We recognize the importance of your privacy. This Privacy Notice explains how we collect, use, process, and share personal information when we are engaged to provide services that may involve personal information.
Verenia is a U.S.-based company that was formed in 2012. We are a limited liability company organized under the laws of the state of Illinois. You can learn more about our company by visiting our website, www.verenia.com.
In connection with the services that we provide, we may be a "processor" responsible for your personal data in our possession.
The term “personal data” as used in this Privacy Notice means any information that can be used directly or indirectly to identify an individual either on its own or in combination with other information. Examples include name, home, work or email address, and contact details. It does not include information from which an individual can no longer be identified such as fully anonymized data.
The types of personal data we may collect when we are retained to provide products or services depends on the nature of the engagement but can include:
We will use and process any personal data to provide the services outlined in our contract, for the provision of software solution service or to comply with any legal obligation imposed upon us by law.
Accordingly, we may use personal data to:
We will not sell personal information or share it with third parties for marketing purposes. We also will not engage in any fully automated decision making about individuals including profiling. We will share personal data received as part of an engagement only when it is necessary to provide our services including the sharing of personal data with the customer who provides such personal data.
How Long Will We Retain Personal Information
The length of time we will retain personal information will depend upon the nature of the information we receive, the services that we are retained to provide, and any applicable laws, regulations, and rules. Our company's document retention schedule takes these factors into consideration.
We have implemented appropriate technical and organizational security measures to protect personal information from inadvertent or unauthorized access, use, disclosure, alteration, or destruction. These security measures include encryption at every reasonable level of its application, including via SSL and database-level encryption. In addition, Verenia has instituted policies limiting raw access to customers' data to only essential personnel. For customers who have to have their data located in their home country, Verenia engineers can accommodate this upon request. Additionally, all Verenia employees are subject to strict Non-Disclosure Agreements that protect not just Verenia but also our customers from the mishandling of data. No method of data storage or data transmission over the Internet, however, can be guaranteed to be completely secure.
Updating, Correcting, or Withdrawing Personal Information
It is important that any personal information we have remains accurate. If any of the personal information provided to us should ever change, for instance, if any contact information at work or home changes or an individual's email address or phone number changes, that individual can notify us so we can correct any inaccurate personal information. An individual can do so by sending an email to our GDPR compliance manager at firstname.lastname@example.org.
For security reasons, we may need to request specific information from an individual to help us confirm his/her identity before we correct, update, or delete any personal information provided to us.
The GDPR extends certain rights concerning the privacy of personal information described below.
A. Right of Access
An individual has the right to ask what personal information we have about in our possession. Individuals have the right to obtain a copy of their personal data free of charge so long as it does not adversely affect the rights of others. We may charge a reasonable fee based on administrative costs for additional copies. The right of access includes the right to request that we update, correct, or complete personal information in our possession.
B. Right of Erasure
An individual has a right to request that data be deleted or erased when it is no longer needed for the purposes for which it was collected or processed, when an individual withdraws his/her consent, when data is unlawfully processed, to comply with a legal obligation of the EU or a Member State, or when an individual objects to the processing and we are unable to demonstrate compelling, legitimate grounds for the processing that overrides the individual's rights, freedoms, or interests.
C. Right to Restrict Processing
An individual has a right to restrict the processing of his/her personal data when he/she contests the accuracy of the personal data in our possession until we are able to verify its accuracy if the processing is unlawful and the individual opposes its erasure and requests restriction instead.
D. Right to Data Portability
An individual's right to data portability is triggered when processing activity was based on his/her consent or was necessary for the performance of a contract and the processing was carried out by automated means. This right, however, shall not adversely affect the rights of others.
E. Right to Not Be Subjected to Fully Automated Decision Making
An individual has the right not to be subjected to decision-making based solely on automated processing or profiling that either significantly affects the individual or results in some sort of legal effect. This right does not apply to decisions that are necessary for entering into or performing a contract with the individual or are based on the individual's explicit consent.
F. Right to Object to Processing
An individual has the right to object to processing when it is based on a "legitimate interest" of the controller or a third party or to processing that occurs for direct marketing purposes.
G. Right to Complain
An individual also has the right to lodge a complaint with the supervisory authority where he/she resides.
H. How to Exercise These Rights
An individual can exercise these rights by sending an email to email@example.com.
We will review any requests we receive and will endeavor to respond in a timely manner. For security reasons, we may request specific information from an individual to help us confirm his/her identity before taking action on any request and to ensure the individual's right of access and that the exercise of any GDPR right does not adversely affect the rights of others.
We reserve the right to refuse to act on a request or to charge a reasonable administrative fee when a request is either manifestly unfounded or excessive because of its repetitive character.
Any personal data we receive will be stored in the United States. We do not intend to transfer personal data to another country or international organization.
We welcome any questions about this notice. Please contact our company's GDPR compliance officer, Adam Kemp. Mr. Kemp can be reached by phone at (630) 872-2237, via email at firstname.lastname@example.org, or you can write him at Verenia, LLC, 650 Warrenville Road, Suite 301, Lisle, IL 60532.