What personal information do we collect from the people that visit our blog, website or app?
When ordering or registering on our site, as appropriate, you may be asked to enter your name, email address or other details to help you with your experience. We collect information related to the usage of Virtend™, including locations visited, dates and times, meetings attended, activities, roles, permission groups. We also collect computer performance and configuration data used for troubleshooting.
When do we collect information?
We collect information from you when you or enter information on our site or Sign up for Virtend™ Account. We also collect system usage data to use for creating reports or troubleshooting system configuration or performance.
How do we use your information?
We may use the information we collect from you when you register, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, surf the website, or use certain other site features in the following ways:
- To authenticate you to access Virtend™
- To create reports for the account holder
- To troubleshoot configuration or performance issues
- To notify you of system issues or upgrades
- To provide application support
- To track your interest and market our services to you
How do we protect your information?
We do not use vulnerability scanning and/or scanning to PCI standards.
We only provide articles and information. We never ask for credit card numbers.
We use regular Malware Scanning.
Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via TLS technology.
We implement a variety of security measures when a user enters, submits, or accesses their information to maintain the safety of your personal information.
All transactions are processed through a gateway provider and are not stored or processed on our servers.
Do we use ‘cookies’?
You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Since the browser is a little different, look at your browser’s Help Menu to learn the correct way to modify your cookies.
If you turn cookies off, Some of the features that make your site experience more efficient may not function properly that make your site experience more efficient and may not function properly.
We do not sell, trade, or otherwise transfer to outside parties your Personally Identifiable Information except for, we may create reports, share data with a reseller for the purposes of creating reports, for the account holder (3D ICC customer that purchased the services you are using). These reports may include but are not limited to, usage of the system including times and dates, locations visited, activities, meetings attended, and roles and permission groups you belong to. We may also create reports to troubleshoot performance, or configuration issues, or provide support for using the application.
We use vendors for advertising and conversion tracking. Your data is used by these vendors please see their privacy policies for more information.
We do not include or offer third-party products or services on our website.
Google’s advertising requirements can be summed up by Google’s Advertising Principles. They are put in place to provide a positive experience for users. https://support.google.com/adwordspolicy/answer/1316548?hl=en
We use Google AdSense Advertising on our website.
We have implemented the following:
We, along with third-party vendors such as Google use first-party cookies (such as the Google Analytics cookies) and third-party cookies (such as the DoubleClick cookie) or other third-party identifiers together to compile data regarding user interactions with ad impressions and other ad service functions as they relate to our website.
Users can set preferences for how Google advertises to you using the Google Ad Settings page. Alternatively, you can opt out by visiting the Network Advertising Initiative Opt-Out page or by using the Google Analytics Opt-Out Browser Add-on or visit: https://tools.google.com/dlpage/gaoptout/
California Online Privacy Protection Act
According to CalOPPA, we agree to the following:
Users can visit our site anonymously.
Can change your personal information:
• By emailing us
• By chatting with us or by sending us a support ticket
How does our site handle Do Not Track signals?
We honor Do Not Track signals and Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.
Does our site allow third-party behavioral tracking?
It’s also important to note that we do not allow third-party behavioral tracking
COPPA (Children Online Privacy Protection Act)
When it comes to the collection of personal information from children under the age of 13 years old, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States’ consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online.
We do not specifically market to children under the age of 13 years old.
Fair Information Practices
The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.
In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:
We will notify you via email
• Within 7 business days
We also agree to the Individual Redress Principle which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
We collect your email address in order to:
- Send information, respond to inquiries, and/or other requests or questions
- Process orders and to send information and updates pertaining to orders
- Send you additional information related to your product and/or service
- Create Reports for 3D ICC Customers
- Troubleshoot performance or computer configuration issues
To be in accordance with CAN-SPAM, we agree to the following:
- Not use false or misleading subjects or email addresses.
- Identify the message as an advertisement in some reasonable way.
- Include the physical address of our business or site headquarters.
- Monitor third-party email marketing services for compliance, if one is used.
- Honor opt-out/unsubscribe requests quickly.
- Allow users to unsubscribe by using the link at the bottom of each email.
If at any time you would like to unsubscribe from receiving future emails, you can email us at
firstname.lastname@example.org and we will promptly remove you from ALL correspondence.
Under the GDPR, breach notification will become mandatory in all member states where a data breach is likely to “result in a risk for the rights and freedoms of individuals”. This must be done within 72 hours of first having become aware of the breach. Data processors will also be required to notify their customers, the controllers, “without undue delay” after first becoming aware of a data breach.
Right to Access
Part of the expanded rights of data subjects outlined by the GDPR is the right for data subjects to obtain from the data controller confirmation as to whether or not personal data concerning them are being processed, where and for what purpose. Further, the controller shall provide a copy of the personal data, free of charge, in an electronic format. This change is a dramatic shift to data transparency and empowerment of data subjects.
Right to be Forgotten
Also known as Data Erasure, the right to be forgotten entitles the data subject to have the data controller erase his/her personal data, cease further dissemination of the data, and potentially have third parties halt processing of the data. The conditions for erasure, as outlined in article 17, include the data no longer being relevant to original purposes for processing, or a data subjects withdrawing consent. It should also be noted that this right requires controllers to compare the subjects’ rights to “the public interest in the availability of the data” when considering such requests.
GDPR introduces data portability – the right for a data subject to receive the personal data concerning them, which they have previously provided in a ‘commonly use and machine-readable format‘ and have the right to transmit that data to another controller.
Privacy by Design
Privacy by design as a concept has existed for years now, but it is only just becoming part of a legal requirement with the GDPR. At its core, privacy by design calls for the inclusion of data protection from the onset of the designing of systems, rather than an addition. More specifically – ‘The controller shall..implement appropriate technical and organizational measures..in an effective way.. in order to meet the requirements of this Regulation and protect the rights of data subjects’. Article 23 calls for controllers to hold and process only the data absolutely necessary for the completion of its duties (data minimization), as well as limiting the access to personal data to those needing to act out the processing.
PRIVACY SHIELD POLICY
EU-U.S. and Swiss-U.S. Privacy Shields
For purposes of this Policy, the following definitions shall apply:
“3D ICC Customer” is any entity that purchases the services you are using from 3D ICC.
“3D ICC Reseller” is any entity that sells directly to and is the main interface between 3D ICC and a 3D ICC Customer.
“Personal information” means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. Personal information does not include information that is anonymized or aggregated.
“Sensitive information” means any personal information that reveals race, ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, information that concerns health or sex life, and information about criminal or administrative proceedings and sanctions.
“Employment information” means any personal information collected in order to comply with employment regulations, payments for employment, employee benefits, and tax reporting.
EU-U.S. AND SWISS-U.S. PRIVACY SHIELD PRINCIPLES
3D ICC participates in and complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from organizations subject to data protection law in the EEA and Switzerland to the United States, respectively. 3D ICC has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms of this Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view 3D ICC certification, visit https://www.privacyshield.gov/.
3D ICC receives data from customers of its Virtend™ program, from its website, support portal, and support requests. Some of this data includes personal information about individuals in the EEA and Switzerland, which may include basic contact information like name and email address, sales information, and information related to usage, including computer performance characteristics, and configuration information. 3D ICC uses this information for the provision of the services to its customers, customer support for such services, and reporting to meet contractual obligations to either a 3D ICC Customer or 3D ICC Reseller.
3D ICC will subject all personal information received via the Privacy Shield to the EU-U.S. and Swiss-U.S. Privacy Shield Principles. 3D ICC is subject to the investigative and enforcement authority of the Federal Trade Commission (FTC). 3D ICC may be required to disclose personal information in response to lawful requests by public authorities. 3D ICC has potential liability for onward transfers to third parties. Additionally, an individual may be allowed to invoke binding arbitration to resolve disputes under certain limited conditions.
3D ICC will also collect Employment Information for employees and contractors that it hires.
3D ICC will offer EEA and Swiss individuals whose personal information has been transferred to us the opportunity to choose whether the personal information it has received is to be used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual. An individual may opt-out of such uses of their personal information by contacting us at the address given below.
3D ICC does not collect and will not use sensitive personal information.
Data Integrity and Purpose Limitation
3D ICC will use personal information only in ways that are compatible with the purposes for which it was collected or subsequently authorized by the individual. 3D ICC will take reasonable steps to ensure that personal information is relevant to its intended use, accurate, complete and current.
Transfers to Agents
3D ICC does not currently use Agents to process data, in the event that an agent is used 3D ICC may disclose personal information to Agents, including but not limited to, providers of analytical, hosting, payment processing and other support services. Agents may have access to personal information if needed to perform their functions for 3D ICC. 3D ICC does not transfer personal information to non-Agent third parties except as required under contract to 3D ICC Resellers for purposes of reporting to 3D ICC Customers.
3D ICC will require its Agents to safeguard personal information consistent with this Policy by contract obligating the agent to provide at least the same level of protection as is required by the EU-U.S. and Swiss-U.S. Privacy Shield Principles. Under certain circumstances, 3D ICC may bear liability for onward transfers of personal information from the EEA where its Agent processes personal information inconsistent with the EU-U.S. and Swiss-U.S. Privacy Shield Principles, unless 3D ICC proves that it is not responsible for the event giving rise to the damages.
Access and Correction
3D ICC will grant individuals reasonable access to personal information it received pursuant to these Principles. In addition, 3D ICC will take reasonable steps to permit individuals to correct, amend, or delete such information that is demonstrated to be inaccurate or incomplete. An individual may request to access his or her information, or otherwise correct, amend, or delete his or her information pursuant to the EU-U.S. and Swiss-U.S. Privacy Shield Principles by contacting us at the address given below.
3D ICC will take reasonable and appropriate precautions to protect personal information in its possession from loss, misuse and unauthorized access, disclosure, alteration and destruction.
3D ICC will conduct compliance audits of its relevant privacy practices to verify adherence to this Policy. Any employee that 3D ICC determines is in violation of this policy will be subject to disciplinary action.
Dispute Resolution – Privacy Shield
In compliance with the Privacy Shield Principles, 3D ICC commits to resolve complaints about our collection or use of your personal information. EU individuals with inquiries or complaints regarding our Privacy Shield Policy should first contact 3D ICC at:
3D Immersive Collaboration Consulting, LLC
2729 Old Washington Road
Westminster, MD 21157
3D ICC has further committed has further committed to cooperate with the panel established by the EU data protection authorities (DPAs) with regard to unresolved Privacy Shield complaints concerning data transferred from the EU
The panel established by the EU DPAs to resolve disputes pursuant to the Privacy Shield Framework
Swiss Federal Data Protection and Information Commissioner (FDPIC)
This Policy may be amended from time to time, consistent with the requirements of the EU-U.S. and Swiss-U.S. Privacy Shield Principles. The amended Policy will be made publicly available via 3D ICC website.
2729 Old Washington Road
Westminster, MD 21157
Last Edited on 2023-06-05