signed contract with Perfect. Inclusion in the Perfect trading partner directory means that Information identifying Suppliers will be exposed to all Buyers using the OSN.
Customers of the Services will be using the Site to host data and information (“Data”). In the collection and use of this Data, Perfect and its Global Subsidiaries generally function as a Data Processor, as defined by various laws and as established in customer contracts. Perfect Commerce will not review, share, distribute, print, or reference any such Data except as provided herein, in the contract agreement with Customer, or as may be required by law. Individual Data records may at times be viewed or accessed for the purpose of resolving a problem, support issue, suspected violation of the contract agreement, or as may be required by law. Customers are responsible for maintaining the confidentiality and security of their user registration login id and password.
Unless prohibited by law or by contract, Perfect and its Global Subsidiaries do aggregate Data containing personal information about Customers and the electronic commerce conducted through the OSN in order to, among other things, compile and distribute aggregated or sanitized statistics and general OSN information about Customers. Perfect and its Global Subsidiaries do this in a manner that would not reveal individual personal information except to a Customer and only then would do so for its own Users.
Perfect and its Global Subsidiaries require Customers who register to use the services offered on our websites or software as a service application to provide information which may include: contact name, company name, address, phone number, e-mail address, and financial qualification and billing information such as, billing name and address, credit card number for billing purposes, and the number of Users within the organization that will be using the Service. When a Customer expresses interest in obtaining additional information, or when a Customer registers for the Service, we may also ask for additional personal information, such as title, department name, fax number, or additional company information, such as annual revenues, number of employees, or industry. Perfect cautions Customers against sending credit card information in email, however, Perfect uses encryption technology in its email systems to mitigate some risk.
Customers can opt out by not providing Information when asked or by making a request in accordance with the Opt-out procedures below. Customers with log-in information may also update or remove their personal information at any time by logging into the applications they use and editing their Personal Information within Setup. If this functionality is unavailable with User’s specific software as a service application, or if functionality is otherwise not available, then Information collected may be retrieved and modified upon the reasonable request of the User to email@example.com. Upon receiving such request, Perfect may demand that User reasonably demonstrate the validity of his or her identity. Perfect will not require that any Personal Information be transmitted via unsecured email.
Generally, Perfect and its Global Subsidiaries do not collect Sensitive Information from Users as defined by various laws, except to the extent that a person’s name, title, employer, telephone number, email address, tax identification number, and business address may be considered
Sensitive Information in a particular jurisdiction. The one exception to this is, in the U.S., we do allow our customers to collect business registration information for minority business programs designed to promote minority owned businesses. To that end, by using our website and services, applicable Users consent to potentially having some sensitive information collected, for the aforementioned limited purpose(s). Tax identification information may be collected in general business documents such as IRS Form I-9. Perfect complies with all laws where it does business regarding this tax identification information. Sensitive Information of Perfect’s or its Global Subsidiaries’ employees may be collected and/or used only as required by law.
International Transmission of Information (including Employee Information)
From time to time, personal information may be shared by Global Subsidiaries with Perfect, however, personal information is not shared directly among Global Subsidiaries except between subsidiaries within the European Union. Personal information may be shared by Perfect with Global Subsidiaries, unless expressly prohibited by law.
Generally, for Marketing Lists, vendor information, and human resources information, Perfect has instituted specific procedures to protect the privacy of the employees of customers and of Perfect’s employees and its Global Subsidiaries’ employees who are located in Europe and elsewhere in the world. Perfect provides Customers the option of setting up a semi-anonymous account for the transfer of their employees’ account information. Employees of Perfect and/or its Global Subsidiaries in Europe are provided the option to “opt-in” to Perfect’s transfer of their personal data, however, if preferred, alternative arrangements can be made. Contact Perfect at firstname.lastname@example.org if arrangements in accordance with this section are necessary or desired.
Employee Access to Confidential Information
Right to Access, Correct or Delete Personal Data
Individual Users have the right to know what Personal Data about them is included in Perfect’s databases and to ensure that such Personal Data is accurate and relevant for the purposes for which Perfect collected it. Individual Users may review their own Personal Data stored in the databases and correct, erase, or block any data that is incorrect, as permitted by applicable law and Perfect’s policies. Upon reasonable request and as required by the Privacy Shield principles, Perfect allows Individual Users access to their own Personal Data, in order to correct or amend such data where inaccurate.
Individuals may edit their Personal Data by logging into their account profile or by contacting Perfect at email@example.com. In making modifications to their Personal Data, Data Subjects must provide only truthful, complete, and accurate information. To request erasure of Personal Data, Individual Customers should submit a written request to Perfect at firstname.lastname@example.org.
Perfect will endeavor to respond in a timely manner to all reasonable written requests to view, modify, or inactivate Personal Data.
Protection of Information via Established Security Procedures
Perfect and its Global Subsidiaries maintain security standards and procedures to help prevent unauthorized access to confidential information about you that is under our control. We update and test our technology to improve the protection of our information about you and to help assure the integrity of our information.
When our software as a service application is accessed using web browsers, Secure Socket Layer (SSL) technology is used to protect information using both server authentication and data encryption that help ensure that Data is safe, secure, and available only to the User. Perfect and its Global Subsidiaries also implement an advanced security method based on dynamic data and encoded session identifications, and hosts the Site in a secure server environment that uses firewall and other technology to prevent interference or access from outside intruders. Finally, Perfect and its Global Subsidiaries provide unique user names and passwords that must be entered each time that a Customer logs on. These safeguards help prevent unauthorized access, maintain data accuracy, and ensure the appropriate use of Data.
Cache Storage of Information
Internet browser software typically stores/caches information from the website being visited on the hard drive of the User. This means that information viewed or inputted during a visit to a website can usually be viewed again by merely hitting the “BACK” button in your browser. Some websites issue a “no-cache” command to browsers to prevent this temporary storage. To provide better service to Users, we do not send this command to the browser. To better protect your personal information, Users should clear their cache of information from their computers periodically. Instructions for clearing this cache are usually included in the User’s browser.
To provide better service, Perfect, its Global Subsidiaries, or either’s agents, may use “cookies.” A cookie is a small bit of information sent to your browser application that is written into storage, so that it can be retrieved later. A cookie is a way for a web site to recognize whether or not you have visited the site before. Your web browser can be set to inform you when cookies are set or to prevent them from being set.
Perfect and its Global Subsidiaries use two types of cookies: session and persistent-based. Session cookies exist only during an online session. They disappear from your computer when you close your browser software or turn off your computer. Persistent cookies remain on your computer after you’ve closed your browser or turned off your computer. They include information such as a unique identifier for your browser. Perfect and its Global Subsidiaries use session cookies containing encrypted information to allow the system to uniquely identify Users while logged in. Session cookies are required in order to use Perfect’s and its Global Subsidiaries’ software as a service application. Perfect and its Global Subsidiaries also use persistent cookies, that is useful for Perfect and its Global Subsidiaries to identify the fact that you are a Customer or a prior web site visitor. Perfect and its Global Subsidiaries are very careful about the security and confidentiality of the information stored in persistent cookies. For example, Perfect does not store account numbers or passwords in persistent cookies.
Website Links and Third Party Content
This policy covers only information that is collected by Perfect or its Global Subsidiaries’ website(s) or software as a service application. It does not cover information collected on sites that are not operated by Perfect or its Global Subsidiaries, or by a Customer’s vendor on its own behalf, or sites that appear as links on a Customer’s portion of the software as a service application.
At any time, individuals can opt out of being contacted or receiving information from us, simply by sending an email to email@example.com, or by sending regular mail to the address listed below. We will reasonably accommodate all requests. In addition, Perfect and its Global Subsidiaries do not intend to collect information of legal minors (for example, persons under the age of 18 in the United States.) If you have reason to believe that Perfect or its Global Subsidiaries has personal information of minors, please inform Perfect immediately.
Investigatory and Enforcement Powers
Perfect and its Global Subsidiaries acknowledge that they are subject to the investigatory and enforcement powers of the Federal Trade Commission (“FTC”).,
Perfect and its Global Subsidiaries may be required to disclose an individual’s personal information in response to a lawful request by public authorities, including, to meet national security or law enforcement requirements.
Enforcement of Policy
For inquiries or complaints, or if you suspect a violation of this Policy, please address your concerns first to the Legal Department at Perfect at:
Attn: Legal Department
PO Box 12079
Newport News, VA 23612
Perfect will respond to your concerns within 45 days. If you do not receive a response within 45 days, you may seek enforcement of this Policy by initiating a complaint. Perfect has committed to refer unresolved privacy complaints under the US-EU Privacy Shield Framework to an independent dispute resolution mechanism, the BBB EU Privacy Shield, operated by the Council of Better Business Bureaus. For more information on how to file a claim with the BBB EU, free of charge, please visit http://www.bbb.org/EU-privacy-shield/for-eu-consumers. Finally, as a last resort and in limited situations, EU individuals may seek redress from the Privacy Shield Panel, a binding arbitration mechanism. This arbitration option is available to determine, for residual claims, whether a Privacy Shield organization has violated its obligations under the Principles, and whether any such violation remains fully or partially unremedied. For more information on the Privacy Shield Panel visit https://www.commerce.gov/sites/commerce.gov/files/media/files/2016/eu_us_privacy_shield_full_text.pdf.pdf
To better serve you, if you use email, Perfect and its Global Subsidiaries will generally preserve the content of your email, including, your email address, and our response. Depending on the content of your email, we may be required by existing laws and regulations to keep this information.
If you send email to us, please remember that email is not secure against interception. If your email contains information that is very sensitive or includes personal information such as account numbers, charge card or credit card numbers, or social security number, please send this information via postal mail or contact us to establish or verify a secure electronic transmission process.
Contact Information and Internal Procedures
If you have any questions, please contact us at firstname.lastname@example.org or call our Headquarters and ask to speak with someone from the Legal Department. A team of legal and information technology experts will review the Policy annually and will report internally on compliance to the certifying officer for this program prior to recertification to the US Department of Commerce.
US-Swiss Safe Harbor
Attn: Legal Department
PO Box 12079
Newport News, VA 23612
Perfect and its Global Subsidiaries have further committed to refer unresolved privacy complaints under the US-Swiss Safe Harbor to an independent dispute resolution mechanism operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/us/safe-harbor-complaints for more information and to file a complaint.
HR Data From the European Union & Switzerland
Perfect agrees to cooperate with local DPAs for HR Data. Users with an HR Data complaint should first contact us at the address above. If your HR Data complaint has not been resolved in a timely manner, users may also file a complaint with their local Data Protection Authority (“DPA”). For information on how to contact your EU jurisdiction’s DPA, visit http://ec.europa.eu/justice/data-protection/article-29/structure/data-protection-authorities/index_en.htm.