CGH EU Swiss Privacy Shield

CGH TECHNOLOGIES, INC.

&

CGH TECHNOLOGIES International, LLC

Privacy Shield Statement

Updated: 20 June 2018

1.0       Summary

This policy covers customer information gathered by CGH Technologies, Inc., and CGH Technologies International, LLC (collectively called CGH herein). We are committed to protecting the privacy of all those who provide us with personal information while using our products, websites, events, and services. In general, we only collect personal information about you when you provide it. We collect personal information to provide products and services that customers request, including answering requests submitted by our customers, delivery of email newsletters, downloadable content including fillable forms, for assistance in managing and hosting events, and related customer service on-line or via our product and services Help Desk.

In summary, CGH complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States.  CGH has certified to the Department of Commerce that it adheres to the Privacy Shield Principles.  If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.  To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/

We may use personal information to contact you ourselves, or on behalf of carefully chosen partners, to offer you additional products or services (including announcements about new products, subscription products, featured upgrades or updates in our web-based applications that you may have a need to use or have used in the past, co-sponsored products with your government regulatory offices, events, special event mailings, and more) that we believe would interest you. We may also share your information with other business units within CGH and to our Government clients for these same purposes. We allow you to opt-out of communications from us and from sharing with third parties. If you opt-out, we will not contact you or share your information unless you opt back in.

If we maintain information about you as a result of a subscription, registration, survey, on-line examination or other online or offline activity covered by this privacy policy, we will provide you with access to that information whenever feasible to do so. We will also correct, amend, or delete any information that we find to be inaccurate.

We anticipate that this policy will change from time to time, and we expressly reserve the right to change the policy when we find it to be appropriate.

This section is a summary of the main features of our privacy policy. The complete statement of our privacy policy is below and is longer and authoritative. We encourage interested users to read the complete policy statement available directly below.

2.0       Introduction

2.1       What this Privacy Policy Covers

This policy covers customer information gathered by CGH in the course of assisting our Government / State clients under official contract. This policy describes our privacy practices for both online and offline activities including but not limited to our paper-based and web-based Government products, websites, in-person and online events, email newsletters, and all other products and services of CGH. By using any of our websites, you consent to our use and disclosure of your personal information as described in our privacy policy.

The websites covered by this policy, include but are not limited to:

  • Any CGH website associated with its ASSET product, including www.asset-international.com and iaa.asset-international.com.
  • Any CGH website that links to this policy.

2.2       General Approach to Privacy

We are committed to protecting the privacy of all those who provide us with personal information while using our products, websites, events, and services.

At CGH our privacy policy is based on Fair Information Practices (FIPs), a set of internationally recognized principles that address the privacy of information about individuals. The principles of FIPs are at the core of many laws and policies addressing privacy and data protection matters. This policy reflects our implementation of FIPs.

This policy is long because addressing privacy in an international business environment is complicated and because CGH has relationships with different categories of individuals, including users of our services, customers who contract out of products and services, registrants, website visitors, and others. We offer many different products and services on the Internet and otherwise to meet the needs and interests of our customers.

2.3       Privacy Shield Statement

For personal information about our customers subject to EU and Swiss data protection laws that we receive from Member States of the European Union, we have committed to handling such personal information in accordance with the Privacy Shield Principles. CGH’s Privacy Shield certification will be found on our website at http://www.cghtech.com/PrivacyShield/. Additional information about the Privacy Shield program is available at the U.S. Department of Commerce’s website at https://www.privacyshield.gov/

We may process customer information at our facilities in the United States. All customer information subject to this privacy policy is collected in the United States, obtained through websites in the United States, or obtained in other countries and transferred to the United States. Regardless of where it originated, all customer data subject to this policy receives the same level of privacy protection as described in this policy statement.

2.4       Children

Our websites are not intended for use by children under the age of 13. We do not knowingly solicit data online from, or market online to, children under the age of 13. If we learn that we have obtained personally identifiable information online in error about a child under the age of 13, we will delete that information as soon as we can. We encourage parents to supervise their children so that they do not disclose any personal information about themselves in any of our public discussion areas.

3.0       Openness and Changes to this Policy

3.1       General

This privacy policy describes the processing of most personal information by CGH. This policy covers personal information about subscribers, customers, registrants, website visitors, and others.

CGH initiated its privacy policy when the company was formed in 1989 and revised our privacy policy in 2007 as part of the U.S. Government’s Personally Identifiable Information (PII) rules and regulations. We are once again updating our policy to reflect our certification for the Privacy Shield program. This policy supersedes other privacy policies used by CGH. While this policy is considerably longer than the policies that it replaces, we did not make any major changes in the way that we process personal information. We still respect the privacy of those whose personal information we process. We still offer opt-outs to our customers and other data subjects, and we still honor requests by those who do not want to hear from us. The new policy includes considerably more detail about how we use and disclose personal information, about the purposes of processing, and about our relationships with other companies we partner with or use to help us carry out our personal information processing.

3.2       Privacy Policy Changes and Updates

Privacy policies are not static because our activities, products, and use of the Internet are not static. We anticipate that this policy will change from time to time, and we expressly reserve the right to change the policy when we find it to be appropriate. Your continued use of any of our websites constitutes your acceptance of our privacy policy, including any changes. We do not expect to change our respect for the wishes and the privacy of our customers. However, new laws, other events, new products and services, and changes to our business structure could require change in our policy. We expect that any policy changes will be consistent with Safe Harbor standards and other legal requirements.

When we make changes, we will post them promptly on our primary corporate website at www.cghtech.com. If possible, we will provide advance notice through our other websites of the changes, but we do not guarantee that we will always be able to do so. We expect that any changes we make will apply retroactively to personal data collected and maintained prior to the effective date of the change. When we make a change, we will update the date and version number of the privacy policy. We will summarize changes in the Policy History section at the end of the policy. We maintain an archive of superseded policies that we will make available upon request.

4.0       Information Collection

4.1       How we collect data

We collect personal information about customers by lawful and fair means, and in most cases, directly from customers themselves. In general, that means that we only collect personal information about you when you provide it. This list illustrates activities that result in information collection. The details will change and evolve over time. We may collect personal information about you if you:

Subscribe to or receive items including, but not limited to the following:

  • a submission form (whether paid or free) either directly through us or through another company or through a government agency such as a Civil Aviation Authority.
  • an email newsletter (whether paid or free).

Register for:

  • a website, webcast, examination, program, or other event that we produce or sponsor (with or without partners).
  • memberships or online products (such as training material, whitepapers, etc.).
  • your member profile, which you create.

Use our websites or other means to purchase or place an order for (paid or otherwise) a product or service, such as:

  • A subscription service for topics which interest you.
  • A podcast or similar digital content.
  • Elearning classes and materials.

Visit or participate in:

  • open forums or other public discussions that we host or sponsor.
  • our websites.
  • surveys, user panels, focus groups.
  • any of our site services, including but not limited to services like “Site Feedback”, “Comments and Suggestions”, “Report Bugs” and any others.

Contact us by email, fax, phone, or “snail mail” (or if you provide personal information in response to an email, fax, phone, “snail mail”, or other communications from us).

We also obtain some information about customers from third parties. We sometimes use the U.S. Postal Service’s National Change of Address service to keep mailing addresses current. We also sometimes rent or otherwise acquire lists of prospective customers or information about our existing customers.

4.2       Personally Identifiable Information

We may collect:

  • Your contact information including your name, physical address, mailing address, email address, and phone and fax numbers.
  • Your demographic and survey information: Job function, title, topics of interest, purchasing plans, responses to surveys solicited online and offline, and information solicited through online registration forms.
  • Your history as our customer, including your order and payment history, email and websites usage, promotional history and response.
  • All content posted in public areas (including but not limited to online forums, comments on blog posts or articles, and other community areas) is publicly available and viewable. In order to maintain standards for online conduct in public areas we sponsor, we will remove an inappropriate posting when we find it.

4.3       Anonymous Information We Collect

We may sometimes use cookies and other Internet technologies to enrich your online experience by managing our websites and email programs.

4.3.1    Cookies. If your browser is set to allow cookies, we may store small amounts of information on your computer about what parts of our websites you have visited and what features you like best. We may then tailor the content you see to match your interests. We also may use cookies to identify members so that they don’t have to re-enter their usernames and passwords. Cookies may also be used to limit the number of advertisements you see while on our site. By allowing us to understand how you use our site over time, cookies can help us provide you with a better, more relevant online experience. The cookies we store on your computer are not accessible on any other companies’ websites.

We do not place third-party advertising on any of our sites and thus, no cookies are placed on your computer from any third-party advertisers.

Most browsers allow you to modify your security to accept or reject cookies. You need not accept cookies to visit our site, but without them, your access to some areas may be limited and custom navigation may not be available to you.

4.3.2    Pixel Tags. Like many websites, we may use pixel tags, also known as web beacons, clear gifs, or web bugs. Pixel tags help us improve our understanding of our web traffic and visitor behavior, as well as gauge the response to our efforts. This information is non-personally identifiable and is used for an aggregate picture of how visitors use our site. If you wish, you may disable pixel tags by setting your browser to omit images and disable Javascript.

4.3.3    Online Ad Serving. We use NO third party advertising service companies to serve advertisements when you visit our sites or open our emails.

5.0       Uses, Disclosures, Purposes, and Choices

5.1       Our Uses of Customer and Prospective Customer Information

We collect personal information to provide products and services that customers request, including information on “fillable” forms, delivery of email newsletters, downloadable content, managing and hosting events, and related customer service.

We may use personal information to contact customers or prospective customers ourselves, or on behalf of carefully chosen partners, to offer additional products or services (including announcements about new products, featured content, co-sponsored products, events, special promotions, and more) that we believe would be of interest. You may opt out of being contacted here. If you opt-out, we will not contact you for any of these activities.

We also use personal information to manage our business, websites, mailing lists, events, discussion forums, surveys, examinations, and other operations; to conduct financial audits of our activities; to process payments; and for other purposes appropriate for the conduct of our business.

We use aggregate data for research and research products (e.g. reports and whitepapers).

5.2       Third Party Disclosure of Customer Information

5.2.1    Agents and Contractors. We share personal information about customers with other companies we hire to provide us with specialized services including customer service, credit card processing, banking services, email delivery, research, statistical analysis, list cleansing, postal mailings, email and fax deployment, consulting and other information services. We may also hire outside auditors, lawyers, consultants, event hosts and others to assist us. These companies can only use and disclose personal information we disclose to them in accordance with our instructions and consistently with this privacy policy.

5.2.2    Partners, Sponsors, and Others. We sometimes share personal information with other companies, partners, sponsors, government and other third parties. We only deal with third party companies whom we believe share our commitment to privacy and who will keep your information secure. You can opt-out of these disclosures.

We share aggregated information about our products, services, websites, and various emails with sponsors to help them manage their business with us.

Many of our products and offerings, including events, are with other companies who are partners or sponsors. When you register for these activities, the names of any partners and sponsors will be clearly visible. We will maintain the personal information you provide when you register for these sponsored programs and we will share it with our partners and sponsors. They may use the information in accordance with their own privacy policies. If you have concerns about how they may use the information you provide, please refer to each partner or sponsor’s privacy policy. Unlike other disclosures of information, you cannot opt-out of contacts from partners and sponsors through us. You must contact the partners or sponsors directly.

5.2.3    Other Uses and Disclosures. In addition, we reserve the right to use or disclose personal information to protect the security or integrity of our websites or online services; to take precautions against liability; to respond to judicial process; and to the extent permitted by law, to provide information to law enforcement agencies or for an investigation on a matter related to public safety; and to comply with applicable laws, government requests and court orders.

In the event of corporate business activities such as mergers, acquisitions, divestitures, or bankruptcy, personal information may be used or disclosed in connection with those activities. We will also make any disclosures required by law. If we discover a security breach, we may disclose personal information about customers to those companies (such as credit card companies or credit bureaus) or government agencies who we believe can take action to prevent, minimize, or remedy any harm from the breach.

If we receive a subpoena or other legal demand for your personal information, we may endeavor to notify you of the subpoena or demand by contacting you at the current email address that we have for you. However, we cannot promise that we will always be able to send you a notice. We will attempt to contact you if the email we send fails to get to you; we will endeavor to send you the notice before we turn over your information.

In general, we process personal information so that it is not used or disclosed in ways that are incompatible with these purposes. We take reasonable steps to ensure that all personal data we process is reliable for its intended use and is accurate, complete, and current for that purpose.

5.3       Choices

We offer users the opportunity to opt-out of

  • being contacted by us. You can choose not to be contacted by telephone, fax, or email.
  • disclosures that we might make to third parties, such as through customer lists.

All promotional and research email messages you receive from us will include an option to opt out of future email communications from the particular business that contacted you. We may also send you e-newsletters with targeted, relevant content. Each e-newsletter will provide you with an opportunity to opt out of that particular e-newsletter. In some cases, we may send you relevant, carefully screened offers from reputable third party businesses or organizations. Many of our customers appreciate receiving these offers because they relate to their business or occupation. However, you will always be able to opt out receiving future third party offers.

Users cannot opt-out of some uses and disclosures. Opt-outs do not affect our use of personal information in internal management or the disclosure of personal information to third parties who are our agents. These third parties include companies that provide management or operational assistance, lawyers and auditors, and some others. When we disclose information to third parties who act as our agents, we require them to use and disclose information in accordance with our instructions and consistently with this privacy policy

6.0       Access and Correction

We encourage users to update their contact information for future emails and postal mailings. If we maintain information about you as a result of a registration, survey, or other online or offline activity covered by this privacy policy, we will provide you with access to that information whenever feasible to do so. We will also correct, amend, or delete any information that we find to be inaccurate. Anyone seeking to know if we have information about them or who want access to (or a copy of) their personal information can make a request in writing to:

Privacy Officer

CGH Technologies, Inc.

600 Maryland Avenue, SW

Suite 800W

Washington, DC 20024 USA

Or email us at

privacy@cghtech.com

A request should include sufficient identifying information, such as name, address telephone number, fax number, and email address. In some cases, we may ask for a copy of identification (such as a driver’s license or other government-issued identification). We will not normally charge customers who want to inspect or have a copy of the information that we maintain about them. We reserve the right to impose charges for repeated requests and to deny or ignore requests that we deem to be harassing. A request for correction should identify the contested information; should state whether the information is incorrect, inaccurate, or incomplete; and should state what information should appear in place of the contested information.

7.0       Security

We use reasonable, industry-standard precautions, including appropriate technical, administrative, and physical procedures, to protect personal information from loss, misuse, unauthorized access, disclosure, alteration, and destruction. Due to the design of the Internet and other factors outside our control, we cannot guarantee that communications between you and our servers will be free from unauthorized access by third parties. When we share personal information with third parties we hire to help us with our activities, we require that they provide reasonable security for the information. However, we are not responsible for any breach of security by third parties.

8.0       Accountability

CGH is responsible for writing this policy and for compliance with it. The person in the company who is primarily responsible for oversight and compliance is the Privacy Officer. Anyone who has a question, comment, or complaint about this privacy policy should contact the Privacy Officer:

Privacy Officer

CGH Technologies, Inc.

600 Maryland Avenue, SW

Suite 800W

Washington, DC 20024 USA

Or email us at

privacy@cghtech.com

A request should include sufficient contact information, such as name, address, telephone number, fax number, and email address. We promise to make a good faith attempt to resolve any complaint or problem that you bring to our attention.

If you are not satisfied with the response of the Privacy Officer, you can appeal to the Chief Operations Officer (COO) by sending a written letter to:

Chief Operations Officer

CGH Technologies, Inc.

600 Maryland Avenue, SW

Suite 800W

Washington, DC 20024 USA

Or email the COO at

gowen@cghtech.com

CGH has further committed to cooperate with the panel established by the EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved Privacy Shield complaints concerning human resources data transferred from the EU and Switzerland in the context of the employment relationship.

9.0       How to contact us

Address any questions about our privacy policy to:

Privacy Officer

CGH Technologies, Inc.

600 Maryland Avenue, SW

Suite 800W

Washington, DC 20024 USA

Or email us at

privacy@cghtech.com