Visier Privacy Statement

“App” means a Visier mobile application that interfaces with the Service Platform.

“Customer Data” means the data we process in the Service Platform as governed by a Subscription Agreement.

“Frameworks” means the EU – U.S. and Swiss – U.S. Privacy Shield Frameworks.

“Service Platform” means the Visier service platform.

“Services” means the Sites, the App and the Service Platform and any other interaction you may have with us (for example, by attending our events).

“Sites” means the Visier website located at www.visier.com and other web pages we operate in which we post a direct link to this statement.

“Subscription Agreement” means a separate agreement governing access to and use of the Service Platform by a third party and its authorized users.

“Visier” means Visier, Inc. and its subsidiaries. The term “we”, “us”, and “our” also refer to Visier.

We collect information when you visit and use our website, products and services, or otherwise interact with us. Depending on your relationship with us, we collect information in the following ways:

We use tools such as cookies, web beacons and similar technologies to automatically collect information from your computer or mobile device as you navigate through or use our Services.

We collect information about you from other sources, including third party providers of business contact information from whom we have purchased information, and combine this information with information provided by you. We use this information to update and analyze our records, identify new customers and create tailored marketing communications.

Information that Visier collects and receives is used for legitimate business interests or to comply with legal obligations including to:

We may de-identify and aggregate your information with other information we collect for purposes of performing statistical and other data analysis.

Even when we may have a legitimate interest in processing your information, we will not do so if it overrides your interests, rights and freedoms.

We do not sell, share or otherwise disclose information we collect except as described in this Privacy Statement. We share information in the following ways:

You may post comments or questions on our websites; for example, on a community forum, comments section, or discussion forum. Some of these forums allow you to provide your personal information and create a profile. Personal information you submit or post in publicly accessible areas can be read, collected and used by others who access them.

Visier operates globally and transfers personal information to Visier in the U.S, to any Visier subsidiary, or to third parties and business partners that are located in countries around the world. Personal information may be processed outside the European Economic Area (EEA) and in countries which are not subject to an adequacy decision by the European Commission (EC) and which may not provide for the same level of protection as the EEA. When you provide personal information to Visier, you consent to the processing and transfer of your information outside of your country of residence where data protection standards may be different. Our privacy practices are aligned with the requirements of the General Data Protection Regulation (GDPR) and the UK Data Protection Act. Visier complies with applicable data protection laws when transferring personal information and will always protect your information in accordance with this Privacy Statement. Visier utilizes EC-approved standard contractual data protection clauses, or other appropriate legal mechanisms to safeguard the transfer.

Visier participates in and has certified its compliance with the Frameworks as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union (EU), United Kingdom (UK), and Switzerland, to the United States. Visier is committed to subjecting all personal information received from the EU and the UK and/or Switzerland in reliance on Privacy Shield. If there is any conflict between this Privacy Statement and the Privacy Shield Principles, the Privacy Shield Principles will take precedence. Learn more about the Privacy Shield Program and view Visier’s certification on the Privacy Shield Framework site maintained by the United States Department of Commerce, currently located at https://www.privacyshield.gov.

We are responsible under the Frameworks for the processing of personal information we receive and, in accordance with the Privacy Shield Principles regarding onward transfers, the processing of personal information we subsequently transfer to a third party acting as an agent on our behalf. We remain liable, in accordance with these Principles, if our third-party agents process such personal information in a manner inconsistent with these Principles, unless we prove we are not responsible for the event giving rise to the damages.

In addition, we are subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, we may be required to disclose information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

We encourage you to contact us should you have a Privacy Shield or general privacy-related complaint. Please see the section on Dispute Resolution below. Under certain conditions, more fully described on the Privacy Shield website https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.

In order to protect your information from unauthorized loss, or unauthorized use, access or disclosure, Visier employs reasonable and appropriate physical, technical and security safeguards to protect information. This includes the adoption of industry standard technical and organizational measures to secure the information we store. All systems used to support Visier’s Services are governed by Visier’s corporate security policies which are built upon industry standards and best practices such as the International Organisation for Standardization (ISO) 27001 family of standards and National Institute of Standards and Technology (NIST) standards.

Access to your information is restricted to authorized Visier employees and authorized third parties who need to know that information in order to process it for us and who are subject to strict confidentiality obligations.

The Services employ Secure Socket Layer (SSL) technology using both server authentication and data encryption. The Services are hosted in a secure server environment that uses firewalls, intrusion detection systems, and other advanced technology to protect against interference or access from outside intruders.

While Visier has implemented safeguards to protect your information, given the nature of communications and information processing technology, Visier cannot guarantee that your information is absolutely secure in all situations. It is your responsibility to ensure you are accessing the Services using an up-to-date web browser. You are also responsible for maintaining the security and confidentiality of any usernames and passwords associated with the Services.

For your own protection, we encourage you to not include personal information, credit card, or other sensitive information in any emails you send to us.

Keeping your information secure is our priority. We encourage responsible reporting of any vulnerability that may be found across our Services. To report a potential vulnerability or to make an enquiry about security of our Services, please contact our Security team by email to [email protected].

Visier retains information (including information we process on behalf of our Customers) for as long as needed to fulfill the purpose for which it is collected or as necessary to comply with legal obligations, resolve disputes, and enforce our agreements.  Visier retains Customer Data according to the timeframes set forth in the Subscription Agreement or as otherwise authorized by our customers.

Customers routinely provide Customer Data for processing in connection with our Service Platform. Visier does not share or distribute any Customer Data except as described in the contractual agreement between Visier and the customer, or as may be required by law. We process Customer Data in our Service Platform under the direction of our customers. Visier has no direct relationship with the individuals whose personal information are contained in the Customer Data. Our customer is the “controller” with respect to its Customer Data and Visier is the “data processor”. The customer is responsible for providing all notices and fulfilling all requests associated with the collection and use of Customer Data.

If you believe that your data has been provided to Visier by one of our customers and you would no longer like to be contacted by that customer, please contact the customer directly. As part of the services we provide to our customers, we may transfer their Customer Data (which may contain your personal information) to companies that help us provide our services. Transfers of this data to such third parties and any subsequent third parties are covered by the service agreements we maintain with our customers.

If you seek to access, correct, amend, or delete your personal data that is contained in Customer Data, you should direct your query to the Visier customer that provided Visier with the Customer Data (the data controller).

You may have rights relating to your information under privacy or data protection laws. Subject to verification of your identity, you may request access to and correction of, your information. Additionally, the following options are available to you, upon request, for the exercise of your rights:

• Provide a description of the information we process about you;
• Rectify or update inaccurate or incomplete information about you;
• Delete or request erasure of information about you (unless an exception applies);
• Restrict the processing of information, in certain circumstances;
• Withdraw your consent where you have previously given consent to process your information; and
• Provide a copy of your information in a structured, commonly used and machine- readable format, in certain circumstances.

These options may be limited in some situations such as where we can demonstrate that we have a legal requirement or legitimate interest to process your information.

If you would like to make one of these requests, please contact our Privacy Office by email to [email protected]. We will respond to your request within a reasonable timeframe.

If you subscribe to our newsletter(s) or other marketing communications, you may choose to stop receiving those communications by using the unsubscribe link included in our emails or by contacting us by email to [email protected].

In accordance with the U.S. Federal Children’s Online Privacy Protection Act (COPPA) and other applicable data protection laws, Visier does not knowingly collect personal information from any individual under the applicable age of consent without parental or guardian consent. If you believe that we may have collected personal information from someone under the applicable age of consent in your country without the proper consent, please contact us by email to [email protected] and we will take action to investigate and delete such information.

If you have an unresolved complaint or concern that we have not been able to address satisfactorily, please file a report with our US-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request. We have also committed to cooperating with data protection authorities in the EEA, UK, and/or the Swiss Federal Data Protection and Information Commissioner (as applicable) in relation to unresolved complaints.

Where the Services are made available to you through an organization (e.g. your employer), that organization is the administrator of the Services and is responsible for the accounts and/or Services over which it has control. Visier is not responsible for the privacy or security practices of an administrator’s organization.

There may be links to third-party websites and services that are outside our control and which are not covered by this Privacy Statement. The information practices and the content of such other websites are governed by the privacy statements of such other websites. We encourage you to review the privacy statements posted on those websites to understand their information practices.

This Privacy Statement is updated from time to time to reflect changes in our Services, practices or technologies, and to comply with legal requirements. The most current version will be posted on our website. We encourage you to review this Privacy Statement to stay informed about our privacy practices. If the changes are significant, we will provide a more prominent notice on our website prior to the change becoming effective and indicate at the top when it was most recently updated.

The previous version of our Privacy Statement may be accessed at https://www.visier.com/previous-privacy-statements/privacy-aug-2020/.

If you have questions about this Privacy Statement, please contact our Privacy Office by email to [email protected].

To communicate with our Data Protection Officer (DPO) please send an email to [email protected], by phone to: 1-888- 277-9331, or send a letter by post to: Visier Privacy Office, #400-858 Beatty Street, Vancouver BC, V6B 1C1.

If you are a California resident, California law may provide you with additional rights regarding our use of your personal information. To learn more about your California privacy rights, see our CCPA Privacy Notice at https://www.visier.com/ccpa-privacy-notice/.