If you have any questions about this policy or if you would like to exercise any rights you may have in relation to your personal data, please contact us at firstname.lastname@example.org. If you have additional questions or need to escalate an issue, use the below details for our Data Protection Officer (DPO).
Full name of legal entity: Granicus, LLC
Name of DPO: Gerry Hansen
Email address: email@example.com
Postal address: 408 St. Peter Street, Suite 600, St.Paul, MN 55102, USA
Telephone number: 01 651 400 8730
As part of our marketing efforts, we collect your personal data such as your name, place of employment and address, job position, e-mail address, and phone number. This data is generally gathered directly from you through forms on our website, or over the phone and is used to communicate and personalize such communications with you, including offering products and services that we believe may be of interest to someone in your position. Information about your chosen subscriptions are used to better provide you with relevant e-mail content.
We gather business contact details about you from publicly accessible sources, such as your business or work website, or we may receive business-to-business (B2B) information from third party lists. Our employees may also search for your business contact details online and enter your information on to our marketing database. If you reside in EU/UK, we will ask for your opt-in consent to contact you. If you reside in the USA, we will provide you an option to opt-out on our first communication.
In certain situations, such as when you authorize to prefill a form on our website, we may receive data (such as first name, last name, e-mail address, job title, and company) from your past interaction with our website.
We gather certain data automatically upon your visit to our website, including, browser type, Internet service provider (ISP), referring/exit pages, the files viewed on our site and e-mails (e.g., HTML pages, graphics, etc.), operating system, date/time stamp, and/or clickstream data to analyse trends in the aggregate and administer the site. If you interact with web forms on our site or emails from us, your IP address is captured and used to infer your location, which helps us to serve you relevant content.
Our website also collects cookies. However, we will give you an option to opt-in or out to cookie tracking technologies depending upon your local jurisdiction.
We will use your personal data when the law allows us to. While national legislation differs (such as EU national law responses to the ePrivacy Directive), in general it will depend on where you are and whether you are acting in a business or personal capacity.
Most commonly, for marketing purposes, we will process your personal data in the following circumstances:
Where we are not certain of your business or personal capacity, we will apply the strictest possible justification (we will assume you are a private citizen, and therefore all services will be an “opt-in” data collection).
Our legitimate interests may include:
Our data use depends on the purpose of collection. The main reasons include:
By filling in the contact form with your data, you authorize us to use these details to reply to requests for information, quotes, or any other kind of request as indicated by the form’s header.
We may also collect data concerning the date and time when the message was viewed by you, as well as when you interacted with it, such as by clicking on links included in the message.
Nothing. As marketing is optional and only allowed with your permission, we cannot contact you further. If you reside in the US, we will collect your data and give you the ability to opt-out. If you are in EU/UK, we will contact you only if we have your consent or will contact you to let you know if we have collected your data.
Yes. Our service providers that analyse our website traffic will use algorithms to make decisions about who you are and what your interests are, in order to serve you with targeted advertisements. We will only do this when you have positively consented to this collection and use, which will be presented to you when you enter our website.
No. We do not sell marketing data. We do buy business contact details from third party B2B database providers within the US, but we never sell marketing data.
Granicus is owned and operated within the United States. Therefore, the data that we collect from you will be transferred to, and stored at, a destination outside the European Economic Area (“EEA”)/UK.
In light of the July 16, 2020 “Schrems II” decisions, the European Court of Justice has decided that the EU-US Privacy Shield is no longer a valid international data transfer option. We plan to maintain our Privacy Shield certification as good practice; however, we will no longer rely upon it as a basis for data transfer. We will discuss with any partner relying on it for EU-US transfers their proposed alternative solutions. We are monitoring the situation and hope for a new political and practical solution to be reached between the EU and the US regarding Mass Surveillance vs. Individual Privacy.
The remaining option open to us for data transfers from EU to the US are Standard Contract Clauses (SCCs), however we appreciate that these do not stop US government surveillance powers and laws, and we are therefore engaging with our partners to:
Likewise, we are aware of the UK’s exit from the European Union and the end of the current transition period on December 31st, 2020. We are aware that the UK hopes for a positive adequacy decision from the EU by then to allow data transfers to continue, but we will continue to monitor the situation in case alternative transfer mechanisms from EU to UK or UK to US become available or necessary.
We are committed to ensuring that your personal data is secure. In order to prevent unauthorized access, loss or disclosure, we have put in place security controls that reduce the risk of a security breach of your personal data.
If a data breach does occur, we will do everything in our power to limit the damage. In case of a high-risk data breach, and depending on the circumstances, we will inform you about remedial actions to prevent any further damage. We will also inform the relevant supervisory authority or authorities of the breach.
Employees and temporary workers are required to follow policies, procedures, and complete confidentiality training to understand the requirement of maintaining the confidentiality of customer information. If they fail to do so, they are subject to disciplinary action. All employees are required to complete privacy and security training. We also offer a wide variety of other training to all employees and temporary workers to help us achieve our goal of protecting your personal data.
Your data will not be retained for a period longer than necessary for the purpose it was collected for. We may also keep data for the relevant statutory period where there is a risk of a legal claim. Particularly, if you are a customer or part of the customer account, we will keep your data for as long as you remain a customer plus legal statutory period (6 years).
To exercise any of the following rights, please contact firstname.lastname@example.org. Under certain circumstances, by law you have the right to:
We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal data is not disclosed to any person who has no right to receive it.
We will not discriminate against you for exercising any of your rights under applicable law (such as GDPR, CCPA etc.). Unless permitted by the applicable laws, we will not:
Yes. We do use online tracking technologies, such as cookies or similar technologies to analyze trends, administer the website, track users’ movements around the website, and to gather demographic information about our user base. Depending upon your local jurisdiction you will be provided with a cookie notice when you visit the site. The cookie notice will provide you an option to update your preference.
Currently, various browsers offer a “do not track” or “DNT” option and global privacy control which sends a signal to websites visited by the user about the user’s browser DNT preference setting. We will do our best to respect such signals we receive, and as required where placing tracking technologies on your device, notify you what and why.