Safe Harbor Compliance
IMN complies with the U.S.-EU Safe Harbor Framework and the U.S.-Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland. Reynolds has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view IMN's certification, please visit http://www.export.gov/safeharbor/.
IMN collects and uses personal information both on its own behalf and in connection with its delivery of services to its customers. This Policy is divided into separate sections to distinguish these different categories of information.
INFORMATION COLLECTED OR USED BY IMN ON ITS OWN BEHALF
IMN will notify you about the purposes for which it collects and uses information about you, how to contact IMN with inquiries or complaints, the types of third parties to whom it discloses personal information, and the choices and means the organization offers individuals for limiting its disclosure. This notice will be provided by this Policy, which is available from IMN's home page so that you may review it before you disclose personal information to IMN.
IMN will offer individuals the opportunity to choose (opt-out) whether their Personal Information is (a) to be disclosed to a non-agent third party, or (b) to be used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual.
For Sensitive Personal Information, IMN will give individuals the opportunity to affirmatively and explicitly consent (opt-in) to the disclosure of the information to a non-agent third party or the use of the information for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual.
IMN will provide individuals with reasonable mechanisms to exercise their choices.
Personal information gathered
The IMN website has various features which allow those interested in IMN and its services to obtain more information about IMN, such as by subscribing to an IMN Newsletter, viewing a webinar, obtaining a free trial of an IMN service, purchasing a subscription to an IMN service, participating in a promotional event, or requesting a white paper. IMN asks those requesting such information to provide IMN with certain personal contact information that IMN may use to follow up with those interested in its services. The information IMN may collect includes first and last name, company or organization, title or position within the company or organization, postal address, phone number, email address, and credit card information. IMN stores this information and uses this information internally to invoice and provide support to its customers and in addition for IMN's own marketing purposes.
Technical information gathered online
IMN does not disclose personal information submitted to IMN to any third party, except as follows:
IMN maintains reasonable precautions designed to ensure the security of personal information covered by this Policy, and to protect such personal information from loss, misuse or unauthorized access, alteration, destruction or disclosure. IMN has a written Information Security Policy and Data Protection Procedures by which data security is to be maintained. Although IMN makes every effort to ensure security of its customer information, no data transmission over the Internet can be guaranteed to be 100% secure.
IMN takes reasonable steps to ensure that personal information it collects is reliable for its intended use, accurate, complete and current. IMN does not use personal information in ways that are incompatible with the purposes for which the information was disclosed.
User Access to Personal Information
Upon request, IMN will grant individuals reasonable access to Personal Information that it holds about them. In addition, IMN will take reasonable steps to permit individuals to correct, amend, or delete information that is demonstrated to be inaccurate or incomplete.
INFORMATION RECEIVED OR USED BY IMN ON BEHALF OF ITS CUSTOMERS
Notice of Information Received and Stored by IMN on behalf of IMN's Customers
IMN's services allow IMN's customers to send email communications to their customers ("end-customers"). In order for these services to be delivered, IMN's customers upload certain personal information about their end-customers to IMN's servers. Such information includes email addresses, and may also include other information such as names and addresses of the end-customers to whom the email communications will be sent. IMN does not control the categories of information that an IMN customer may choose to upload to IMN's servers. IMN stores this information on its servers on behalf of its customers, and acts merely as a data processor with respect to this data. This information is controlled by the IMN customer on whose behalf the information is stored.
IMN uses personal information about end-customers stored by IMN customers solely for the purposes of delivering services to IMN customers. This includes sending email communications to the end-customers and providing analytical reports to IMN customers relating to IMN services. IMN uses web tracking technologies to track the online behavior of end-customers as they interact with the electronic marketing materials sent on IMN customers' behalf. IMN associates such online behavior with personal information and provides this data to the applicable IMN customer; for example, if an end-customer clicks on a particular product featured in an email communication sent by IMN, the IMN customer may receive a report from IMN identifying the product interest of its end-customer.
Because information held on behalf of IMN customers is controlled by IMN customers, IMN cannot delete or modify that information. If you wish to opt-out with respect to information stored or used by IMN customers, you should contact the applicable IMN customer directly.
Disclosure of Information stored by IMN on behalf of IMN's customers
IMN does not disclose any end-customer personal information stored on behalf of its customers to any third party except to a) the IMN customer on whose behalf the information is stored, b) to third parties that the IMN customer has agreed, in writing, may receive such information, and c) to IMN subcontractors performing services on behalf of IMN. Any subcontractor to whom personal information is disclosed is subject to written agreements of confidentiality. Any subcontractor that receives any personal information of individuals resident in the European Union is either itself subject to EU data privacy law, subscribes to the Safe Harbor Principles or another adequacy finding, or has entered into a written agreement with IMN requiring that such third party provide at least the same level of privacy protection as the Safe Harbor standards. Information stored on behalf of any IMN customer is under the control of the applicable IMN customer.
IMN maintains reasonable precautions designed to ensure the security of end-customer personal information covered by this Policy, and to protect such personal information from loss, misuse or unauthorized access, alteration, destruction or disclosure. IMN has a written Information Security Policy and Data Protection Procedures by which data security is to be maintained. Although we make every effort to ensure security of end-customer information, no data transmission over the Internet can be guaranteed to be 100% secure. IMN Customer accounts are password-protected so that only IMN or the applicable IMN customer has access to personal information of end-customers. It is incumbent on the IMN customer not to divulge their password to anyone. IMN will never ask for a customer's password in an unsolicited phone call or in an unsolicited email.
IMN is not responsible for the data integrity of data held by IMN on behalf of IMN customers, because IMN acts solely as a data processor for such customers.
IMN cannot offer end-customers access to information stored by IMN on behalf of its customers. Such information is under the control of the relevant IMN customer, and you should contact that IMN customer if you wish to obtain access to any personal information about you which is held by them.
SOCIAL MEDIA SERVICES
Enforcement of this Policy
IMN will conduct compliance audits of its relevant privacy practices to verify adherence to this Policy. Any employee that IMN determines is in violation of this policy will be subject to disciplinary action, up to and including termination of employment.
Dispute Resolution - External Recourse
Any questions or concerns regarding the use or disclosure of Personal Information should be directed to the address given below. IMN will investigate and attempt to resolve complaints and disputes regarding use and disclosure of Personal Information by reference to the principles contained in this Policy. For complaints that cannot be resolved between IMN and the complainant, IMN has agreed to participate in the following dispute resolution procedure in the investigation and resolution of complaints to resolve disputes pursuant to the Safe Harbor Principles:
For disputes involving all other Personal Information received by IMN from the EEA, IMN has agreed to dispute resolution through arbitration in accordance with the commercial rules of the American Arbitration Association ("AAA"). Individuals who submit a question or concern to IMN and who do not receive acknowledgment from IMN of the inquiry or who think their question or concern has not been satisfactorily addressed should then submit a demand for arbitration with the AAA.
For information about AAA or the operation of the AAA arbitration dispute resolution process, visit AAA on the Internet at www.adr.org. The AAA arbitration dispute resolution process shall be conducted in English.
LIMITATION ON APPLICATION OF PRINCIPLES
Adherence by IMN to these Safe Harbor Principles may be limited (a) to the extent required to respond to a legal or ethical obligation; (b) to the extent necessary to meet national security, public interest or law enforcement obligations; and (c) to the extent expressly permitted by an applicable law, rule or regulation.
Questions or comments regarding this Policy should be submitted to IMN Office by mail to:
Information Security Department
Reynolds and Reynolds
One Reynolds Way
Dayton, OH 45430
Changes to this Policy will be posted in this section. This way you will always have a clear understanding of what information is collected online and offline, how it is used, and the choices you have.
EFFECTIVE DATE: May, 2014
To learn more about the Safe Harbor program, and to view the Company's certification, please visit http://www.export.gov/safeharbor/.