This document was last updated on June 12, 2018
We may collect personal identification information (“Personal Data”) from Users in a variety of ways, including, but not limited to, when Users visit our site, register on the site, place an order, subscribe to the newsletter, respond to a survey, fill out a form, and in connection with other activities, services, features or resources we make available on our Site. Users may be asked for, as appropriate, name, email address, mailing address, phone number, credit card information. Users may, however, visit our Site anonymously. We will collect Personal Data from Users only if they voluntarily submit such information to us. Users can always refuse to supply Personal Data, except that it may prevent them from engaging in certain Site related activities.
Non-personal identification information
We may collect non-Personal Data about Users whenever they interact with our Site. Non-personal identification information may include the browser name, the type of computer and technical information about Users means of connection to our Site, such as the operating system and the Internet service providers utilized and other similar information.
Web browser cookies
How we use collected information
We may collect and use Users personal information for the following purposes (“Purposes”):
- To improve customer service
- Information you provide helps us respond to your customer service requests and support needs more efficiently.
- To personalize user experience
- We may use information in the aggregate to understand how our Users as a group use the services and resources provided on our Site.
- To improve our Site
- We may use feedback you provide to improve our products and services.
- To process payments
- We may use the information Users provide about themselves when placing an order only to provide service to that order. We do not share this information with outside parties except to the extent necessary to provide the service.
- To run a promotion, contest, survey or other Site feature
- To send Users information they agreed to receive about topics we think will be of interest to them.
- To send periodic emails
- We may use the email address to send User information and updates pertaining to their order. It may also be used to respond to their inquiries, questions, and/or other requests. If User decides to opt-in to our mailing list, they will receive emails that may include company news, updates, related product or service information, etc. If at any time the User would like to unsubscribe from receiving future emails, we include detailed unsubscribe instructions at the bottom of each email or User may contact us via our Site.
How we protect your information
We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorized access, alteration, disclosure or destruction of your personal information, username, password, transaction information and data stored on our Site.
Sensitive and private data exchange between the Site and its Users happens over a SSL secured communication channel and is encrypted and protected with digital signatures. Our Site is also in compliance with PCI vulnerability standards in order to create as secure of an environment as possible for Users.
We have also self-certified to the Privacy Shield and publicly commit to adhere to the Privacy Shield Principles, including the Supplemental Principles, in order to reliably transfer personal data between the United States and the European Union. In particular we commit to adhere to the Privacy Shield Principles of:
- Accountability of Onward Transfer
- Data integrity and purpose Limitation
- Recourse, Enforcement and Liability
To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov.
As indicated above we may collect your name, email address, mailing address, phone number, credit card information, and other Personal Data. All such Personal Data shall be subject to the Privacy Shield Principles.
We will only disclose your Personal Data to named third party subcontractors that supporting Orbitera where we have an existing confidentiality agreement, and have similar Data Privacy Policies in place, and we will only use your Personal Data for the Purposes identified above.
In the event that all or a portion of Orbitera or its assets are acquired by or merged with a third party entity, we reserve the right, in any of these circumstances, to transfer or assign the information that we have collected from users in connection with such merger, acquisition, sale, or other change of control.
In the event that you believe we have not complied with the Principles with respect to your Personal Data, or if you have any other inquiry relating to your Personal Data, please contact the Orbitera Data Privacy Office at email@example.com. You may also contact us if you want to limit our use and disclosure of your Personal Data.
We acknowledge that we may be liable for any damages suffered by you as the result of our transfer of your Personal Data to third parties that do not adhere to the Principles. Moreover, we are subject to the investigatory and enforcement powers of the United States Federal Trade Commission.
Notwithstanding anything to the contrary above, we may be obligated to disclose Personal Data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
We offer you the opportunity opt out of having your Personal Data (a) disclosed to a third party (other than an agent with which we have entered into an agreement to perform services on our behalf), or (b) used for a purpose that is materially different from the purpose(s) for which we originally collected it or for which you subsequently authorized. To opt out, please contact the Orbitera Data Privacy Office at firstname.lastname@example.org.
We do not currently collect sensitive Personal Data, such as information relating to medical or health conditions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership or information specifying the sex life of an individual. If we do collect any such sensitive Personal Data in the future, we will never disclose such sensitive Personal Data to a third party or use it for a purpose other than the purpose for which we originally collected it or you subsequently authorized, with out first obtaining your affirmative express consent.
Accountability for Onward Transfer
We will enter into a contract with any third-party data controller with access to your Personal Data and such contract will provide that such Personal Data may only be processed for limited and specified purposes consistent with the consent you provided and that the recipient will provide the same level of protection as the Principles and will notify the organization if it makes a determination that it can no longer meet this obligation. The contract shall also provide that when such a determination is made, the third party data controller shall cease processing or shall take other reasonable and appropriate steps to remediate.
If we transfer Personal Data to any third party acting as an agent for us, we will: (i) transfer such data only for limited and specified purposes; (ii) ascertain that the agent is obligated to provide at least the same level of privacy protection as is required by the Principles; (iii) take reasonable and appropriate steps to ensure that the agent effectively processes the personal information transferred in a manner consistent with the organization’s obligations under the Principles; (iv) require the agent to notify us if it makes a determination that it can no longer meet its obligation to provide the same level of protection as is required by the Principles; (v) upon notice, require the agent to take reasonable and appropriate steps to stop and remediate unauthorized processing; and (vi) provide a summary or a representative copy of the relevant privacy provisions of our contract with that agent to the applicable government agency upon request.
We will take reasonable and appropriate measures to protect your Personal Data from loss, misuse and unauthorized access, disclosure, alteration and destruction, taking into due account the risks involved in the processing and the nature of the personal data.
Data Integrity and Purpose Limitation
We will only collect Personal Data that we need for the specified purpose and we will not process Personal Data in a way that is incompatible with the purposes for which it has been collected or subsequently authorized by the individual. To the extent necessary for those purposes, we will take reasonable steps to ensure that Personal Data is reliable for its intended use, accurate, complete, and current. We will adhere to the Principles for as long as we retain your Personal Data.
We will retain your Information only for as long as it serves the purpose for which we collected it.
We will give you the following access to your information:
- Upon your request, we will provide confirmation of whether or not we are processing Personal Data relating to you
- Upon your request, we will make any personal data relating to you available to you so that you can verify its accuracy and the lawfulness of the processing, and we will correct, amend or delete if it is inaccurate or processed in violation of the Principles to which we adhere under the auspices of the Privacy Shield
You do not have to justify requests for access to your personal data, but we may charge a fee that is not excessive for such access. In responding to your access requests, we will first be guided by the concern(s) that led to the requests in the first place. For example, if an access request is vague or broad in scope, we may engage in a dialogue with you so as to better understand the motivation for the request and to locate responsive information. We may also ask you to identify the part(s) of our organization to which you provided the Personal Data and with whom you interacted or about the nature of the information or its use that is the subject of the access request.
We will make good faith efforts to provide access to your Personal Data. If we determine that access should be restricted in any particular instance, we will provide you with an explanation of why we made that determination and a contact point for any further inquiries by you. We reserve the right to deny or limit access to the extent that granting full access would reveal our own confidential commercial information or the confidential commercial information of a third party.
We reserve the right to restrict access to your Personal Data in exceptional circumstances where the legitimate rights of third parties would be violated or where the burden or expense of providing access would be disproportionate to the risks to your privacy in the case in question.
We may provide access in the form of disclosure of the relevant personal information instead of granting access to any of our databases. We reserve the right to destroy or never store Personal data we collect.
Under certain circumstances, we may restrict access to your Personal Data if disclosure is likely to interfere with the safeguarding of important countervailing public interests, such as national security; defense; or public security. We may also deny or limit access in the event disclosure would:
- interfere with the execution or enforcement of the law or with private causes of action, including the prevention, investigation or detection of offenses or the right to a fair trial;
- violate the legitimate rights or important interests of others;
- breach a legal or other professional privilege or obligation;
- prejudice employee security investigations or grievance proceedings; or
- prejudice the confidentiality necessary in monitoring, inspection or regulatory functions connected with sound management, or in our future or ongoing negotiations.
Recourse Enforcement and Liability
We are committed to providing you with recourse if we fail to comply with the Principles. To this end we are making available to you:
- a readily available independent recourse mechanism by which your complaints and disputes are investigated and expeditiously resolved at no cost to you, and damages awarded where the applicable law so provides;
- follow-up procedures for verifying that the attestations and assertions we make about our privacy practices are true and that privacy practices have been implemented as presented; and
- assurances that we will remedy problems arising out of our failure to comply with the Principles.
We acknowledge that we are obligated to arbitrate claims if you invoke binding arbitration by delivering notice us and following the procedures set forth at https://www.privacyshield.gov/article?id=ANNEX-I-introduction.
Third party websites
You may find advertising or other content on our Site that link to the sites and services of our partners, suppliers, advertisers, sponsors, licensors and other third parties. We do not control the content or links that appear on these sites and are not responsible for the practices employed by websites linked to or from our Site. In addition, these sites or services, including their content and links, may be constantly changing. These sites and services may have their own privacy policies and customer service policies. Browsing and interaction on any other website, including websites which have a link to our Site, is subject to that website’s own terms and policies.
Your acceptance of these terms
By using this Site, you signify your acceptance of this policy and terms of service. If you do not agree to this policy, please do not use our Site. Your continued use of the Site following the posting of changes to this policy will be deemed your acceptance of those changes.
This document was last updated on August 11, 2017