Last Updated: September 1, 2022
Who We Are
ThirdPartyTrust, LLC (together with its affiliates) (collectively, “ThirdPartyTrust”, “we”, or “us”) creates software products and platforms that enable businesses to manage their own risk as it relates to third party data governance and compliance.
Table of Contents:
- What Information do we collect?
- What information do we know about you?
- What about Cookies?
- How do we use the information we collect?
- Who we share information with
- Children’s Privacy
- “Do Not Track”
- Accessing, Updating and Deleting Your Personal Information
- California Privacy Rights under the CCPA
- How to Contact Us
What information do we collect?
When you interact with us through the services or websites, we may collect various types of information, including information that identifies you or may identify you as an individual including:
- Information provided by you: Contact information including name, email, phone number, job title, company name, and other information provided by you when you complete our online forms, contact us with inquiries, or create an account to access and use the services, payment and billing information (excluding credit card information), and any other information provided by the user (including a user-submitted photograph if a user chooses to provide one). We will also collect such personal information when you log into or post or provide feedback to any ThirdPartyTrust services. We may collect personal information from you when you call us or we call you (including any video calls) and calls may be recorded and analyzed for training, quality control and for sales and marketing purposes. During such calls we will notify you of the recording via either voice prompt or script.
- Information automatically collected: IP Address, log data, user agent, and the referring URL. When you visit our website we automatically receive your IP address and information such as the user-agent of your web browser (e.g. ISP, brower type, referring/exit pages, files viewed, operating system, date/time stamp, and/or clickstream data to analyze trends in the aggregate and administer the website. This information is provided to us by your web browser.
- Information from third party sources: We may receive information about you from other sources, including publicly available databases or third parties from whom we have purchased data, and combine this data with information we already have about you. This helps us to update, expand and analyze our records, identify new customers, and provide products and services that may be of interest to you. If you provide us personal information about others, or if others give us your information, we will only use that information for the specific reason for which it was provided to us.
- Social Media Information: Our websites include social media features and widgets such as Facebook, YouTube, Twitter and LinkedIn or interactive mini-programs that run on our websites. These features may collect your IP address, which page you are visiting on our websites, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on our websites. Your interactions with these features are governed by the privacy statement of the company providing it.
In addition to the above, we may accumulate and aggregate certain statistical and related data in order to improve the performance and functionality of the websites and our services, to develop new products and/or services or to analyze the usage of the websites and our services or to provide our products and services, including providing our customers with support, and for sales and marketing purposes.
We are the sole owner of information collected on the websites and ThirdPartyTrust services (including any metadata), except for vendor lists and contact information that you provide to us in connection with your use of our websites and services.
What information do we know about you?
We don’t request or require you to provide personal information to access our website. As noted above, we may receive your IP address and user agent automatically. If you optionally elect to use our chat feature or fill out our early access request form, we will receive your Name, Email, Phone number, and Company name as well as your stated interest in our products. If you sign up for a user account or subscription, we will collect your contact information (name, email, phone number, job title, company name, payment information (in the event users purchase a report), and other information provided by the user).
What about cookies?
How do we use the information we collect?
- We use aggregate, anonymous or any other non-personally identifiable information to understand how many total users have visited our web site and the types of devices on which they are using it.
- We may use aggregated, anonymous or any other non-personally information that’s collected to understand general information and trends related to our website, such as how many users have visited our web site during a given period of time, and the types of devices the visitors use. The information can’t be used to identify an individual and is used by us to help improve the solution for consumers.
- We use information you choose to provide in our web forms to respond to your requests, comments, and questions.
- We use information you provide to us when signing up for and using our services to provide services, administer the account, and to correspond with you about those services.
- We may use the information to prevent fraudulent activity and for any other purpose based on our legitimate interest.
- We are headquartered in the United States of America. Personal information may be accessed by us or transferred to us in the United States or to our affiliates, service providers, agents, consultants and related third parties, partners and resellers, or service providers elsewhere in the world. By providing us with personal information, you consent to this transfer.
We may also use this information to contact you in the future to tell you about services we believe will be of interest to you. Each bulk marketing communication we send to you will contain instructions to “opt-out” of receiving future marketing communications. In addition, if at any time you wish not to receive any future marketing communications or wish to have your name deleted from our mailing lists, contact us as indicated below under “How to Contact Us.” You may also opt out as to whether your personal information is (i) to be disclosed to a third party other than as described herein or (ii) to be used for a purpose that is materially different from the purpose(s) for which it was originally collected (or subsequently authorized by you) by contacting us as indicated below under “How to Contact Us.”
Who we share information with
We do not sell your personal information. There are, however, certain circumstances in which we may share your personal information with certain third parties without further notice to you, including in connection with business transfers, to affiliates, service providers, agents, consultants and related third parties, partners and resellers and to comply with legal requirements. We may share and disclose information (including personal information) in the following instances:
- Vendors and Service Providers. We may share your information with vendors and service providers whom we engage to perform tasks on our behalf.
- Partners and Resellers. We may share your personal information with our partners and resellers so that they can assist you in using our services and sell or resell our services to you.
- If ThirdPartyTrust is acquired or merged with another company, we will transfer collected information to the acquiring company.
- Under certain circumstances, in our sole discretion, we may be required to disclose personal information if necessary to comply with a subpoena or court order, to establish or exercise our legal rights or defend against legal claims, or to cooperate with government and/or law enforcement officials.
We may share aggregated information, anonymous or any other non-personally (i.e., information that cannot be used to identify an individual) with any third party, including the media and industry observers and as part of our products and services. For example, we may disclose security trends, benchmarking data or the number of customers that have evaluated or purchased our products and services.
We take security very seriously. Ensuring that the information collected by our website and platform is secure and protected is very important to us. Consistent with industry standards and applicable law, ThirdPartyTrust has established appropriate technical and organizational measures to help prevent unauthorized access to, disclosure, alteration or misuse of information collected by the ThirdPartyTrust website and platform (“Collected Data”). For example, data received and stored by ThirdPartyTrust servers is encrypted at rest.
We use Amazon Web Services to store all Collected Data. Amazon employs a robust physical and network architecture security program with multiple certifications. For more information on Amazon’s security processes, please visit https://aws.amazon.com/security/. Notwithstanding our efforts, we cannot guarantee absolute or unqualified protection of any information given the open nature and resulting instability of the Internet, and we make no representations or warranties as to the effectiveness of our security and assume no liability for security breaches or any failure in the security of your computer equipment, your internet service provider or other networks and communications providers. If you have any questions about the security of your personal information, you can contact us at firstname.lastname@example.org.
The ThirdPartyTrust website and platform were not developed or intended for individuals that are deemed to be children under applicable data protection or privacy laws, nor do we knowingly collect information from children. If a parent or guardian becomes aware that their child has provided us with personal information without such parent or guardian’s consent, they should contact us.
“Do Not Track”
Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. DNT is a way for users to inform websites and services that they do not want certain information about their webpage visits collected over time and across websites or online services. Please note that we do not respond to or honor DNT signals or similar mechanisms transmitted by web browsers.
Accessing, Updating and Deleting Your Personal Information
Depending on the jurisdiction in which you are located, you may have the right to request that we provide the following information regarding the personal information we hold about you:
- The categories and/or specific pieces of personal information we collected
- The categories of sources from which personal information is collected
- The business or commercial purpose for collecting personal information
- The categories of third parties with whom we shared personal information
If you are entitled to exercise privacy rights under applicable law, you may access, correct, object to processing or request deletion of your personal information by logging into your account or contacting us. We will respond to your request within a reasonable timeframe. Please be aware that even after we have processed your request, we may retain certain residual information in the backup and/or archival copies of our database or any data that we may retain in compliance with applicable law. We will not discriminate against you for exercising any of your rights with respect to your personal information.
In the event you close any account in connection with the services, your account will be deactivated and your name and other personal information will no longer be accessible by you. We may retain your personal information for as long as your account is active or to provide you services, improve our services, comply with our legal obligations, resolve disputes and enforce our agreements.
California Privacy Rights under the CCPA
The California Consumer Privacy Act of 2018 (“CCPA”) provides California consumers with certain rights regarding their personal information. The section “What Information We Collect and How We Collect It” explains the specific details of personal information ThirdPartyTrust collects. We collect, or have collected in the past 12 months, including but not limited to the following categories of personal information:
- Identifiers (such as name, email address, postal address, phone number, IP address)
- Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)) (such as name, contact information, employment)
- Commercial information (such as transaction information, purchase history, payment information)
- Internet or other electronic network activity information (such as browsing history, search history, online behavior)
- Professional or employment-related information (such as job title and your business contact information)
- Inference data about you (such as additional features we think would be of interest to you)
Personal information, as defined by the CCPA, does not include publicly available information from government records and de-identified or aggregated consumer information.
We use and disclose the categories of personal information we collect from and about you consistent with the business purposes discussed in the section “How We Use the Information We Collect”. We share this information with the categories of third parties described in the With Whom do We Share section above.
The CCPA also sets forth obligations for businesses that “sell” personal information to third parties. We do not “sell” personal information and have not sold any personal information in the past 12 months. Please note that we do use third-party cookies for our advertising purposes as further described in our What About Cookies section above.
Subject to certain limitations, the CCPA provides California consumers the right to request to know more details about the categories or specific pieces of personal information we collect (including how we use and disclose this information), to delete their personal information, to opt out of any “sales” that may be occurring, and to not be discriminated against for exercising these rights. To make a request pursuant to their rights, California consumers should contact us as described in the How to Contact Us section below.
You will be required to verify your identity before we are able to fulfill your request. You can designate an authorized agent to make a request on your behalf. To do so, you will need to provide a written authorization or power of attorney signed by you for the agent to act on your behalf. You will still need to verify your identity with us. Note that consumers may only make a personal information request twice in a 12-month period under the CCPA. We will work to respond to your verifiable request within 45 days of receipt. Certain information may be exempt from requests under applicable law.
How to Contact Us
111 Huntington Ave.
Boston, MA 02199