1. What does this Policy cover?
Imprivata respects your privacy and is committed to protecting your Personal Data and complying with all applicable privacy laws in the conduct of its business, including EU's General Data Protection Regulation (GDPR). Privacy laws in the United States, European Union ("EU"), and other locations may govern the proper use, processing, disclosure and protection of Personal Data. This statement describes Imprivata's practices regarding the use and disclosure of Personal Data that may be collected.
- What information we collect and why we collect it.
- How we use that information.
- The choices we offer, including how to access and update information.
Additionally, Imprivata complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as outlined by U.S. Department of Commerce regarding the collection, use, and retention of applicable personal information that is transferred from European Union member countries and Switzerland to the United States. To learn more, please see our Privacy Shield Policy (https://www.imprivata.com/privacy-shield-policy).
2. What type of information does Imprivata collect?
Our primary goal in collecting information is to provide you with a friendly, customised, and efficient experience. We collect the following types of information:
- Personal Data. "Personal Data" is information that, directly or indirectly, identifies you or another individual and which may include: name, title, company name, job function, expertise, postal address, telephone number, email address, browser and device information (including IP Address and operating system), and information collected through cookies and other similar technologies. If you submit any Personal Data relating to other people to us or to our service providers in connection with the Sites, you represent that you have the authority to do so and to permit us to use the information in accordance with this Privacy Notice.
- Other Information. "Other Information" is any information that does not and cannot be used to reveal your identity or that of another individual, such as information which has been fully and permanently anonymised and aggregated. We use this information to facilitate our operation of the Sites and for other purposes described below.
Imprivata does not knowingly collect personal Information from children under the age of 13. If we learn that we have collected such information, we will take reasonable steps to delete that data from our systems.
3. How does Imprivata collect information?
We and our service providers collect Personal Data and Other Information in a variety of ways, including:
- Through the Sites: We collect information through the Sites, e.g., when you request a demo, register for a webinar, contact us, subscribe to our email newsletter, download content (e.g. whitepapers, analyst reports, etc.), or register to use our Sites.
- Offline: We collect information from you offline, such as when you attend one of our events or our booth at trade shows and exhibits, during phone calls with sales representatives, or when you contact an Imprivata representative.
- From Other Sources: In order to enhance our ability to provide relevant marketing, offers and services to you, we obtain information about you from other sources, such as public and third party databases, joint marketing partners, social media platforms, and from other third parties.
- Through Your Browser or Device: Certain information is collected by most browsers or automatically through your device, such as your Media Access Control (MAC) address, device type (computer, tablet, smartphone), screen resolution, operating system name and version, language, Internet browser type and version, and the name and version of the Sites you are using. Your "IP Address" is a number that is automatically assigned to the computer that you are using by your Internet Service Provider (ISP). An IP Address may be identified and logged automatically in our server log files whenever you access the Sites, along with the time of the visit and the page(s) that you visited. Collecting IP Addresses is standard practice and is done automatically by many websites, applications and other services. Imprivata uses IP Addresses to calculate usage levels of the Sites, help diagnose problems with its servers, administer the Sites, and for monitoring the regions from which you navigate to Imprivata's Sites.
- As a Customer: Imprivata collects information such as your location, use of Imprivata solutions, your preferred means of communication when you voluntarily provide it in subscription center or otherwise. Unless combined with Personal Data, this information does not personally identify you or any other user of the Sites. We and our service providers track and collect App usage data, such as the date and time the App on your device accesses our servers and what information and files have been downloaded to the App based on your device number.
- Through Cookies and Other Similar Technologies: "Cookies" include commonly used pieces of information in the form of small files that are placed on an individual's device to enable the individual to more easily communicate and interact with the Sites. When you visit our Sites, we may send one or more cookies to your device. They enable us to store information about your device that helps us, amongst other things, to provide you with a good experience when you browse our Sites and enhance the level of services and functions provided. We also use third parties to serve advertisements on other websites that may be of interest to you, based on information collected about your use of our Sites and other websites. To do so, these companies may place or recognise a unique cookie or similar on your browser. Imprivata recognises automated browser signals regarding tracking mechanisms, which may include 'do not track' instructions.
- By Aggregating Information: Aggregated Personal Data does not personally identify you or any other user of the Sites (for example, we may aggregate Personal Data to calculate the percentage of our users who have a particular telephone area code).
5. Will Imprivata share any of the information it receives? Information about our customers is an integral part of our business. We neither rent nor sell your personal information to anyone. We share your personal information only with entities that are controlled by or under common control of Imprivata, and as described below:
- Agents and Service providers: We contract with other companies and people to perform tasks on our behalf and may need to share your information with them to provide products or services to you. Examples may include removing repetitive information from customer lists, analysing data, providing marketing assistance, processing credit card payments, and providing customer service. We may also provide your personal information to agents who will use it to verify aggregate usage data that we provide to our partners. In all cases where we share your information with such agents, we explicitly require the agent to acknowledge and adhere to Imprivata's privacy and customer data handling policies.
- Imprivata custom portal and social media pages: Personal Data may also be disclosed by you through the Sites, on message boards, chat, profile pages and other services to which you are able to post information and materials (including, without limitation, the Imprivata Support and Learning Center and the Social Media Pages). This information can appear in public ways, such as through search engines or other publicly available platforms and can be "crawled" or searched by third parties. Please do not post any information that you do not want to reveal to the public at large.
- Promotional offers: We may send offers to certain customers on behalf of other businesses with whom we have a partnership. However, when we do so, we do not give the other business your name and address.
- Business Transfers: In some cases, we may choose to buy or sell assets or businesses. In these types of transactions, customer information is typically one of the business assets that are transferred. Moreover, if Imprivata, or substantially all of its assets, were acquired, customer information would be one of the assets that are transferred.
- Profiling and Automated Decision-making: Imprivata combines data obtained by the methods described in Section 2 to help us determine what products and services might be of interest to you when you might be ready to make a purchase based on repeated interaction with Imprivata and certain third party websites, emails, and content. Imprivata marketing and sales personnel are involved in this process and no automated decisions are made that would result in legal effects or similarly significantly affect an individual.
- Protection of Imprivata and others: We may release personal information when we believe in good faith that release is necessary to comply with that law; enforce or apply our conditions of use and other agreements; or protect the rights, property, or safety of Imprivata, our employees, our users, or others. This includes exchanging information with other companies and organisations for fraud protection and credit risk reduction.
- With your consent: Except as set forth above, you will be notified when your personal information may be shared with third parties.
- Protection of Imprivata and Others: We release Personal Data, as we believe necessary and appropriate to law enforcement, tax, fraud prevention, credit risk agencies and other companies and organisations for the reasons given in the last bullet point under Section 3 above.
We may use certain trusted third party companies to help us provide, analyse, and improve the website, which contains links to other web sites that are not owned by Imprivata. Please note that these other web sites' privacy policies may differ from those of Imprivata. We encourage you to read the privacy statement of any web site you may visit because we are not responsible for other sites' content or policies.
6. Is information about me secure? Imprivata considers information security to be a top priority, and is committed to protecting the security of your Personal Data. Imprivata implements systems, applications and procedures to secure personal information, to minimise the risks of theft, damage, loss of information, or unauthorised access or use of information, in particular where the processing involves the transmission of data over a network, and against all other unlawful forms of processing. When we transmit highly confidential data over the Internet, we protect it through the use of encryption.
All information collected and stored by Imprivata is maintained in secure data centres and/or otherwise subject to best practice access protection. Only employees who need customer information to perform a specific job (for example, a customer service representative) are granted access to it. All of our employees are kept up to date on our privacy and security practices.
Your Personal Data may be stored and processed in any country where we have facilities or in which we engage service providers. By using the Sites or disclosing information to us, you consent to the transfer of information to countries outside of your country of residence, including the United States, Australia, and the UK, which could have different data protection rules than those of your country or the country in which you were located when the information was collected.
7. How can I correct or remove information about me? If you feel that any personal information about you that has been collected and stored by Imprivata might be wrong, or you would like us to modify or remove you from our systems, please notify us at [email protected] so that we may correct or delete the information. You can opt-out of receiving marketing messages from Imprivata by unsubscribing through the unsubscribe or opt-out link in an email, or by unsubscribing via the Imprivata Subscription Center: https://security.imprivata.com/email-subscription-center.html.
9. Third party sites The Site may permit you to link to other websites on the Internet, and other websites may contain links to the Imprivata site. These other websites are not under Imprivata's control, and such links do not constitute an endorsement by Imprivata of those other websites or the services offered through them. The privacy and security practices of websites linked to or from the Imprivata site are not covered by this Privacy Statement, and Imprivata is not responsible for the privacy or security practices or the content of such websites.
11. Questions or Concerns If you have any questions or concerns regarding privacy, please email [email protected]. Your privacy is important to us and we will make every effort to resolve your concerns.