Other Covered Entities

ICS Inventory, LLC

Participation

EU-U.S. Privacy Shield Framework: Active

Original Certification Date: 6/11/2018
Next Certification Due Date: 6/11/2019
Data Collected: HR, NON-HR

Purpose of Data Collection

Our organization collects employee data during the hiring process. Customer/client data is collected during initial contact to IDI, LLC and includes email and/or telephone for purposes of responding to inquiries. For those customers who complete our training and licensing requirement, personal data is collected to open their account so they may access our products and services.

Privacy Policy

HR and Non-HR Data

Document: Privacy Policy
Description:

Privacy Policy IDI, LLC (“We,” “Our,” or “Us”) respects the privacy and security of your personal information. The following describes how we collect, use and disclose information and what rights you have to it. This Privacy Policy describes our practices in connection with information that we collect from you through our software applications, services, websites and mobile applications from our public facing side of our services and products and from our private access products and services that require registration before use (“Services”) and from sources other than our Services including, but not limited to, the telephone, mail and trade shows. This Privacy Policy also applies to any information that you may provide to us via an IDI Qualified Administrator’s (“IDIQA”) credential, website and/or other access method that enables you to use our Services. By providing information to us and/or using our Services, you acknowledge and agree to the terms and conditions of this Privacy Policy. If you do not agree to these terms and conditions, please do not use our Services. Information Collection We gather various types of information from you. We collect your personal information including, but not limited to, your name, postal addresses (including billing and shipping addresses), telephone numbers, and email addresses, and Sensitive Information (as defined below) and anonymous information about you which is any information that does not reveal your specific identity or does not directly relate to an identifiable individual, including, but not limited to, browser and device information, application and/or Services usage data; information collected through cookies, pixel tags and other similar technologies; demographic information, other information provided by you that does not reveal your specific identity; internet protocol (IP) addresses; and information that has been aggregated in a manner that it no longer reveals your specific identity. In general, you can access and/or use many features of our Services without telling us who you are or revealing any personal information about yourself. You also may choose not to provide us with any personal information. In such event, you can still access and use many features of our Services; however, you will not be able to access and use those portions of our Services that require your personal information. Some of our Services may ask you to submit your personal information in order for you to benefit from the specified features. We collect personal information from you only when you voluntarily submit it to us, such as when you: • Attend any of our training; • Take any of our assessments; • Complete a service request or registration, survey, application or other form; • Purchase a product or service from us or from one of our vendors, suppliers or other agents; • Sign-up to receive email newsletters or other correspondence; • Submit materials through our Services; • Participate in a promotion, or marketing activity; • Request materials from us; and/or • Request e-mail, mail or telephone support or services. You will be informed on what information is required and what information is optional at the time of your submission including, but not limited to, your registration and/or contact us submissions to us. We may combine the information you submit with other information we have collected from you, whether online or offline. We may also combine your personal information with information that we receive about you from other sources, such as IDIQAs, suppliers, vendors, publicly available sources and other third parties. As you use our Services, we may passively collect (that is, gathered without you actively providing the information) non-personal identifiable information and/or use the following technologies which collect such information on our behalf: Browser and/or Device Information. Certain information is collected from most browsers, such as your IP address, your media access control (MAC) address, computer type (Windows or Macintosh), screen resolution, operating system version, internet browser type and version. We also may collect information about any mobile device used to access our Services, such as a unique device identifier and type if you access our Services through a mobile device. Your IP address is a number that is automatically assigned to your computer or device by your Internet Service Provider. An IP address is identified and logged automatically in our server log files whenever a user accesses our Services, along with the time and date of the visit and/or use and the page(s) and/or features that are visited and/or used. Collecting IP addresses is standard practice on the Internet and is done automatically by many websites and/or services. Services Usage Data. When you access our Services, we and our service providers may track and collect application and/or Services usage data, such as date and time that your devices access our servers and what information and files have been downloaded and/or uploaded to our Services on your device number. The Services use cookies (including, Flash cookies). A cookie is a small, removable data file that is stored by your web browser or application on your computer and/or device. Cookies allow us to collect various information including, but not limited to, browser type, time spent on our Services, features and pages visited, and language preferences. We and our service providers use this information for security purposes, to facilitate navigation, display information more effectively, serve you with more tailored information, facilitate your ongoing access to and use of our Services and to personalize your experience while using our Services. We also use cookies to recognize your computer and/or device, which makes your use of our Services easier, such as to help you log into our Services. You can choose to have your computer and/or device warn you each time a cookie is being sent to your computer and/or device or you can choose to turn off all cookies. You do this through your computer and/or device settings. If you turn cookies off, you will not have access to many features that make your use of our Services more efficient and enjoyable, and in some cases, some of our Services will not function or will function with limited capability. To learn more about cookies, please visit http://www.allaboutcookies.org. Pixel Tags, web beacons, clear GIFs and other similar technologies. We and our service providers use pixel tags, web beacons, clear GIFs and other similar technologies in connection with some of our Services (including email messages) to, among other things, analyze our users’ behavior and information about them, track the actions of the users of our Services and/or recipients of our emails, measure the success of our marketing campaigns and compile statistics about our Services usage and response rates. Analytics. We use Google Analytics, which uses cookies and similar technologies to collect and analyze information about the use of our Services and report on activities and trends. This service may also collect information regarding the use of other services, websites, applications and online services. You can learn about Google’s practices by going to www.google.com/policies/privacy/partners/, and opt out of them by downloading the Google Analytics opt-out browser add-on, available at https://tools.google.com/dlpage/gaoptout. Using Information We may use your personal information that we collect from you to: • Provide our Services to you; • Customize and/or personalize your communications, surfing, viewing, and/or experience with our Services; • Better respond to your inquiries and fulfill your requests, such as to send documents or email alerts; • Communicate with you about your account information, or customer service needs and other important information regarding our relationship with you or regarding our Services, changes to our Terms and Conditions, Privacy Policies, and other policies and/or administrative information; • Communicate with you about our products, services and events, and for other promotional purposes; • Improve our business, protect our operations, and/or allow us to pursue available remedies or limit damages that we may sustain; • Calculate usage levels, help diagnose server problems, and administer our Services; • Provide technical support to you and for other business purposes, such as data analysis, audits, developing new products, enhancing our Services, improving our products and/or Services, identifying Service trends, and determining the effectiveness of any promotional campaigns; and/or • Perform any other lawful acts except for those acts expressly prohibited by the terms and conditions set forth herein. We may use anonymous information that we collect from you for any legal purpose whatsoever, except where we are required to do otherwise under applicable law (for example, if we are required to treat such information as your personal information). If we combine your information that is not in a personally identifiable form with information that is (such as combining your name with your geographical location), we will treat the combined information as your personal information as long as it is combined. Sharing Information and Disclosure We disclose your personal information collected from you though our Services to third parties in the following manner and for the following reasons: • If you have consented to such disclosures; • If there are special circumstances, including, but not limited to, any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with a bankruptcy, liquidation or similar proceeding) and the due diligence related to such circumstances; • If the third party is a IDIQA, which entities and/or individuals, in some cases, provide you with access to our Services or are our agents that may use your personal information for training, assessment, educational, research and other similar purposes, in each case, the IDIQA and/or agent has executed an agreement with us that requires them to maintain the confidentiality of your personal information. • If the third party is our service provider who provides services to us in connection with our Services including, but not limited to, website and/or mobile application hosting, data analysis, payment processing, order fulfillment, infrastructure provision, IT services, customer services, email and direct mail delivery services, credit card processing, auditing services and other services; and/or • If the party is our affiliate, in which case we are the party responsible (or data controller) for the management of the jointly-used personal information. We also may disclose personal information about you upon request by the government (including, but not limited to, the investigatory and enforcement powers of the Federal Trade Commission, Department of Transportation and other statutory bodies); as permitted by applicable law (including laws outside your country of residence); in response to a court order or other legal process; when required by law or when we believe in good faith is required by law; to respond to requests from public and government authorities; to enforce our Privacy Policy, Terms and Conditions or other agreements and polices applicable to our Services; to protect our operations, rights, privacy, safety and/or property; upon your request; or to contact, identify or bring legal action against someone who may be causing injury to or interference with our or others’ rights or property including, but not limited to, claims for infringement of intellectual property, invasions of privacy or situations involving threats or alleged threats to the physical safety of a person’s property. We may also share information with companies assisting in fraud protection or investigation. We also may provide aggregated, non-personally identifiable information to third parties for any legal purposes whatsoever. EU-U.S. Privacy Shield We comply with the EU-US Privacy Shield as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union to the United States. We have certified to the Department of Commerce that we adhere to the Privacy Shield Principles. If there is any conflict between the terms in this Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield Principles, and to view our certification, please visit https://www.privacyshield.gov/. As it relates to the EU-US Privacy Shield and personal data received and/or transferred pursuant to the Privacy Shield, we are under the jurisdiction of the US Federal Trade Commission and are subject to its regulatory and enforcement powers. As required in certain situations, we may disclose personal data in response to lawful requests by public authorities, including for the purpose of meeting national security or law enforcement requirements. In compliance with the Privacy Shield Principles, we commit to resolve complaints about our collection or use of your personal information. EU individuals with inquiries or complaints regarding our Privacy Shield policy should first contact us at the address set forth below: Under certain conditions, as more fully described on the Privacy Shield website at https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint, you may invoke binding arbitration when other dispute resolution procedures have been exhausted. We are responsible for the processing of personal data we receive under the Privacy Shield that we subsequently transfer to a third party acting as an agent on our behalf. We comply with the Privacy Shield for all onward transfers of personal data from the EU. Protecting Your Information We use commercially reasonable efforts to safeguard and secure your personal information while stored on our computer systems and/or transmitted to or from our computer systems. Regardless of these efforts by us, no data transmission over the internet or data storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction, stored data and/or transmissions to and with us are no longer secure (for example, if you feel that the security of any account that you have with us has been comprised), please immediately notify us of the problem by contacting us immediately at support@idiinventory.com or via our contact us form located at https://idiinventory.com/contact-us/. Some features of our Services may require you to set up a user ID and password. We recommend that you do not divulge your password to anyone. We will never ask you for your password in an unsolicited telephone call or email. If you suspect you have received a fraudulent communication from us or any of our affiliates, please contact us immediately at support@idiinventory.com or via our contact us form located at https://idiinventory.com/contact-us/. Do not provide your personal or financial information in response to an email request or after clicking on a link from an email. We do not ask for this type of information through an email or any communication. To help protect your computer and personal information, make sure you have current anti-virus and firewall software installed on your computer and update such software on a regular basis. Also, please review your credit card statements carefully and verify that all transactions are authorized and report any discrepancies immediately to your credit card company. Children's Online Privacy We do not knowingly collect personal information from children under the age of 13. The Services are not intended to solicit information of any kind from children under the age of 13, and we have made commercially reasonable efforts to design the Services to prevent our knowing acceptance of any such information. It is possible that by fraud, deception or error, we may receive information pertaining to children under the age of 13. If we are notified of this, as soon as we verify the information, we will immediately obtain parental consent or otherwise delete the information from our servers. If you want to notify us of our receipt of personal information belonging to a child under the age of 13, please do so at support@idiinventory.com or via our contact us form located at https://idiinventory.com/contact-us/. Cross-Border Transfer The Services are controlled and operated by us from the United states and are not intended to subject us to the laws or jurisdiction of any state, country or territory other than that of the United States. Your personal information may be stored and processed in any country where we have facilities or service providers, and by using the Services or by providing consent to us (where required by law), you agree to the transfer of information to countries outside of your country of residence, including the United States, which may provide for different data protection rules than in your country. Additionally, when using or disclosing personal information transferred from the European Union, we use standard contractual clauses approved by the European Commission, adopt other means under European Union law for ensuring adequate safeguards or obtain your consent. In certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities in those other countries may be entitled to access your personal information. Sensitive Information. Unless we specifically request or invite it, we ask that you not send us, and you not disclose, any Sensitive Information (e.g., information related to racial or ethnic origin, political opinions, religion or other beliefs, health, and/or criminal background) on or through our Services or otherwise to us. In those cases where we may request or invite you to provide Sensitive Information, we will do so with your express consent. Any uses or disclosures of your Sensitive Information will be made subject to your express authorization, or as permitted or required by applicable law. Public Rooms and Forums Our Services may now or in the future include web logs (i.e., blogs), chat rooms, forums, message boards, news groups or other public communications. Any information that is disclosed in these areas becomes public information. You should exercise caution before disclosing your personal information via these public venues, which you do at your own risk. If you do so, you may receive, among other things, unsolicited emails or “spam” from others. We cannot safeguard the privacy of personal information that is disclosed online in this manner. Other Websites While accessing our Services, you may be directed to other websites and services that are beyond our control including, but not limited to, our payment processor. These other websites and services may also use and collect data, solicit personal information and deploy tracking technology including, but not limited to, cookies and pixel tags. Even though we may have a contract with these entities, we have no control over them or how they collect, distribute or otherwise use your personal information or how they safeguard and secure your personal information. We are not responsible or liable for the conduct, policies or actions of the owners of such websites and/or services including, but not limited to, the content displayed on those websites and/or services. Those websites and/or services are linked to our Services only for your convenience and you access them at your own risk. Unsubscribing, Removing or Modifying Your Information We do not share your personal information with third parties for those parties’ direct marketing use unless you authorize us to do so. If we ever obtain your authorization, and if you subsequently decide that we not share your personal information on a going-forward basis with our affiliates and/or third-party partners for marketing purposes, you may opt out of this sharing by contacting us via our contact us form located at https://idiinventory.com/contact-us/. In your response to us, please state that we should no longer share your personal information with our affiliates and/or third-party partners for marketing purposes, and include your name and e-mail address. If you are an IDIQA, to modify or delete any or all of the personal information you have provided to us, please login and update your profile. If we in the future maintain user accounts that contain user related information, then we will provide similar access to users. We retain your personal information for the period necessary to fulfill the purposes set forth herein, unless a longer retention period is required or allowed by law, our document retention policies or to otherwise fulfill a legal obligation, or if it is advisable in light or our legal position (such as in regard to applicable statute of limitations, litigation or regulatory investigation). Therefore, you should not expect that all of your personal information will be completely removed from our databases in response to your requests. The same may be true with respect to modifications to your personal information requested or made by you. We will seek to comply with your request(s) as soon as reasonably practicable. Please note that if you opt-out as described herein, we will not be able to remove your personal information from the databases of our affiliates and third parties with which we have already shared your personal information (i.e., as of the date that we implement your opt-out request). We reserve the right to send you certain communications related to our Services that are considered part of your account, such as technical, transactional and/or administrative alerts and/or messages, without offering you the opportunity to opt out of receiving them. Excluding our emails that we send to our IDIQAs and emails for the foregoing purposes, if we at any time in the future use email to communicate with you, we will provide you with an opt-out option within our email communications, or you can choose to contact us using our contact us form located at https://idiinventory.com/contact-us/ to let us know that you want to be removed from future email communications.

Effective Date: 4/5/2018

Verification Method

Self-Assessment

Dispute Resolution

Questions or Complaints?

If you have a question or complaint regarding the covered data, please contact IDI, LLC at:

Neil Hammer
Vice President
IDI, LLC
IDI, LLC
2915 Olney - Sandy Spring Road
Olney, Maryland 20832
Fax: 443-926-0146

Privacy Shield organizations must respond within 45 days of receiving a complaint.

If you have not received a timely or satisfactory response from IDI, LLC to your question or complaint, please contact the independent recourse mechanism listed below


NON-HR RECOURSE MECHANISM



Appropriate statutory body with jurisdiction to investigate any claims against IDI, LLC regarding possible unfair or deceptive practices and violations of laws or regulations covering privacy Federal Trade Commission