PRIVACY STATEMENT OVERVIEW
Your privacy and trust are very important to Maclear.
Maclear, LLC. (“Maclear”) provides technology solutions and services to our commercial customers to further their integrated risk management (IRM) and governance, risk, and compliance (GRC) goals. Please refer to our full Privacy Statement below for further details.
When you visit our website or work with one of our commercial customers who uses our risk management software solutions, we will receive information about you. Our full Privacy Statement provides more detail about how we collect personal information, how we use it, and how we support your rights to your data. This overview is intended to provide you with a summary of the topics we cover in this Privacy Statement.
SECURITY AND TRANSPARENCY ARE CORE TO OUR BUSINESS
We use personal information to provide our services, deliver information, improve our website, and to fulfill other requests you may have (like answering support questions). We use measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration and disclosure. Additional details may be found below, but we want to be sure you know that we safeguard the information we hold.
WE COLLECT INFORMATION IN DIFFERENT WAYS
What we collect and how we collect information depends on how you use our Website and Software Solutions. This Privacy Statement is written to provide you with detail on the two ways we collect information:
We collect information from our corporate website at https://www.maclearglobal.com (the “Website”).
We use information from our Website for our own internal business and marketing purposes. We determine the purposes and institute the practices and requirements by which this personal information is collected, used, shared and destroyed.
To learn more, please go to our Website Privacy Terms.
We provide continuous security monitoring platforms and integrated risk management solution (the “Software Solution” or “Software Solutions”). We collect information through our Software Solutions on behalf of our customers. Our customers are organizations that engage us to deliver certain services available on our Software Solutions.
We process this information in connection with delivery of our services as contracted by a customer. Our customers determine the purpose and the nature of the personal information collected, used, stored, or deleted within our Software Solutions.
To learn more, please go to our Software Solution Privacy Terms.
You have options
If you ever decide you do not want to receive marketing or promotional information from us you can unsubscribe at any time – either though the unsubscribe link in the message (all marketing emails from Maclear contain opt out language / features to make it easy for people to unsubscribe from future mailings) or by emailing us at email@example.com. If you are based in the European Union, the United Kingdom, or in California, you may have additional rights associated with your personal information, so please refer to our full Privacy Statement below for more details.
We are available for additional information
If you have questions about this Privacy Statement you can contact us directly.
6607 Muirwood Court
Lisle, IL 60532
This Privacy Statement applies to personal information we may collect about you or that you may provide when you visit our corporate Website or use the Software Solutions, we provide our business customers. Maclear does not publish text, images, or multimedia content on our Website that portray nudity, foul language, violence or other information not aligned with our commercial goals.
Please read this Privacy Statement carefully to understand our policies and practices regarding how we collect, store, use, and share your personal information. If you do not agree with our policies and practices, your choice is not to use our services. Any personal information provided to us will never be sold, rented, traded, shared or leased other than as outlined in this Privacy Statement.
Our Software Solution and Website are not intended for children under age 16, and we do not knowingly collect personal Information from individuals under age 16. If you are under 16, do not provide any information on this Website. If we learn we have collected or received personal information from anyone under 16, without verification of parental consent, we will delete that information.
If you want to go directly to the terms that apply to Website visitors, click here to visit the Website Privacy Terms that detail our data handling practices for information we collect from visitors to our public Website.
If you want to go directly to the terms that apply to licensed users of our Software Solutions, click here to visit the Software Solution Privacy Terms that detail our data handling practices for processing personal information on behalf of our customers.
WEBSITE PRIVACY PRACTICES
The following terms apply to users of our Website
COLLECTION – WEBSITE
How we collect your personal information depends upon how you use and interact with our Website. Some information is provided directly by you, while other information may be collected through automated technologies.
Legal Basis for Collection
When accessing our Website, we collect personal information from you where 1) we have your consent, 2) where your personal information is necessary for us to provide a service (for example, when you register for a webinar), or 3) where we have a legitimate interest to process your information and that legitimate interest is not overridden by your data protection interests or fundamental rights and freedoms. In some cases, we may have a legal obligation to process your personal information, or to process your personal information in order to exercise, establish or defend legal claims.
More specifically, we may collect information when you provide it directly to us though the Website in webforms such as webinar registration forms or when you download data sheets, white papers, articles or other collateral. The type of information collected on these forms includes the following:
Website Information Collection
We may collect the following types of information from you:
- First Name
- Last Name
- Company Name
- Email Address
- Telephone number
- Work Address
- Job Title
- Business size
- Log-in credentials
Collected from Third Parties
We may receive information about you from other sources, including publicly available databases or third parties from whom we have purchased data, and combine this data with information we already have about you. This helps us to update, expand and analyze our records, identify new customers, and provide information about products and services that may be of interest to you. If you provide us personal information about others, or if others give us your information, we will only use that information for the specific reason for which it was provided to us. Examples of the types of personal information that may be collected from external sources include name, business contact details such as email, phone number, and job title.
Automated Collection Mechanisms and Cookie Notice
Do Not Track Requests
Maclear does not process or respond to “Do Not Track” signals from your browser or other mechanisms that enable choice regarding the collection of personal information about your online activities over time and across third-party websites or online services.
HOW WE USE PERSONAL INFORMATION – WEBSITE
We use personal information collected from the Website to respond to requests for information, including marketing and advertising communications, and to continue developing and improving the Website.
When you make requests on the Website
We use information collected from on the Website to respond to visitors’ requests. Maclear does not sell, rent, lease, trade or share visitors’ personal information other than as outlined in this Privacy Statement. When you provide us with your personal information or otherwise choose to sign up to receive email communications from us, we will use that information to send those communications to you. Individuals may “opt-out” of receiving e-mail communications through selections available on e-mails received.
For participants of our web seminars (“webinars”), the only personal information we share is webinar registration information and it is only shared with our webinar presenters for the limited purpose of providing this service.
Social Media Links
Interest Based Ads
Some information, like name and email, are collected for advertising purposes. This means you might see an advertisement from us on other sites you visit. Sometimes we allow third party advertising companies and ad networks to use automatic data collection technologies to collect similar information about you for purposes of providing you with interest-based ads. Interest-based ads are helpful because they are more likely to be tailored to your particular interests. They are also more likely to help you discover new services that are actually relevant to you and your interests. Also, if interest-based tracking is enabled, you likely will not see the same ads over and over because the number of times you see a particular interest-based ad is usually limited. By opting-out of interest-based ads, you lose all of these benefits.
Where Maclear serves as the controller of the data, such as where we use personal information for our own independent business purpose, we will retain your information in accordance with our data retention practices as follows: We will retain your information for the period of time that it serves a purpose compatible with the purpose for which it was originally collected or subsequently authorized and in accordance with applicable law. For example, we will retain your information for as long as your account is active, as necessary to comply with our legal obligations and rights, to resolve disputes, and to enforce our agreements.
HOW WE SHARE INFORMATION – WEBSITE
Where we share personal information with third parties, we do so as set forth below. Any information we collect will never be sold, rented, traded, shared or leased other than as outlined in this Privacy Statement.
Service Providers and Analytics. Maclear contracts with select third parties to provide us with Web-based services that include e-mail delivery and content streaming; these services may collect certain visitor data and click through data, including IP address, referring page, pages visited on our Website and whether you opened and email, and clicked on any content within that email. These companies are authorized to use directly identifying data, for example, e-mail addresses, only as necessary to provide for the service requested, in accordance with Maclear’s privacy practices and pursuant to written instructions.
YOUR RIGHTS – WEBSITE
Maclear acknowledges that you may have the right to access your personal information.
Rights provided under the Privacy Shield Frameworks to personal information transferred from European Union (EU) member countries and Switzerland to the United States.
Maclear respects your control over your information and, upon request, we will confirm whether we hold or are processing information that we have collected from you. You also have the right to amend or update inaccurate or incomplete personal information, request deletion of your personal information or request that we no longer use it. Under certain circumstances we will not be able to fulfill your request, such as if it interferes with our regulatory obligations, affects legal matters, we cannot verify your identity, or it involves disproportionate cost or effort, but in any event we will respond to your request within a reasonable timeframe and provide you an explanation. In order to make such a request of us, please submit your request and associated evidence to firstname.lastname@example.org. Maclear will respond to your request with respect to the personal information Maclear holds.
Software Solution Users Note
Please note that where personal information is collected within the software solutions we offer, we do so on behalf of customer organizations and those customer organizations manage the data in accordance with their own internal policies and procedures. Any questions related to how that customer organization may process, use or share your information should be directed to that customer organization by contacting them directly. Unless otherwise prohibited by law, we will honor and support any instructions they provide us with respect to your personal information.
European Economic Area, Switzerland or United Kingdom Citizen Rights
Individuals who reside in the European Economic Area (EEA), including Switzerland and the United Kingdom (UK) have additional rights reserved under the General Data Protection Regulation (GDPR), the UK Data Protection Act and/or ePrivacy Directive, as applicable. This section details those additional rights and information on how to exercise them:
- You may request to access, correct, update or request deletion of your personal information based on information collected from accessing our Website or participating in our Webinars.
- You may request additional information related to the purposes for which we process your personal information, the categories of personal information we process, where we originally collected the information, who we share it with, and how long we will retain it.
- You may object to our processing of your personal information, request that we restrict the processing of your personal information or request portability.
- You have the right to opt-out of marketing communications we sent you at any time. You can do so by clicking the “unsubscribe” or “opt-out” link in the marketing emails we send to you. You may also opt-out of other forms of marketing (such as postal or telemarketing).
- Where we have collected and processed your personal information with your consent, you can withdraw your consent at any time. However, withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal nor will it affect the processing of your personal information conducted in reliance on lawful processing grounds other than consent.
- Upon your request, and where it is technically feasible, Maclear will provide you with a copy of your personal data or transmit it directly to another controller.
- You have the right to submit a complaint to a data protection authority about our collection and use of your personal information. For more information, please contact your local data protection authorities. Contact details are available here.
To make a request please email us at email@example.com with “Personal Information Request” in the subject line, and provide us with full details in relation to your request, including your contact information and any other detail you feel is relevant. Maclear will provide a response to an access request within 30 days of receiving such request with respect to the personal information Maclear holds or if we cannot, we will notify you and provide you with the reason for the delay.
California Citizen Rights
If you are a California-based consumer, as that term is defined under California law, this section shall apply in addition to all other applicable rights and information contained in this privacy statement. We collect, use and disclose the categories of personal information from the sources identified in this privacy statement. Our business purposes for such collection, use and disclosure, along with any categories of third-party partners, are identified in this privacy statement. Individuals who reside in the state of California have additional rights reserved under the California Consumer Privacy Act and the California Shine the Light law:
- You have the right to request that we provide you with the categories of personal information and the specific pieces of personal information we have collected and store about you.
- You have the right to request that we delete personal information we, or our service providers, store about you.
- If you elect to exercise any rights under this section of our Privacy Statement, we will not discriminate or retaliate against you.
- We do not sell personal information.
- To exercise your rights as a California consumer, please email us at firstname.lastname@example.org, Maclear will respond to and manage your request with respect to the personal information Maclear holds. Also, be sure to check this policy for updates as we will review it at least every 12 months and make updates as necessary.
Identity Verification Requirement
We are required by law to verify that any request submitted was made by someone with the legal right to access the data. Therefore, prior to accessing or divulging any information pursuant to a data subject access request, we may request that you provide us with additional information in order for us to verify your identity and legal authority.
Under certain circumstances we may not be able to fulfill your request, such as where doing so would interfere with our regulatory or legal obligations, where we cannot verify your identity, or if your request involves disproportionate cost or effort; in any event, we will respond to your request within a reasonable time frame and as required by law, and provide you an explanation.
SOFTWARE SOLUTION PRIVACY PRACTICES
The following terms apply to users of our Software Solution services provided through contract to our business customers.
COLLECTION – SOFTWARE SOLUTION
We collect personal information in a variety of ways depending on how you use and interact with our Software Solution. Some information is provided directly by you, while other information may be provided by your employer or business partner (our commercial customer) in connection with the delivery of our Software Solution for our customer’s business use.
Legal Basis for Collection
When using our Software Solution, generally speaking, we collect personal information from you on behalf of our customer where 1) you have consented, 2) where your personal information is necessary for us to comply with our contractual commitments (for example, when we deliver our services), or 3) where our customer has a legitimate interest to process your information and that legitimate interest is not overridden by your data protection interests or fundamental rights and freedoms. In some cases, we may have a legal obligation to process your personal information, or to process your personal information in order to exercise, establish or defend legal claims.
Software Solution Access
In order to access the Software Solution, you may be required to provide specific information (such as your login credentials) that allows us to verify your identity before accessing certain data we host or to deliver certain services on behalf of our customer organizations. We may use tools and other tracking software within our applications to collect information related to the pages and areas within pages you visit to support improvements to our Software Solution and log activity associated with licensed user access. This identity verification information is kept secure on our servers and is only used to assist you in accessing your account; we take care to prevent release of this information outside of our customer’s particular instance of the Software Solution unless specifically authorized by law, contract, or these data handling practices.
Collection based on Software Solutions
Each of the software services collects different types of information based on the software application, nature of user interaction, and the specific types of information our business customer requests that we collect on their behalf.
In collecting and hosting customer data within our Software Solution, Maclear acts as the data processor; our business customer is the data controller. We do not make any judgments or decisions in relation to the content of personal information submitted or use of the information by any customer or customer company representatives. Our responsibility is limited to collecting and securing the information provided to us in accordance with the terms of this Privacy Statement, our contracts with customers, and applicable law.
Accordingly, the following represents a summary of the types of information collected through each of the software services available in the Software Solution, and the collection mechanism through which the data is collected:
Maclear eGRC Suite™ and Kaizen Evo™
Our solutions allow our customers to support their risk management processes including but not limited business continuity and disaster recovery management, vendor management, threat management, asset management, audit management, policy and compliance management and incident management, programs and goals through an integrated software solution. In order for Maclear to provide these services to our customers, we may collect First Name/Last Name, Email Address, and Username. Other personal information categories, such as Job Title, may also be collected at the choice of our customer.
Collected from Third Parties
We may receive information about you from other sources, including your employer or business partner. This helps us keep our records up-to-date and to provide the Software Solution in accordance with our contractual obligations. Where a third party gives us your information, we will only use that information for the specific purpose for which it was provided to us and in compliance with our customer contracts. Examples of the types of personal information that may be collected from external sources include name, business contact details such as email, and job title.
Automated Collection Mechanisms and Cookie Notice – Software Solutions
In addition to the direct collection practices detailed above, we and our service providers may use automated collection technologies to collect information within some areas of our Software Solutions. Having technical information like this helps us to improve the Software Solution. We aim to be transparent about the automated technologies we use, and in order to communicate the type and name of automated technologies employed to accomplish that, we have made additional resources available to provide more detail around automatic information collection technologies available at our Cookie and Automated Technology Notice.
HOW WE USE PERSONAL INFORMATION – SOFTWARE SOLUTIONS
Maclear, as the processor of personal information on behalf of its business customers, uses the personal information collected exclusively in accordance with its business customer’s (the data controller’s) instructions. More specifically, we use personal information collected from the Software Solution to 1) provide the Software Solutions to our customers and their end-users, 2) communicate with customers and their end-users about the Software Solution, 3) respond to support requests, and 4) continue developing and improving the Software Solution.
HOW WE SHARE INFORMATION – SOFTWARE SOLUTIONS
We share your personal information in order to comply with our contractual commitments to our business customers. In limited instances where we share personal information with other third parties, we do so as detailed below. Any personal information we collect will never be sold, rented, traded, shared or leased other than as outlined in this Privacy Statement.
Maclear contracts with select third parties in order to host and deliver services to our customers. These third parties may not use or access any directly identifying data other than to provide the specific contracted services. For example, we may use cloud hosting providers to support our Software Solutions.
YOUR RIGHTS – SOFTWARE SOLUTIONS USERS
As a reminder, where personal information is collected within the Software Solution, we do so for our business customers. As described previously in this Privacy Statement, Maclear operates as a data processor on behalf of its business customers, in its collection and use of personal information related to delivery of Software Solution services. Each of our customers has instructed us to collect information on their behalf and controls use of the data we process. Those customers manage the data in accordance with their own internal policies and procedures.
Accordingly, any individual who seeks access to their personal information, or who seeks to correct, amend, or delete inaccurate data should direct their enquiry to our customer (the data controller). Where Maclear is only processing personal information on behalf of its customers, enquiries made directly to Maclear will be forwarded to our customer for response. Unless otherwise prohibited by law, we will honor and support any instructions they provide us with respect to your personal information.
If you have questions or complaints regarding our Privacy Statement or data handling practices, please contact us with “Privacy Enquiry” in the subject line by mail or e-mail at the address below.
6607 Muirwood Court
Lisle, IL 60532
GENERAL PRIVACY STATEMENT TERMS
The following terms apply to users of our Software Solution and visitors to our Website.
SECURITY – BOTH
Maclear prohibits any unauthorized access or use of any information stored on our servers. Unauthorized access to this information is a violation of law. In the event of a breach of security or a reasonably suspected breach of security, Maclear will properly investigate and press charges to the fullest extent possible against any party it determines has illegally accessed information within our systems.
We follow generally accepted industry standards to protect the personal information submitted to us, both when transmitted and when stored. Maclear has placed security measures and firewalls on all network servers in an attempt to prevent outside parties from accessing private information. These precautions are designed to secure your personal information from accidental loss and from unauthorized access, use, alteration and disclosure. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.
You also play an important role in the security of your information on our Software Solution. Where you have been given a password for access to the relevant parts of our Software Solution, you are responsible for keeping it safe and confidential.
If you have any questions about security on our Website, you can e-mail us at email@example.com with “Questions about Web site Security” in the subject line.
INTERNATIONAL TRANSFER – BOTH
To facilitate our operations, we may transfer, store and process your personal information in jurisdictions other than where you live [including in the United States]. Laws in these countries may differ from the laws applicable to your country of residence. For instance, if you are a European Economic Area (EEA) data subject and your personal information is shared with our affiliates, partners, or third-party service providers acting on our behalf outside of the EEA, then it is done so pursuant to appropriate safeguards necessary to ensure an adequate level of protection in accordance with this Privacy Statement.
EU & SWISS Privacy Shield Certified – Both
Maclear participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework and the Swiss- U.S. Privacy Shield Framework. Maclear is committed to subjecting all personal information received from the European Economic Area, United Kingdom, and Switzerland, respectively, in reliance on each Privacy Shield Framework, to the Frameworks’ applicable Principles. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/.
Maclear is responsible for the processing of personal information it receives, under each Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. Maclear complies with the Privacy Shield Principles for all onward transfers of personal information from the European Economic Area, United Kingdom, and Switzerland, including the onward transfer liability provisions.
With respect to personal information received or transferred pursuant to the Privacy Shield Frameworks, Maclear is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, Maclear may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at www.bbb.org/EU-privacy-shield/for-eu-consumers/.
Under certain conditions, more fully described on the Privacy Shield website [https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint], you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.
LEGAL DISCLOSURES – BOTH
In certain situations, we may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. We reserve the right to disclose your personal data as required by law and when we believe that disclosure is necessary to protect our rights and/or comply with a judicial proceeding, court order, or legal process served on us.
In the event we undergo a legal business restructuring, business transition, merger, acquisition by another company, or sale of all or a portion of its assets, your personal data will likely be among the assets transferred. You will be notified via prominent notice on our Web site for 30 days of any such change in ownership or control of your personal information.
UPDATES – BOTH
Any updates or changes to this Privacy Statement will be posted to this Privacy Statement, the home page, or other places we deem appropriate so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it. We reserve the right to modify this Privacy Statement at any time, so please review it frequently. If we make material changes to this policy, we will notify you here, by e-mail, or by means of a notice on our home page prior to the change becoming effective.
QUESTIONS OR CONCERNS – BOTH
If you have received unwanted, unsolicited e-mail sent by Maclear or purporting to be sent via Maclear, please forward a copy of that e-mail with your comments to firstname.lastname@example.org for review.
If you have questions or complaints regarding our privacy statement or practices, please contact us at email@example.com with “Privacy Enquiry” in the subject line and provide detail on your question or complaint so that we may adequately respond.
6607 Muirwood Court
Lisle, IL 60532
COOKIE AND AUTOMATED TECHNOLOGY NOTICE
Maclear and our tracking utility partners use technologies such as cookies, beacons, tags, and scripts. These technologies are used in analyzing trends, administering our Website, tracking users’ movements around our Website and to gather demographic information about our visitors to our Website as a whole. We may receive reports based on the use of these technologies by our tracking utility providers on an aggregated basis.
A “cookie” is a small text file that is stored on a user’s computer or mobile device when you visit a website. Cookies send information back to the originating website on each subsequent visit to that website, or to another website that recognizes that same cookie. Cookies are useful because they allow a website to recognize a user’s device and keep track of preferences.
Maclear eGRC Suite™ and Kaizen Evo™ may also use persistent cookies for tracking single-sign-on preferences such as LDAP or SAML authentication or language preferences.
Cookies perform many different jobs, like allowing you to navigate between pages efficiently, remembering your preferences, and generally improving a user’s experience on a website. They can also help to ensure that the advertisements you see online are more relevant to you and your interests. We use different types of cookies on our Website, as explained below.
These cookies are necessary for our Website to function properly and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of our Website will not work if you block these cookies. These cookies do not store any information that identifies you directly.
Functional cookies allow us to count visits and sources of traffic on our website so we can measure and improve the performance of our Website. They help us to know which pages of our Website are the most and least popular and see how visitors move around our Website. The information collected by these cookies is used to create aggregated, anonymous analytics reports. If you do not allow these cookies we will not know when you have visited our site and will not be able to monitor its performance.
Targeted Advertising Cookies
Advertising cookies may be set through our Website by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant advertisements on other sites.
These cookies do not store directly identifiable personal