Privacy

February 7, 2020

ControlScan, Inc. (“ControlScan”) is committed to protecting the privacy and confidentiality of personal information we may collect. The ControlScan Privacy Policy is designed to assist you—businesses, consumers and the general public—in understanding how we collect personal information about you (“Personal Information”) through our Websites located at www.controlscan.com, www.pcicomplianceguide.org, www.secureedge.com and www.mycontrolscan.com (each a “Website” and collectively the “Websites”) and how that information may be used, maintained and, in some cases, shared. By visiting our Websites or otherwise providing ControlScan with Personal Information by any means, you accept and consent to the practices described in this Privacy Policy.

Information We Collect and How We Collect It

When visiting a ControlScan Website, we may collect some information directly from you when you provide it to us and we may collect other information gathered on a collective basis as you browse the Website.

ControlScan collects several types of information from and about users of our Website including information by which you may be personally identified, such as name, postal address, e-mail address, telephone number or any other identifier by which you may be contacted online or offline and anonymous information that is about you but does not individually identify you, such as usage details, IP addresses, and information collected through cookies, and other tracking technologies. We collect this information directly from you when you provide it to us, automatically as you navigate through the site, and from third parties such as our business partners.

ControlScan does not knowingly collect Personal Information revealing racial or ethnic origin, political opinion, religious or philosophical beliefs, or trade union membership, genetic data, biometric data, data concerning health, and data concerning a natural person’s sex life or sexual orientation.

Information You Choose to Provide

Web Forms

The information we collect on or through our Website may include information that you provide by filling in forms on our Website. This includes information provided at the time of subscribing to our service, or requesting further services, and when you report a problem with our Website.

E-mail Information

If you choose to correspond with us through e-mail, we may retain the content of your e-mail messages together with your e-mail address and our responses.

Customer Testimonials

We post customer testimonials on our Website which may contain personally identifiable information. We obtain the customer’s consent via email prior to posting any personally identifiable information with their testimonial. If you wish to update or delete your testimonial, you can contact us at support@controlscan.com.

Live Chat

We use live chat to assist you with questions about our products. If our live chat is offline we will collect your name and email address so that we may reply to your request.

Blog/Forum

Our Website offers publicly accessible blogs or community forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. To request removal of your Personal Information from our blog or community forum, contact us at support@controlscan.com. In some cases, we may not be able to remove your Personal Information, in which case we will let you know if we are unable to do so and why.

Customer Surveys

From time to time, ControlScan may conduct customer satisfaction surveys concerning the certification process and usability functions related to our Website, or any other future service we may provide, in order to improve our services and programs. We welcome member feedback, always, but the contact information requested in the surveys is optional. We also occasionally share this survey data with third parties, but only in a cumulative, statistical format, without disclosing any personal or identifying information of ControlScan members.

Press Releases and Media Relations

To request a press release or media relations kit, or in order to contact a member of our Media/Public Relations department, ControlScan requires that you enter your e-mail address, name, company, phone number and reason for inquiry, either on our Web form, or by phone to fulfill your request. ControlScan will not share the information you provide with any third-party companies, without your permission, with the exception of any third-party company we may retain for distribution of press releases to the public.

Information Provided Automatically

Tracking Technologies

Like most websites, ControlScan and our authorized partners, including Google and Acoustic, L.P., may gather anonymous information about you on our Websites via automated tracking technologies such as cookies, beacons, tags and scripts. We use information collected to statistically analyze usage of our Websites by tracking users’ movements around the Website and to gather demographic information about our user click activity as a whole in order to improve and customize our content and other offerings. We may receive reports based on these technologies on an individual as well as an aggregated basis. Users can control the use of cookies at the individual browser level. If you reject cookies, you may still use our site, but your ability to use some features or areas of our site may be limited.

Analytics / Log Files

As is true of most websites, we gather certain information automatically and store it in log files. This information includes internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and clickstream data. We do not link this automatically collected data to other information we collect about you.

How Do We Use This Information?

We use information that we collect about you or that you provide to us, including any Personal Information, for purposes of presenting our Website to you, improving Website content, to provide you with information, products, or services that you request from us, and to notify you about changes to our Website or any products or services we offer or provide through it.

Disclosure of Your Information

Third Party Partners

We use third parties to facilitate our business, including, but not limited to sending e-mails and processing credit card payments. In connection with these offerings and business operations, our partners and other third parties may have access to your Personal Information for use in connection with business activities. These companies are authorized to use your Personal Information only as necessary to provide these services to us.

We do not share, rent, or trade Personal Information with third parties for their promotional purposes. We do not sell your Personal Information to third parties.

Business Transfers

As we develop our business, we may buy or sell assets or business offerings. Customer, e-mail, and visitor information is generally one of the transferred business assets in these types of transactions. We may also transfer such information in the course of corporate divestitures, mergers, or any dissolution. You will be notified via email and/or a prominent notice on our Website of any change in ownership or uses of your Personal Information, as well as any choices you may have regarding your Personal Information.

Legal Obligations

We may disclose your Personal Information if required to do so by law or subpoena or if we believe that such action is necessary to (a) conform to the law or comply with legal process served on us or Affiliated Parties; (b) protect and defend our rights and property, the Site, the users of the Site, and/or our Affiliated Parties; (c) act under circumstances to protect the safety of users of the Site, us, or third parties.

With Your Consent

Except as set forth above, we will obtain your consent before disclosing your Personal Information with third parties, and you will be able to prevent the sharing of this information.

Managing Your Information

Choice/Opt-out

If you do not wish to receive any promotional or marketing e-mails and/or surface mail marketing letters, you may opt-out of receiving those communications by changing your email settings on our Preferences page, by sending an e-mail with the subject line “Unsubscribe” to support@controlscan.com or by contacting a Customer Service Representative at 1-800-825-3301, ext. 1. You may also choose to opt-out of disclosures of Personal Information to third parties for a purpose incompatible with the purpose for which it was originally collected. It may take up to thirty (30) days to remove your contact information from our marketing communications list. You may also choose not to provide us with certain information, but that may result in the inability of ControlScan to assist with requests for information or to provide the services.

How Can You Correct Your Information?

If your Personal Information changes, you may, correct, update, delete/remove or deactivate it by emailing support@controlscan.com or by calling 1-800-825-3301, ext. 1. We will respond to your change request within thirty (30) days.

Data Retention

We will retain your information for as long as your account is active or as needed to provide your services. If you wish to cancel your account or request that we no longer use your information to provide you services contact us at support@controlscan.com. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

How Do We Protect Your Information?

ControlScan follows generally accepted industry standards to protect the personally identifiable information submitted to us, both during transmission and once we receive it. No method of transmission over the Internet, or method of electronic storage, is 100% secure, however. Therefore, while we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security.

E-mail is not recognized as a secure medium of communication. For this reason, we request that you do not send private information to us by e-mail. The security of your Personal Information is important to us. When you enter sensitive information (such as credit card number and/or social security number, national ID, personal health information) on our registration or order forms, we encrypt that information using secure socket layer technology (SSL). To learn more about SSL, follow this link—https://www.globalsign.com/en/ssl/.

Your California Privacy Rights

If you are a California resident, California law may provide you with additional rights regarding our use of your Personal Information pursuant to the California Consumer Privacy Act (the “CCPA”). For further information refer to ControlScan’s Privacy Notice for California Residents.

Transfer of Data

If you access the Websites from outside of the United States, information that we collect about you will be transferred to servers inside the United States and maintained indefinitely, which may involve the transfer of information out of your country of origin. By allowing us to collect information about you, you consent to such transfer and processing of your data.

Children’s Privacy

The ControlScan Website is not designed for, or directed to, children under the age of 16. ControlScan does not knowingly collect Personal Information from anyone under the age of 16. If you have reason to believe that a child under the age of 16 has provided Personal Information to us through our Website or other service, please contact us at support@controlscan.com, and we will use commercially reasonable efforts to delete that information.

Changes to the Privacy Policy

We may occasionally update this Privacy Policy. We encourage you to periodically review this Privacy Policy to stay informed about how we are protecting the Personal Information we collect. Your continued use of the Website constitutes your agreement to this Privacy Policy and any updates.

Contacting Us

If you have any questions or complaints about this Privacy Policy, the ways in which we collect and use your information, your choices and rights regarding such use, please contact us via e-mail at support@controlscan.com or at the mailing address or by phone as provided below.

Mailing address:

ControlScan, Inc.
11475 Great Oaks Way, Suite 300
Alpharetta, GA 30022
Phone: 1-800-825-3301, ext. 1
Fax: 1-800-825-2207

Privacy Notice for California Residents

February 7, 2020

This Privacy Notice for California Residents supplements the information contained in the ControlScan Privacy Policy above and applies solely to individuals residing in California from whom we collect Personal Information (“California Consumers”). We adopt this notice to comply with the California Consumer Privacy Act of 2018 (“CCPA”) and any terms defined in the CCPA have the same meaning when used in this notice. To the extent of any conflict between this CCPA Policy and the rest of our Privacy Policy, this Privacy Notice for California Residents shall control only with respect to California Consumers and their Personal Information.

Information We Collect

The chart below outlines the categories of Personal Information (which are defined by the CCPA, not us) that we have collected and/or disclosed for a business purpose in the preceding twelve months. The examples of Personal Information provided for each category are taken from the CCPA and are included to help you understand what the categories mean. The examples are not meant to indicate what we actually collect or disclose, and more information about our specific practices can be found in our Privacy Policy:

Categories Examples (Not Intended to be Exhaustive)
Identifiers A real name, Internet Protocol address, email address, or other similar identifiers
Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment,  employment history, bank account number, credit card number, debit card number, or any other financial information,  medical information, or health insurance information. Some Personal Information included in this category may overlap with other categories
Commercial Information Records of personal property, products or services purchased, obtained, or considered, or other purchasing or  consuming histories or tendencies
Internet or Other Electronic Network Activity Information Browsing history, search history, and information regarding a consumer’s interaction with an Internet Website,  application or advertisement.
Inferences drawn from other Personal Information. Profile reflecting an individual’s preferences, characteristics, predispositions

 

We obtain the categories of Personal Information listed above from the following categories of sources:

  • Directly from you. For example, from forms you complete on our Website, products and services you purchase.
  • Indirectly from you. For example, from observing your actions on our Website.
  • Records and copies of your correspondence (including email addresses), if you contact us in relation to our products or services.
  • Your responses to surveys that we might ask you to complete for research or marketing purposes.
  • Details of transactions you carry out on our Website and fulfillment of your service orders.

Collection and Disclosure of Personal Information

The CCPA defines various business and commercial purposes for collecting, using, and disclosing Personal Information. We collect, use, and disclose California Consumer’s Personal Information pursuant to our Privacy Policy as a whole.

As also explained in our Privacy Policy, we share your Personal Information with the following categories of CCPA third parties: vendors and service providers, including for data analytics and marketing and advertising our products and services to you, third parties integrated into our services; third parties as required by law and similar disclosures, third parties in connection with a merger, sale, or asset transfer, and other third parties for whom we have obtained your permission to disclose your Personal Information.

Access

California consumers may request access to the Personal Information that we have collected and maintained about you (along with information regarding its use and disclosure) over the past twelve (12) months upon appropriate verification. California consumers may only make such requests twice (2) per every twelve (12) months.

Deletion

California Consumers have the right to request that we delete Personal Information collected and maintained about them, subject to certain exceptions. Once a California Consumer’s request is verified and we have determined that we are required to delete that information in accordance with applicable law, we will delete your Personal Information accordingly. A California Consumer’s request to delete Personal Information may be denied if it is necessary for us to retain the information under one or more of the exceptions listed in the CCPA. Please note that a record of the deletion request may be kept pursuant to our legal obligations.

Exercising These Rights

To exercise the access and deletion rights described above, please submit a request to us by either:

Please note that California consumers have a right to not receive discriminatory treatment for the exercise of their rights under the CCPA.

Verifying the Request

Only the California Consumer, or a person that is authorized to act on their behalf, may make a request related to the California Consumer’s Personal Information. In the case of access and deletion, the request must be verifiable before we can fulfill such request.

Verifying a request will require sufficient information for us to reasonably verify that the California Consumer is the person about whom we collected Personal Information, or a person authorized to act on their behalf (e.g., previous transactions of person to whom request relates).

Please note that we may charge a reasonable fee or refuse to act on a request if such request is excessive, repetitive, or manifestly unfounded.

“Shine the Light” Law

We do not rent, sell, or share your Personal Information with nonaffiliated companies for their direct marketing purposes, unless we have your permission.

Contact Information

If you have any questions regarding our privacy practices as it relates to this Privacy Notice for California Residents , please contact us via email at support@controlscan.com with the subject line, “CCPA Policy”.

Leave a Comment