Effective Date: January 17, 2017
“Elementum”, “we”, “us” and/or “our” refers to Elementum Ltd and any of our corporate affiliates.
“Services” refers to, individually and collectively, our supply chain orchestration, collaboration, and related services, support, professional services, websites (including www.elementum.com/), and end user software on any platform. The Services are not intended for personal or consumer use.
“You” and “your” refer to individuals using or otherwise interacting with our Services.
"Information” refers to data about you and your use of Services, may be retained in electronic or paper format, and includes personal data as defined by the General Data Protection Regulation.
Reasons We Process Your Information
We may process your information if:
Information We Collect
We collect information from you when you voluntarily provide that information to us. This may occur, for example, when you complete and submit a form through the Services, contact us with inquiries, participate in an event or promotion, or respond to one of our surveys.
We collect information from you when you voluntarily provide that information as part of your use of the Services. Examples of this include: when you submit a technical support request, submit a form for “request a demo” or “request a whitepaper”.
We collect information about you from third parties including other Service users, third-party service providers which you have linked to your use of our Services (including social media accounts, single-sign-on services, and scheduling applications), resellers, distributors, your employer, your administrator, publicly available sources, data enrichment vendors, payment and delivery service vendors, advertising networks, analytics providers, and our business partners. The information which we receive from third parties depends on what policies that third party follows and our and your respective relationships with the third party.
Personal data relating to you that we process may include:
We currently do not participate in any “Do Not Track” frameworks that would allow us to respond to signals or other mechanisms from you regarding the collection of your information.
How We Use Information
How we use the information is shaped by the source of the information, the type of Services you use, and any privacy preferences that you have specified to us. Below are the specific purposes for which we use the information we collect or receive about you.
The Services are not intended to be used for profiling, automated processing, personal data relating to criminal convictions or offenses, other systematic monitoring of a public area, or any other operations which may result in a high risk of significantly affecting you or your legal rights.
If you are an EU resident, the following terms also apply:
Elementum processes your personal data when we have an adequate legal basis for doing so. This means we collect and use your personal data where:
If you have consented to our use of personal data for a specific purpose, you have the right to change your mind at any time, and the procedures for communicating that revocation of consent are detailed below. Any such decision will not affect any processing that has already occurred. Where you withdraw your consent, but we are using your information because we or a third party (e.g. your employer) have a legitimate interest in doing so, or we have different legal basis for using your information (for example, fulfilling a contract with you), we may continue to process your information, subject to your rights to access and control your information. However, this may mean your access to the Services will be limited or suspended, and your accounts may be terminated, as applicable.
How Long We Keep Information
Elementum will generally retain information for so long as you are an active user of the Services. For more extensive requests, you may make a request per the guidelines below.
Following the end of your subscription to the Services if the Services are made available to you through an organization (e.g., your employer), we retain your information per your organization’s instructions. For more information, see the “Additional Information Regarding Processing Information of Our Customers” section below.
Some information may be retained to comply with our legal obligations, to resolve disputes, to enforce our agreements, to support business operations, for marketing purposes according to your registered preferences if you have opted to receive such communication, information derived from cookies, and information required to continue to develop and improve our Services.
Where we retain information after your use of the Service, we take reasonable steps to make that data is not personally identifiable beyond the extent required to comply with our legal and regulatory obligations.
How We Protect Information
Elementum takes appropriate physical, technical, and organizational measures to protect your personal information from loss, misuse, unauthorized access or disclosure, alteration, and destruction. We utilize a combination of industry-standard security technologies, procedures, and organizational measures to help protect your information from unauthorized access, use or disclosure.
Our primary data hosting service providers are in the United States. A limited amount of information may be accessed or processed in Argentina and/or The Philippines.
No Internet, e-mail or other electronic transmission is ever fully secure or error free, so you should take special care in deciding what information you send to us in this way.
Who We Share Information With
There are certain circumstances in which we may share your information with certain third-parties. Any access by a third party to the information is managed by Elementum, and the third parties are vetted based in part on their ability to protect information. International movement of information consistent with this sharing is discussed in the “How We Move Information” section below.
As part of your use of the Service, you may share information with other users of the Service. Those users of the Service may be located in nearly any location around the world, may be communicating with Third Party Sites (as defined below) while using the Services, and may be limited by law or by an agreement with us about their use of information you share. However, this Policy only addresses our use of the information.
We may share information with employees, contractors, agents, or consultants with a strict need-to-know under appropriate confidentiality obligations.
When we employ another company to perform services of this nature, we only provide such company the right to use such information that is reasonably necessary to perform their specific function.
We may share information with third parties if we reasonably believe that such action is necessary to:
This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction and to prevent cybercrime.
We may share information with our subsidiaries and corporate affiliates who support our processing of personal data under this Policy.
As we develop our business, we might sell or buy businesses or assets. In the event of a corporate sale, acquisition, merger, reorganization, dissolution or similar event, information may be part of the transferred assets. You will be notified via email and/or other means with any news of a transaction and any choices you may have regarding your information.
How We Transfer Information
We provide our Services primarily from the United States, where we are based. Your use of the Services requires the movement of information to our locations and the locations of our third-party service providers. Your use of the Services may require that our international affiliates and subsidiaries in countries including Argentina, Germany, and Philippines have access to the information.
If you are an EU resident:
Your information may be transferred to, and stored at, a destination outside the European Economic Area ("EEA") that may not be subject to equivalent data protection law. It may be processed by staff situated outside the EEA who work for us or for one of our suppliers.
We may transfer your personal information outside the EEA:
When we share information about you within Elementum and with third parties in countries with local laws which may differ from yours, we make use of standard contractual data protection clauses, which have been approved by the European Commission, and we rely on the EU-U.S. Privacy Shield Framework to safeguard the transfer of information we collect from the European Economic Area to the United States. In some cases we may use other appropriate legal mechanisms to safeguard the transfer.
Privacy Shield Notice
In accordance with the EU-U.S. Privacy Shield Framework (a) Elementum Ltd is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC), (b) you may, under certain conditions, invoke binding arbitration and (c) Elementum Ltd shall remain liable under the Privacy Shield Principles if any of our agents process your personal data in a manner inconsistent with the Privacy Shield Principles, unless we prove that we are not responsible for the event giving rise to the damage.
Additional Information Regarding Processing Information of Our Customers
Where we provide access to the Services to you under contract with an organization (for example your employer), or if you use an email address provided by an organization to access the Services, that organization may act as the controller of the information. Your use of the Services may be subject to that organization's policies. Each organization may appoint administrative users of the Services. An administrator may have the ability to access, modify, and/or delete certain information that you have provided, give information to Third Party Sites (as defined below), and restrict your access to the Services and information in whole or in part.
In this situation, Elementum is the processor, rather than the controller, of your information. Where we are the processor, we do not control why or how your information is used, and you will need to contact your relevant controller (e.g. your employer and/or the company which provides you access to the Services) to find out about your data protection rights and responsibilities. All questions about your organization’s policies and administrative user access rights should be directed to your organization.
How You Can Access and Control Information
Your ability to control the information includes the ability to:
You may opt out of non-transactional emails through the email notification center. For any issue that cannot be handled on a self-service basis, please reach out to our Support team for assistance. You can also exercise the rights listed above at any time by contacting us at firstname.lastname@example.org. In some instances, if you access the Services under contract with an organization, we may be required to direct your inquiries to an administrative user.
If you no longer want to use our Services, you may choose not to access our website or services at any time and, as applicable, you will need to reach out to our Support team or an administrative user to deactivate your account. If you are an organizational user of the Services, you will need to arrange for an administrative user to remove personal data associated with your account.
You may contact our Support team to ask us to stop accessing, storing, using and otherwise processing your information where our legal basis for doing so relies on your consent or is otherwise objectionable by law. Where you gave us consent to use your information for a limited purpose, you can contact our Support team to withdraw that consent, but this will not affect any processing already occurred. Where you withdraw your consent, but we are also using your information under a different legal basis (for example, fulfilling a contract with you), we may continue to process your information, subject to your rights to access and control your information. Please note that we may need to retain certain information to fulfill legal obligations, in accordance with our record retention practices, or to complete transactions.
Additional Notes on Your Privacy
Elementum does not knowingly collect information from children under the age of 13, and our Services are not intended for use by minors (as defined in your relevant jurisdiction). By using our Services, you confirm to us that you are not under the age of 13 and/or not a minor.
Changes to this Policy
The Services and our business may change from time to time. As a result, at times it may be necessary for Elementum to make changes to this Policy. Elementum reserves the right to update or modify this Policy at any time and endeavor to give you the opportunity to review the revised Policy before you choose to continue using our Services.
Please review this Policy periodically. Your continued use of the Services after any changes or revisions to this Policy indicates that you have read and understood the terms of such revised Policy.
This Policy shall not apply to any unsolicited information you provide to Elementum through this website or otherwise through the Services. This includes, but is not limited to, any ideas for new products or modifications to existing products. All such unsolicited information shall be deemed to be non-confidential. Elementum shall be free to reproduce, use, disclose, distribute and exploit such unsolicited information without limitation or attribution. However, if such unsolicited information also includes personal data, we will also determine whether we have a lawful basis for the collection and use of that information prior to doing so.
How to Submit a Complaint/Dispute Resolution
If you have a complaint about Elementum’s privacy practices, please write to us at the address below. We will take reasonable endeavors to work with you to attempt to resolve your complaint. If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request. The dispute resolution process will be conducted in English.
If you are an EU resident, and you have a request or concern about how we handle your personal information, you can also contact your local supervisory authority. A full list can be found on the European Commission website here.
How to Contact Elementum