HID Global Corporation
Effective Date: August 30, 2012
Date Last Updated: January 23, 2017
This Policy applies solely to information collected by HID: (i) on HID's Secure Identity Services website https://managedservices.hidglobal.com through which HID offers its personalization services ("Site(s)") and (ii) otherwise through the course of HID's Secure Identity Services and HID Online Card Services group performing personalization services on behalf of Clients (the "Services"). This Policy does not apply to Personal Data processed outside of HID's Secure Identity Services group. "Client(s)" means third parties that purchase the Services from HID or an authorized HID reseller. "Constituent(s)" means the individuals whose Personal Data may be provided to HID by the Constituent and/or by and on behalf of a Client (for example, a Client employer may disclose certain information of its Constituents employees' information to HID for purposes of obtaining Services from HID). The use of information collected through the Services shall be limited to the purpose of providing the Services for which the Client has engaged HID.
TRUSTe Dispute Resolution
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
HID Global Corporation complies with the U.S. - Swiss Safe Harbor framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data from Switzerland. HID Global Corporation has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view HID Global Corporation's certification, please visit http://www.export.gov/safeharbor.
Notice and Collection and Use of Personal Data
HID collects no Personal Data about individuals when they generally visit HID's Site. If an individual chooses to fill in the "contact us" form, complete a Services customer application process, engage HID in the performance of Services or have or will receive a personalized credential, HID will collect Personal Data as set forth in this Policy below:
a. If an individual completes the "contact us" form on the Site, HID will collect the individual's name, company name, title, address, email, phone number and any other Personal Data that the individual chooses to provide to us.
b. HID will collect the following Personal Data that a Client provides to HID as part of the Services customer application process: Client's name, company name, title, address, email, phone number cost account, month and day of birth, password, pin for initialization of credentials.
c. HID may also collect Personal Data of a Client's Constituents, either indirectly from the Client or directly from a Constituent, based on the information that a Client or Constituent provides to HID for publication on a credential, including, without limitation:
photo, first and last name, address, email and employee identification number, title, position or role, date of birth or age range, social security number or comparable identification number, employee status, hire date and credential or photo expiration date, language(s) spoken, credential type allocated to person, type of driver's license, Age or Age group, credential number, credential version, division, department, access rights such as buildings for access and name of superior; and for payment solutions Services: credit line, initial amount of money, internal account number, payment type, discount level and value to load; and for parking systems: license plate numbers, parking lot identification and time slots. HID will use such Personal Data to respond to Clients' or Constituents' requests and inquiries, assist Clients with password retrieval, perform the Services and provide personalized credentials for Constituents on behalf of Clients. HID discloses Personal Data as set forth in the Section titled "Onward Transfer" below.
HID recognizes the privacy interests of children and HID encourages parents and guardians to take an active role in their children's online activities and interests. The Sites are not intended for children under the age of 13. HID does not target the Sites or its Services to children under 13. HID does not knowingly collect Personal Data from children under the age of 13.
HID will not disclose to a third party (except to its service providers as set forth in the Section titled "Onward Transfer") or use Personal Data other than as set forth in this Policy without first giving individuals the right to opt in to such other use. HID does not sell your personal data to third parties. Individuals will have the choice to opt in to allow HID to disclose their Personal Data to a third party (except to its service providers as set forth in the Section titled "Onward Transfer") or to use it for a purpose incompatible with the purpose for which it was originally collected or authorized. HID will allow individuals to exercise this opt in option by sending a written request.
Information Related to Data Collected through the Services
HID collects information under the direction of its Clients, and has no direct relationship with the individuals whose Personal Data it processes. If you are a customer of one of our Clients and would no longer like to be contacted by one of our Clients that use our service, please contact the Client that you interact with directly. We may transfer personal information to companies that help us provide our service. Transfers to subsequent third parties are covered by the service agreements with our Clients.
Access and Retention of Data Controlled by our Clients:
HID has no direct relationship with the individuals whose personal data it processes. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data should direct his query to HID's Client (the data controller). If you requested to remove data we will respond within 30 days
We will retain personal data we process on behalf of our Clients for as long as needed to provide services to our Client. HID will retain this personal information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
As is true of most websites, we gather certain information automatically. This information may include internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exist pages, operating system, date/time stamp, and/or clickstream data.
Cookies, Aggregate Data and Other Tracking Technologies
If an individual registers online using HID's Site, HID also may collect and store certain information about that individual's visit automatically including: 1) internet domain and IP address from which the individual accessed HID's Site; 2) the date and time the individual accessed HID's Site; and 3) the pages the individual visited. HID may also collect general demographic and profile data at HID's Site from time to time. HID will use this non-personal data internally in order to better understand and assist HID's customers and to help improve HID's Site and services. This data is used only in anonymous and aggregate form and does not identify an individual or an individual's personal details.
HID may provide Personal Data and the data generated by cookies and the aggregate information to the vendors and service agencies that HID may engage to assist us in providing HID's Services to Clients and Constituents for their internal use solely to provide HID with such assistance (for example, HID's hosting providers). For additional information, please see the Section titled, "Data Security," below.
From time to time, HID may purchase a business or sell HID's business (or a portion thereof) and Personal Data may be transferred as a part of the purchase or sale. In the event that HID purchases a business, the Personal Data received with that business will be treated in accordance with this Policy. In the event that HID sells a business, HID will use reasonable efforts to include provisions in the selling contract requiring the purchaser to treat Personal Data in substantially the same manner required by this Policy (including any amendments). You will be notified via email and/or a prominent notice on our website of any change in ownership or uses of your personal data, as well as any choices you may have regarding your personal information.
HID may also disclose Personal Data as set forth in the "Disclosures Required by Law" Section below.
Disclosure Required by Law
HID may cooperate with law enforcement agencies in identifying users who use the Site or HID's Services for illegal activities. Therefore, HID will respond to subpoenas, warrants, or other court orders regarding information concerning any user. HID will, at HID's discretion, disclose information, including Personal Data, if HID reasonably believes that HID is required to do so by law, that such disclosure is necessary to protect HID from legal liability, or that HID should do so to protect the integrity of the Site or the Service.
Wherever Personal Data may be held within HID or on its behalf, HID will take reasonable steps to protect the Personal Data from loss, misuse and unauthorized access, disclosure, alteration and destruction. HID trains employees on its Policy guidelines and makes the Policy available to its business partners. In addition, HID and its business partners enter into confidentiality agreements that require that care and precautions be taken to prevent loss, misuse, or disclosure of Personal Data and that any service providers only use Personal Data to perform services on behalf of HID. It is important for each Client to protect against unauthorized access to Client's online account password and to Client's account which holds Personal Data of Client and its Constituents. Be sure to sign off each account when finished using a shared computer.
In addition, HID takes precautions to protect Personal Data on the Site: HID uses industry-standard security measures, such as firewalls and Secure Socket Layer (SSL) technology, that are reasonably designed to safeguard the confidentiality of Personal Data. HID stores user information on secured servers that can only be accessed by authorized personnel.
No method of transmission over the internet, or method of electronic storage, is 100% secure, however. Therefore, we cannot guarantee its absolute security. If you have any questions about the security on our website, you can contact us at firstname.lastname@example.org
HID processes Personal Data only in ways required to operate and provide HID's Services. To the extent necessary for such purposes, HID will take reasonable steps to make sure that Personal Data is accurate, complete, current, and otherwise reliable as set forth in the "Disclosure" Section above and by enabling each Client to access Client's own account and update Client's and its Constituents' Personal Data. At such as time as HID determines that it no longer requires Personal Data in connection with the Services, or as required by applicable law, HID will return or permanently delete Personal Data in each Client account and remove it from HID's systems and records.HID may retain and use your information as necessary to comply with legal obligations, resolve disputes, and enforce its agreements.
Except where the burden or expense of providing access would be disproportionate to the risks to the individual's privacy in the case in question, or where the rights of persons other than the individual would be violated, HID provides Client's approved administrator with the ability to: (i) reasonably access the Personal Data that HID holds about Client and its Constituents by logging into Client's account; (ii) correct or amend Personal Data in Client's account by logging into Client's account; and (iii) delete information about Client and its Constituents where it is inaccurate by sending HID a written request (see Contact Us section below). If a Constituent wishes to request access to its Personal Data held by HID, the Constituent may send a written request to HID. HID reserves the right, where permissible at law, to apply a small administrative charge for processing any written access requests.
HID will respond to your request to access Personal Data within 30 business days.
We will retain your information for as long as your account is active or as needed to provide you services. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
Links to 3rd Party Sites
Receiving emails from our website is part of our service. If you no longer wish to receive these emails, you may opt out of them by email request.
This Policy may be updated from time to time as HID's Services change and expand. HID suggests that each individual review the Policy periodically. In the event of a material change to the Policy, HID will post a change notice on the Sites and HID may notify individuals of such changes through contact information that HID has for such individuals prior to the change becoming effective. If HID amends the Policy, the new Policy will apply to Personal Data previously collected by HID only insofar as the rights of the individual affected are not reduced.
HID Global Corporation
611 Center Ridge Drive
Austin, TX 78753