Effective Date: January 17, 2017
“Elementum”, “we”, “us” and/or “our” refers to Elementum Ltd and any of our corporate affiliates.
“Services” refers to, individually and collectively, our supply chain orchestration, collaboration, and related services, support, professional services, websites (including www.elementum.com/), and end user software on any platform. The Services are not intended for personal or consumer use.
“You” and “your” refer to individuals using or otherwise interacting with our Services.
“Information” refers to data about you and your use of Services, may be retained in electronic or paper format, and includes personal data as defined by the General Data Protection Regulation.
Reasons We Process Your Information
We may process your information if:
- You, or the company you work for, or the company which provides you access to the Services, are a customer or a supplier of ours.
- You, or the company you work for, or the company which provides you access to the Services, use our Services.
- You work for one of our suppliers, resellers, or other business partners.
- You work for someone who uses our products or services.
- You, or the company you work for, may be a candidate for our advertising or marketing efforts.
- You communicate with us, or we receive a communication from or regarding you, through our Services or other communication.
- You request information about us, our business, and/or the Services.
Information We Collect
We collect information from you when you voluntarily provide that information to us. This may occur, for example, when you complete and submit a form through the Services, contact us with inquiries, participate in an event or promotion, or respond to one of our surveys.
We collect information from you when you voluntarily provide that information as part of your use of the Services. Examples of this include: when you submit a technical support request, submit a form for “request a demo” or “request a whitepaper”.
We collect information about you from third parties including other Service users, third-party service providers which you have linked to your use of our Services (including social media accounts, single-sign-on services, and scheduling applications), resellers, distributors, your employer, your administrator, publicly available sources, data enrichment vendors, payment and delivery service vendors, advertising networks, analytics providers, and our business partners. The information which we receive from third parties depends on what policies that third party follows and our and your respective relationships with the third party.
Personal data relating to you that we process may include:
- Your name.
- Who you work for, and your job function or department.
- Your address, phone number, email address or other contact details (these details may relate to your work or to you personally, depending on the nature of our relationship with you or the company that you work for).
Information relating to transactions with us involving you or the company you work for (for example, details of goods or services that we have supplied to, or obtained from, you or the person you work for).
- Information relating to you which it is necessary for us to process in order to enter into or perform a contract with you or the company you work for (for example, right to work information and information obtained from credit references agencies where this is necessary to enable us to carry out appropriate checks in relation to contracts with you or someone else that you work for or are otherwise related to).
- Certain device and connection information when you use our Services, including the type of device or endpoint (e.g. browser type and version, operating system and platform) you are using to access the Services, IP address, and geolocation data. The amount of information may vary depending on the nature of the equipment you use to access the Services and may also include non-identifiable or aggregated information to conduct research on customer demographics, interests and behavior.
- Information about your visit, including the full Uniform Resource Locators (URL), clickstream to, through and from our website (including date and time), products you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, and any phone number used to call our customer service number or social media handle used to connect with our customer service team.
We currently do not participate in any “Do Not Track” frameworks that would allow us to respond to signals or other mechanisms from you regarding the collection of your information.
How We Use Information
How we use the information is shaped by the source of the information, the type of Services you use, and any privacy preferences that you have specified to us. Below are the specific purposes for which we use the information we collect or receive about you.
- To take steps in order to enter into any contract or carry out our obligations arising from any contract entered into between Elementum and you, the company you work for, or the company which provides you access to the services, including:
- To provide the Services, related customer support, and supporting functions. We use the information you provide to make the Services available to you in a personalized manner which optimizes your experience. This includes providing supporting functions like using the information you provide in your profile to identify you to other Service users, performing billing operations, identifying whether you are complying with your license grant for the Services, detecting fraudulent activity or other improper uses of the Services, and verifying your identity.
- To communicate with you about the Service. We may reach out to you using the information you have provided via email, telephone, in-window messaging, through the software for the Service, on the website, and otherwise as appropriate for transactional communications such a application event notifications, change of password confirmation, product updates, and responding to customer support requests. We also send you information as a new user for a Service to better help you use the Service. These communications are part of the Services and, in many cases, you cannot opt out of receiving them.
- For engagement communications – We may communicate with you or the company you work for to better help you engage with our Services and maximize your use of the Services. This includes user training, letting you know about newly available features of your Services and seeking quality-related and engagement feedback.
- For promotional communications – We may communicate with you or the company you work for to better inform you of the Services available to you. This includes letting you know about potential new Services, newsletters, events, and related Services we offer that we believe will be of interest to you. If we do so, and if required by applicable law, each communication we send you will contain instructions permitting you to “opt-out” of receiving future communications. You can also object to further marketing at any time by sending us an email at firstname.lastname@example.org.
- To better understand our users, and improve our Services accordingly (when our legitimate interest in doing so is not overridden by your personal rights that may apply). We may use such information to track, for example, the total number of visitors to our website, the number of visitors to each page of our website, the domain names of your Internet service provider, general geographic location, and how you use and interact with the Services. We can use this information to identify trends, usage patterns, service quality interruptions, undiscovered bugs in the Services, and better optimize your Services experience in the future. Also, in an ongoing effort to better understand and serve the users of the Services, Elementum often conducts research on its customer demographics, interests and behavior based on the information on an aggregate basis.
- For uses as required by law or to otherwise protect our legal rights. There may be situations where we believe it is required by law or necessary to protect our legal rights or the interests of others to use the information in connection with pending or active litigation, regulatory compliance efforts, audits, and disclosures in connection with the acquisition, merger or sale of a business.
- For other uses with your consent. If Elementum intends on using any information in any manner that is not consistent with this Policy, you will be informed of such anticipated use and be given an opportunity to provide your consent for such use and/or discontinue your use of the Services.
The Services are not intended to be used for profiling, automated processing, personal data relating to criminal convictions or offenses, other systematic monitoring of a public area, or any other operations which may result in a high risk of significantly affecting you or your legal rights.
If you are an EU resident, the following terms also apply:
Elementum processes your personal data when we have an adequate legal basis for doing so. This means we collect and use your personal data where:
- We need it to provide you the Services;
- It satisfies a legitimate interest (which is not overridden by your data protection interests);
- You give us consent to use the personal data for a specific purpose; or
- We need to process your personal data to comply with a legal or contractual obligation.
If you have consented to our use of personal data for a specific purpose, you have the right to change your mind at any time, and the procedures for communicating that revocation of consent are detailed below. Any such decision will not affect any processing that has already occurred. Where you withdraw your consent, but we are using your information because we or a third party (e.g. your employer) have a legitimate interest in doing so, or we have different legal basis for using your information (for example, fulfilling a contract with you), we may continue to process your information, subject to your rights to access and control your information. However, this may mean your access to the Services will be limited or suspended, and your accounts may be terminated, as applicable.
How Long We Keep Information
Elementum will generally retain information for so long as you are an active user of the Services. For more extensive requests, you may make a request per the guidelines below.
Following the end of your subscription to the Services if the Services are made available to you through an organization (e.g., your employer), we retain your information per your organization’s instructions. For more information, see the “Additional Information Regarding Processing Information of Our Customers” section below.
Some information may be retained to comply with our legal obligations, to resolve disputes, to enforce our agreements, to support business operations, for marketing purposes according to your registered preferences if you have opted to receive such communication, information derived from cookies, and information required to continue to develop and improve our Services.
Where we retain information after your use of the Service, we take reasonable steps to make that data is not personally identifiable beyond the extent required to comply with our legal and regulatory obligations.
How We Protect Information Elementum takes appropriate physical, technical, and organizational measures to protect your personal information from loss, misuse, unauthorized access or disclosure, alteration, and destruction. We utilize a combination of industry-standard security technologies, procedures, and organizational measures to help protect your information from unauthorized access, use or disclosure.
Our primary data hosting service providers are in the United States. A limited amount of information may be accessed or processed in Argentina and/or The Philippines.
No Internet, e-mail or other electronic transmission is ever fully secure or error free, so you should take special care in deciding what information you send to us in this way.
Who We Share Information With
There are certain circumstances in which we may share your information with certain third-parties. Any access by a third party to the information is managed by Elementum, and the third parties are vetted based in part on their ability to protect information. International movement of information consistent with this sharing is discussed in the “How We Move Information” section below.
As part of your use of the Service, you may share information with other users of the Service. Those users of the Service may be located in nearly any location around the world, may be communicating with Third Party Sites (as defined below) while using the Services, and may be limited by law or by an agreement with us about their use of information you share. However, this Policy only addresses our use of the information.
We may share information with employees, contractors, agents, or consultants with a strict need-to-know under appropriate confidentiality obligations.
- We may share information with third parties which provide business-related functions on behalf of Elementum, including:
- our business partners, customers, suppliers, service providers, vendors, and sub-contractors for the performance of any contract we enter into or other dealings we have in the normal course of business with you or the company that you work for or the company that provides you access to the Services. Some examples of such business-related functions for which we may share information may include data hosting, analyzing data, providing marketing assistance, providing customer service and technical support, processing orders, sending communications to you on our behalf or at our direction, user engagement and onboarding, soliciting feedback regarding the Services, facilitating invoicing and/or payments, and others in our reasonable discretion;
- our auditors, legal advisors and other professional advisors or service providers; and
- We may share information obtained via our Services with analytics and search engine providers that assist us in the improvement and optimization of our site and subject to the cookie section of this policy.
When we employ another company to perform services of this nature, we only provide such company the right to use such information that is reasonably necessary to perform their specific function.
We may share information with third parties if we reasonably believe that such action is necessary to:
- comply with a legal obligation, regulation, or government request,
- enforce our policies and agreements,
- protect and defend the rights, property, and safety of Elementum, our customers, users, resellers, or others, or
act in urgent circumstances to protect the personal safety of users of the Services or the public.
This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction and to prevent cybercrime.
We may share information with our subsidiaries and corporate affiliates who support our processing of personal data under this Policy.
As we develop our business, we might sell or buy businesses or assets. In the event of a corporate sale, acquisition, merger, reorganization, dissolution or similar event, information may be part of the transferred assets. You will be notified via email and/or other means with any news of a transaction and any choices you may have regarding your information.
How We Transfer Information
We provide our Services primarily from the United States, where we are based. Your use of the Services requires the movement of information to our locations and the locations of our third-party service providers. Your use of the Services may require that our international affiliates and subsidiaries in countries including Argentina, Germany, and Philippines have access to the information.
If you are an EU resident:
Your information may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”) that may not be subject to equivalent data protection law. It may be processed by staff situated outside the EEA who work for us or for one of our suppliers.
We may transfer your personal information outside the EEA:
- In order to store it.
- In order to enable us to provide services to and fulfill our contract with you or the company your work for or the company that provides you access to the Services. This includes order fulfillment, processing of payment details, and the provision of support services.
- Where we are legally required to do so.
- In order to facilitate the operation of our group of businesses, where it is in our legitimate interests and we have concluded these are not overridden by your rights.
- Where we have your consent to do so.
When we share information about you within Elementum and with third parties in countries with local laws which may differ from yours, we make use of standard contractual data protection clauses, which have been approved by the European Commission, and we rely on the EU-U.S. Privacy Shield Framework to safeguard the transfer of information we collect from the European Economic Area to the United States. In some cases we may use other appropriate legal mechanisms to safeguard the transfer.
Privacy Shield Notice
In accordance with the EU-U.S. Privacy Shield Framework (a) Elementum Ltd is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC), (b) you may, under certain conditions, invoke binding arbitration and (c) Elementum Ltd shall remain liable under the Privacy Shield Principles if any of our agents process your personal data in a manner inconsistent with the Privacy Shield Principles, unless we prove that we are not responsible for the event giving rise to the damage.
Additional Information Regarding Processing Information of Our Customers
Where we provide access to the Services to you under contract with an organization (for example your employer), or if you use an email address provided by an organization to access the Services, that organization may act as the controller of the information. Your use of the Services may be subject to that organization’s policies. Each organization may appoint administrative users of the Services. An administrator may have the ability to access, modify, and/or delete certain information that you have provided, give information to Third Party Sites (as defined below), and restrict your access to the Services and information in whole or in part.
In this situation, Elementum is the processor, rather than the controller, of your information. Where we are the processor, we do not control why or how your information is used, and you will need to contact your relevant controller (e.g. your employer and/or the company which provides you access to the Services) to find out about your data protection rights and responsibilities. All questions about your organization’s policies and administrative user access rights should be directed to your organization.
How You Can Access and Control Information
Your ability to control the information includes the ability to:
- Request a record of information you have provided
- Request that information be corrected or removed
- Request that we restrict the processing of your personal data (while we verify or investigate your concerns with this information, for example)
- Request that, to the extent reasonably possible, information be provided in a structured and commonly used electronic format for portability and transfer
- Object to and/or opt-out of our use of your information, including the right to object to marketing, in whole or in part
You may opt out of non-transactional emails through the email notification center. For any issue that cannot be handled on a self-service basis, please reach out to our Support team for assistance. You can also exercise the rights listed above at any time by contacting us at email@example.com. In some instances, if you access the Services under contract with an organization, we may be required to direct your inquiries to an administrative user.
If you no longer want to use our Services, you may choose not to access our website or services at any time and, as applicable, you will need to reach out to our Support team or an administrative user to deactivate your account. If you are an organizational user of the Services, you will need to arrange for an administrative user to remove personal data associated with your account.
You may contact our Support team to ask us to stop accessing, storing, using and otherwise processing your information where our legal basis for doing so relies on your consent or is otherwise objectionable by law. Where you gave us consent to use your information for a limited purpose, you can contact our Support team to withdraw that consent, but this will not affect any processing already occurred. Where you withdraw your consent, but we are also using your information under a different legal basis (for example, fulfilling a contract with you), we may continue to process your information, subject to your rights to access and control your information. Please note that we may need to retain certain information to fulfill legal obligations, in accordance with our record retention practices, or to complete transactions.
Additional Notes on Your Privacy
Elementum does not knowingly collect information from children under the age of 13, and our Services are not intended for use by minors (as defined in your relevant jurisdiction). By using our Services, you confirm to us that you are not under the age of 13 and/or not a minor.
Changes to this Policy
The Services and our business may change from time to time. As a result, at times it may be necessary for Elementum to make changes to this Policy. Elementum reserves the right to update or modify this Policy at any time and endeavor to give you the opportunity to review the revised Policy before you choose to continue using our Services.
Please review this Policy periodically. Your continued use of the Services after any changes or revisions to this Policy indicates that you have read and understood the terms of such revised Policy.
This Policy shall not apply to any unsolicited information you provide to Elementum through this website or otherwise through the Services. This includes, but is not limited to, any ideas for new products or modifications to existing products. All such unsolicited information shall be deemed to be non-confidential. Elementum shall be free to reproduce, use, disclose, distribute and exploit such unsolicited information without limitation or attribution. However, if such unsolicited information also includes personal data, we will also determine whether we have a lawful basis for the collection and use of that information prior to doing so.
How to Submit a Complaint/Dispute Resolution
If you have a complaint about Elementum’s privacy practices, please write to us at the address below. We will take reasonable endeavors to work with you to attempt to resolve your complaint. If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request. The dispute resolution process will be conducted in English.
If you are an EU resident, and you have a request or concern about how we handle your personal information, you can also contact your local supervisory authority. A full list can be found on the European Commission website here.
How to Contact Elementum