3dicc.com Privacy Policy

This privacy policy has been compiled to better serve those who are concerned with how their ‘Personally Identifiable Information’ (PII) is being used online. PII, as described in US privacy law and information security, is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. Please read our privacy policy carefully to get a clear understanding of how we collect, use, protect or otherwise handle your Personally Identifiable Information in accordance with our website.

What personal information do we collect from the people that visit our blog, website or app?

When ordering or registering on our site, as appropriate, you may be asked to enter your name, email address or other details to help you with your experience.  We collect information related to the usage of Immersive Terf®, including locations visited, dates and times, meetings attended, activities, roles, permission groups.  We also collect computer performance and configuration data used for troubleshooting.

When do we collect information?

We collect information from you when you or enter information on our site or Sign up for Terf Account.  We also collect system usage data to use for creating reports or troubleshooting system configuration or performance.

How do we use your information?

We may use the information we collect from you when you register, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, surf the website, or use certain other site features in the following ways:

  • To authenticate you to access Immersive Terf®
  • To create reports for the account holder
  • To troubleshoot configuration or performance issues
  • To notify you of system issues or upgrades
  • To provide application support

How do we protect your information?

We do not use vulnerability scanning and/or scanning to PCI standards.
We only provide articles and information. We never ask for credit card numbers.
We use regular Malware Scanning.

Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via TLS technology.

We implement a variety of security measures when a user enters, submits, or accesses their information to maintain the safety of your personal information.

All transactions are processed through a gateway provider and are not stored or processed on our servers.

Do we use ‘cookies’?

We do not use cookies for tracking purposes

You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Since the browser is a little different, look at your browser’s Help Menu to learn the correct way to modify your cookies.

If you turn cookies off, Some of the features that make your site experience more efficient may not function properly that make your site experience more efficient and may not function properly.

Third-party disclosure

We do not sell, trade, or otherwise transfer to outside parties your Personally Identifiable Information except for,  we may create reports,  share data with a reseller for the purposes of creating reports, for the account holder (3D ICC customer that purchased the services you are using).  These reports may include but are not limited to, usage of the system including times and dates, locations visited, activities, meetings attended, and roles and permission groups you belong to.  We may also create reports to troubleshoot performance, or configuration issues, or provide support for using the application.

Third-party links

We do not include or offer third-party products or services on our website.

Google

Google’s advertising requirements can be summed up by Google’s Advertising Principles. They are put in place to provide a positive experience for users. https://support.google.com/adwordspolicy/answer/1316548?hl=en

We use Google AdSense Advertising on our website.

Google, as a third-party vendor, uses cookies to serve ads on our site. Google’s use of the DART cookie enables it to serve ads to our users based on previous visits to our site and other sites on the Internet. Users may opt-out of the use of the DART cookie by visiting the Google Ad and Content Network privacy policy.

We have implemented the following:

We, along with third-party vendors such as Google use first-party cookies (such as the Google Analytics cookies) and third-party cookies (such as the DoubleClick cookie) or other third-party identifiers together to compile data regarding user interactions with ad impressions and other ad service functions as they relate to our website.

Opting out:
Users can set preferences for how Google advertises to you using the Google Ad Settings page. Alternatively, you can opt out by visiting the Network Advertising Initiative Opt-Out page or by using the Google Analytics Opt-Out Browser Add-on.

California Online Privacy Protection Act

CalOPPA is the first state law in the nation to require commercial websites and online services to post a privacy policy. The law’s reach stretches well beyond California to require any person or company in the United States (and conceivably the world) that operates websites collecting Personally Identifiable Information from California consumers to post a conspicuous privacy policy on its website stating exactly the information being collected and those individuals or companies with whom it is being shared. – See more at http://consumercal.org/california-online-privacy-protection-act-caloppa/#sthash.0FdRbT51.dpuf

According to CalOPPA, we agree to the following:
Users can visit our site anonymously.
Once this privacy policy is created, we will add a link to it on our homepage or at a minimum, on the first significant page after entering our website.
Our Privacy Policy link includes the word ‘Privacy’ and can easily be found on the page specified above.

You will be notified of any Privacy Policy changes:
• On our Privacy Policy Page
Can change your personal information:
• By emailing us
• By chatting with us or by sending us a support ticket

How does our site handle Do Not Track signals?
We honor Do Not Track signals and Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.

Does our site allow third-party behavioral tracking?
It’s also important to note that we do not allow third-party behavioral tracking

COPPA (Children Online Privacy Protection Act)

When it comes to the collection of personal information from children under the age of 13 years old, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States’ consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online.

We do not specifically market to children under the age of 13 years old.

Fair Information Practices

The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.

In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:
We will notify you via email
• Within 7 business days

We also agree to the Individual Redress Principle which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.

CAN-SPAM Act

The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.

We collect your email address in order to:

  • Send information, respond to inquiries, and/or other requests or questions
  • Process orders and to send information and updates pertaining to orders
  • Send you additional information related to your product and/or service
  • Create Reports for 3D ICC Customers
  • Troubleshoot performance or computer configuration issues

To be in accordance with CAN-SPAM, we agree to the following:

  • Not use false or misleading subjects or email addresses.
  • Identify the message as an advertisement in some reasonable way.
  • Include the physical address of our business or site headquarters.
  • Monitor third-party email marketing services for compliance, if one is used.
  • Honor opt-out/unsubscribe requests quickly.
  • Allow users to unsubscribe by using the link at the bottom of each email.

If at any time you would like to unsubscribe from receiving future emails, you can email us at
support@3dicc.com and we will promptly remove you from ALL correspondence.

GDPR

https://www.eugdpr.org/

Breach Notification

Under the GDPR, breach notification will become mandatory in all member states where a data breach is likely to “result in a risk for the rights and freedoms of individuals”. This must be done within 72 hours of first having become aware of the breach. Data processors will also be required to notify their customers, the controllers, “without undue delay” after first becoming aware of a data breach.

Right to Access
Part of the expanded rights of data subjects outlined by the GDPR is the right for data subjects to obtain from the data controller confirmation as to whether or not personal data concerning them are being processed, where and for what purpose. Further, the controller shall provide a copy of the personal data, free of charge, in an electronic format. This change is a dramatic shift to data transparency and empowerment of data subjects.

Right to be Forgotten
Also known as Data Erasure, the right to be forgotten entitles the data subject to have the data controller erase his/her personal data, cease further dissemination of the data, and potentially have third parties halt processing of the data. The conditions for erasure, as outlined in article 17, include the data no longer being relevant to original purposes for processing, or a data subjects withdrawing consent. It should also be noted that this right requires controllers to compare the subjects’ rights to “the public interest in the availability of the data” when considering such requests.

Data Portability

GDPR introduces data portability – the right for a data subject to receive the personal data concerning them, which they have previously provided in a ‘commonly use and machine-readable format‘ and have the right to transmit that data to another controller.

Privacy by Design

Privacy by design as a concept has existed for years now, but it is only just becoming part of a legal requirement with the GDPR. At its core, privacy by design calls for the inclusion of data protection from the onset of the designing of systems, rather than an addition. More specifically – ‘The controller shall..implement appropriate technical and organizational measures..in an effective way.. in order to meet the requirements of this Regulation and protect the rights of data subjects’. Article 23 calls for controllers to hold and process only the data absolutely necessary for the completion of its duties (data minimization), as well as limiting the access to personal data to those needing to act out the processing.

PRIVACY SHIELD POLICY

EU-U.S. and Swiss-U.S. Privacy Shields

This Privacy Shield Policy (this “Policy”) applies to personal information transferred to 3D Immersive Collaboration Consulting, LLC (3D ICC) in the United States from organizations subject to data protection law in the European Economic Area (EEA) (which includes the member states of the European Union (EU) plus Iceland, Liechtenstein and Norway) and from Switzerland. This Policy sets out our practices for collecting, using, maintaining, protecting and disclosing that personal information. Please see our Privacy Policy for an explanation of how we collect, use, store, and disclose information about visitors to and subscribers of our websites.

DEFINITIONS

For purposes of this Policy, the following definitions shall apply:

“3D ICC Customer” is any entity that purchases the services you are using from 3D ICC.

“3D ICC Reseller” is any entity that sells directly to and is the main interface between 3D ICC and a 3D ICC Customer.

“Personal information” means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. Personal information does not include information that is anonymized or aggregated.

“Sensitive information” means any personal information that reveals race, ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, information that concerns health or sex life, and information about criminal or administrative proceedings and sanctions.

“Employment information” means any personal information collected in order to comply with employment regulations, payments for employment, employee benefits, and tax reporting.

EU-U.S. AND SWISS-U.S. PRIVACY SHIELD PRINCIPLES

3D ICC participates in and complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from organizations subject to data protection law in the EEA and Switzerland to the United States, respectively. 3D ICC has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms of this Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view 3D ICC certification, visit https://www.privacyshield.gov/.

Notice

3D ICC receives data from customers of its Immersive Terf® program, from its website, support portal, and support requests. Some of this data includes personal information about individuals in the EEA and Switzerland, which may include basic contact information like name and email address, sales information, and information related to usage, including computer performance characteristics, and configuration information. 3D ICC uses this information for the provision of the services to its customers, customer support for such services, and reporting to meet contractual obligations to either a 3D ICC Customer or 3D ICC Reseller.

3D ICC will subject all personal information received via the Privacy Shield to the EU-U.S. and Swiss-U.S. Privacy Shield Principles. 3D ICC is subject to the investigative and enforcement authority of the Federal Trade Commission (FTC). 3D ICC may be required to disclose personal information in response to lawful requests by public authorities. 3D ICC has potential liability for onward transfers to third parties. Additionally, an individual may be allowed to invoke binding arbitration to resolve disputes under certain limited conditions.

3D ICC will also collect Employment Information for employees and contractors that it hires.

Choice

If you are not a resident of the EEA or Switzerland or we have received your information from you through our websites, applications and services, please see our Privacy Policy for information about your choices.

3D ICC will offer EEA and Swiss individuals whose personal information has been transferred to us the opportunity to choose whether the personal information it has received is to be used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual. An individual may opt-out of such uses of their personal information by contacting us at the address given below.

3D ICC does not collect and will not use sensitive personal information.

Data Integrity and Purpose Limitation

3D ICC will use personal information only in ways that are compatible with the purposes for which it was collected or subsequently authorized by the individual. 3D ICC will take reasonable steps to ensure that personal information is relevant to its intended use, accurate, complete and current.

Transfers to Agents

3D ICC does not currently use Agents to process data, in the event that an agent is used 3D ICC may disclose personal information to Agents, including but not limited to, providers of analytical, hosting, payment processing and other support services. Agents may have access to personal information if needed to perform their functions for 3D ICC. 3D ICC does not transfer personal information to non-Agent third parties except as required under contract to 3D ICC Resellers for purposes of reporting to 3D ICC Customers.

3D ICC will require its Agents to safeguard personal information consistent with this Policy by contract obligating the agent to provide at least the same level of protection as is required by the EU-U.S. and Swiss-U.S. Privacy Shield Principles. Under certain circumstances, 3D ICC may bear liability for onward transfers of personal information from the EEA where its Agent processes personal information inconsistent with the EU-U.S. and Swiss-U.S. Privacy Shield Principles, unless 3D ICC proves that it is not responsible for the event giving rise to the damages.

Access and Correction

3D ICC will grant individuals reasonable access to personal information it received pursuant to these Principles. In addition, 3D ICC will take reasonable steps to permit individuals to correct, amend, or delete such information that is demonstrated to be inaccurate or incomplete. An individual may request to access his or her information, or otherwise correct, amend, or delete his or her information pursuant to the EU-U.S. and Swiss-U.S. Privacy Shield Principles by contacting us at the address given below.

Security

3D ICC will take reasonable and appropriate precautions to protect personal information in its possession from loss, misuse and unauthorized access, disclosure, alteration and destruction.

Enforcement

3D ICC will conduct compliance audits of its relevant privacy practices to verify adherence to this Policy. Any employee that 3D ICC determines is in violation of this policy will be subject to disciplinary action.

Dispute Resolution – Privacy Shield

In compliance with the EU-U.S. and Swiss-U.S. Privacy Shield Principles, 3D ICC commits to resolve complaints about your privacy and our collection or use of your personal information. EEA or Swiss individuals with inquiries or complaints regarding this Policy should first contact 3D ICC at the address given below. 3D ICC will investigate and attempt to resolve complaints regarding use and disclosure of personal information by reference to the principles contained in this Policy.

3D ICC has further committed to refer unresolved privacy complaints under the EU-U.S. and Swiss-U.S. Privacy Shield Principles to an independent dispute resolution mechanism,

The panel established by the EU DPAs to resolve disputes pursuant to the Privacy Shield Framework
http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm

Swiss Federal Data Protection and Information Commissioner (FDPIC)
https://www.edoeb.admin.ch/edoeb/en/home/the-fdpic/links/data-protection—international.html

Under certain limited conditions, an individual may be able to invoke binding arbitration as provided under the Privacy Shield to address an otherwise unresolved complaint.

CONTACT INFORMATION

Questions regarding this Policy should be submitted to 3D ICC:

privacy@3dicc.com

3D Immersive Collaboration Consulting, LLC
ATTN: Privacy
2729 Old Washington Road
Westminster, MD 21157

This Policy may be amended from time to time, consistent with the requirements of the EU-U.S. and Swiss-U.S. Privacy Shield Principles. The amended Policy will be made publicly available via 3D ICC website.

Contacting Us

If there are any questions regarding this privacy policy, you may contact us using the information below.

3dicc.com
2729 Old Washington Road
Westminster, MD 21157
United States
support@3dicc.com

Last Edited on 2018-08-10