Last updated: August 8, 2024
ON1 GLOBAL, LLC – PRIVACY POLICY
Privacy is of utmost importance for ON1 GLOBAL, LLC (“Company”, “we”, “us”, or “our”). We recognize the significance of protecting information which is stored on our servers or network or is intended to be stored on our servers or network and which relates to an individual from use of our website(s) (the “Site”). The data we protect are the “Personal Data” which is any information relating to an identified or identifiable natural person, sometimes called a data subject, and have made protecting the privacy and the confidentiality of Personal Data a fundamental component of the way we do business. This Privacy Policy informs you of the ways we work to ensure privacy and the confidentiality of Personal Data and describes the information we gather, how we use those Personal Data and the circumstances under which we disclose such information to third-parties.
This privacy policy describes the Privacy Policy for this Site and describes how the Company collects, protects, uses and discloses information we receive from visitors to and users of our Site. The Company has created this Policy in order to demonstrate and inform you of our firm commitment to privacy. This Policy, together with the Terms of Use for this Site (which are hereby incorporated by this reference) sets forth the general rules and policies governing your use of the Site.
PLEASE READ THIS POLICY CAREFULLY BEFORE USING THE SITE. THIS POLICY APPLIES ONLY TO INFORMATION COLLECTED THROUGH THIS SITE AND NOT TO INFORMATION COLLECTED OFFLINE OR THROUGH ANY OTHER WEBSITES (EVEN IF AFFILIATED WITH THE COMPANY). BY ACCEPTING THIS POLICY AND USING THE SITE, YOU AGREE TO AND ARE BOUND BY THE TERMS, CONDITIONS, POLICIES AND NOTICES CONTAINED IN THIS AGREEMENT, INCLUDING WITHOUT LIMITATION, CONDUCTING THIS TRANSACTION ELECTRONICALLY AND A CHOICE OF ST. LUCIA LAW. COMPANY MAY MODIFY THIS POLICY AT ANY TIME, AT ITS DISCRETION, AND MODIFICATIONS ARE EFFECTIVE UPON BEING POSTED ON THIS SITE. YOU ARE RESPONSIBLE FOR REVIEWING THIS POLICY PERIODICALLY TO ENSURE THAT YOU ARE AWARE OF ANY CHANGES TO IT BECAUSE YOUR CONTINUED USE OF THIS SITE WILL MEAN THAT YOU ACCEPT SUCH CHANGES. IF YOU DO NOT AGREE WITH THIS POLICY, OR ANY SUBSEQUENT MODIFICATIONS TO THIS POLICY, YOU MUST NOT ACCESS OR USE THIS SITE OR DISCLOSE ANY PERSONAL INFORMATION THROUGH THIS SITE. This Privacy Policy is designed to address regulatory requirements of the jurisdictions in which the Company offers its Services, including the General Data Protection Regulation (“GDPR”), as enacted by the European Commission. In this Privacy Policy, the term “Service” and “Services” has the same meaning as described in the Terms of Use, but excludes API services, which are governed by a separate agreement. If you do not agree with this Privacy Policy, in general, or any part of it, you should not use the Services. This Privacy Policy is periodically reviewed to ensure that any new obligations and changes to our business model are taken into consideration. We may amend this Privacy Policy at any time by posting an amended version on our Site.
1. Information About the Site
Our Services are offered by the Company. By using the Services, you understand that your Personal Data may be processed by the Company, or one or more of its affiliates or subsidiaries (each, a “Data Controller”):
You may contact our Data Protection Officer (“DPO”) by email at info@on1global.com.
2. Collection of Personal Data
When you access or use the Services, we collect the following information:
Information you may provide to us: You may give us information about you by filling in forms on our Site or through our app or by corresponding with us by phone, email or otherwise. This includes information you provide when you register to use the Services and when you report a problem with the Site or with our app. Information we collect about you: The Personal Data we collect depends on the particular Services you have requested and/or activities being carried out and could include:
- Contact Details, such as your name, address, phone number, and email address;
- Payment Information, such as credit card number, expiration date, and billing address;
- Business Information, such as your role, company name, and website name;
- Agent and End User Information, including any email addresses and names or aliases of any agents or end users you authorize to log into and utilize the Service in connection with your account as a Company customer (“Agent” or “End User”, as the case may be);
- Log-In and Connection Information, such as the information you provide to set up your use the Service;
- Log File Data, including IP addresses, operating system, browser type, browser id, date/time of visit, and pages visited;
- Device Information, such as device type, operating system, and software version;
- Forum Information, such as content of posts and interactions with such posts within the Company forum;
- Transaction Information, including details of purchases or subscriptions with us or courses, followed;
- Analytics or Clickstream Data, including the electronic path you take to our Services, through our Services and when exiting our Services, as well as your usage and activity on our Services, such as the links and objects you view, click or otherwise interact with.
- Marketing Preferences, including the method of communication you prefer;
- Education Information, including university, instructor or education provider, and university single sign-on details (if you choose to give this to us);
- Cookie Data, meaning data collected via cookies on the Site;
- Personal Details, including other personal details about you that are related to the Service and use thereof or your relationship with the Company; and
- Inquiry and Feedback Information, such as the content of your email, chat, or call with us when you ask us a question or provide us with any feedback.
When you request or use our Services, we may ask for certain Personal Data from you in order to provide such Services. If you choose not to provide such information, then you might not be able to take advantage of some of the Services.
Information We Collect from Other Sources: We also receive information from other sources and combine that with the information we collect through our Services. For instance:
- We use third-party services that may be co-branded with the Company but will do so with clear notice. Any third-party services may collect information as determined by their own privacy policies.
- We also use “cookies” from time to time to help personalize your online experience with us. A cookie is a small text file that is stored on your computer to help us make your visit to our Site more “user-friendly.” Cookies provide us with information about your use of the Site that can help us improve the site and your experience with it. We will process Personal Data collected through cookies in accordance with this Privacy Policy. The use of cookies is standard on the Internet, and allows us to tailor your visits to our Site to your individual preferences. When you visit our Site, a web beacon allows us to capture certain additional types of information about your activities and use of the Site over time, such as which web pages you choose to visit. We also may contract with third party service providers who assign cookies and/or web beacons to conduct site tracking for us and collect information about your visits to the Site over time as well as your visits to other websites in order to provide marketing analytics about goods and services of interest to you, your preferences, how you share information about our products and services with others, and to improve our marketing efforts. We may combine such information about your visits to and use of the Site as well as your visits to other websites with Personal Data that we or our third-party providers collect about you, such as your user ID, name, email address and mailing address. If you have set your browser to alert you before accepting cookies, you should receive an alert message with each cookie. Although most web browsers automatically accept cookies, you can change your browser to prevent cookies or notify you whenever you are sent a cookie. However, if you disable or block cookies on your browser, the features on our Site may not work correctly.
- Advertising or analytics providers may provide us with anonymized information about you, including but not limited to, how you found our Site.
3. Use of Personal Data
We will use your Personal Data, to:
- Understand and strive to meet your needs and preferences in using our Services;
- Develop new and enhance existing service and product offerings;
- Manage and develop our business and operations;
- Carry out any actions for which we have received your consent;
- Prevent and investigate fraudulent or other criminal activity;
- To address service requests and resolve user questions;
- Meet legal and regulatory requirements; and
- Sending marketing communications.
We also reserve the right to use aggregated Personal Data to understand how our users use our Services, provided that those data cannot identify any individual. We also use third-party web analytics tools that help us understand how users engage with our Site. These third-parties may use first-party cookies to track user interactions to collect information about how users use our Site. This information is used to compile reports and to help us improve our Site. The reports disclose website trends without identifying individual visitors. You can opt-out of such third-party analytic tools without affecting how you visit our site. For more information on opting-out, please contact info@on1global.com. We will process your Personal Data legally and fairly and not use it outside the purposes of which we have informed you, including selling it individually or in the aggregate for commercial use. Where we have your consent to do so or where otherwise permitted by law, we may send you information about the Services, including features you may be interested in, for example, by postal mail, email or telephone. Some of these communications may include marketing materials. If you would like to opt out of getting marketing communications from the Company please contact us at info@on1alliance.com or follow the available opt-out or unsubscribe instructions included in each communication. Please note that we may still continue to send you transactional and other non-marketing communications, for example, messages about products or services you or your organization have requested, events you’ve registered for, announcements about service levels or security-related issues, etc., even after you’ve opted out.
4. Disclosure of Personal Data
We may share your information with selected recipients to perform functions required to provide certain Services to you and/or in connection with our efforts to prevent and investigate fraudulent or other criminal activity. All such third parties will be contractually bound to protect data in compliance with our Privacy Policy. The categories of recipients include:
- Companies within the Company corporate family in order to provide the Services to you.
- Cloud service providers to store certain personal data and for disaster recovery services, as well as for the performance of any contract we enter into with you.
- Fraud detection service providers who will run certain fraud detection checks against Personal Data provided.
- Spam and abuse detection providers making software available designed to prevent users from programmatically using the Services in unsupported ways.
We also may share Personal Data with a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution or other sale or transfer of some or all of the Company’s assets, whether as a going concern or as part of bankruptcy, liquidation or similar proceeding, in which Personal Data held by the Company is among the assets transferred. Except where we are required by law to disclose Personal Data, or are exempted from, released from or not subject to any legal requirement concerning the disclosure of Personal Data, we will require any person to whom we provide your Personal Data to agree to comply with our Privacy Policy in force at that time or requirements substantially similar to such policy. We will make reasonable commercial efforts to ensure that they comply with such policy or requirements, however, where not expressly prohibited by law, we will have no liability to you, if any person fails to do so. We shall require any third-party, including without limitation, any government or enforcement entity, seeking access to the data we hold to a court order, or equivalent proof that they are statutorily authorized to access your data and that their request is valid and within their statutory or regulatory power. Funding and transaction information related to your use of certain Services may be recorded on a public block chain. Public block chains are distributed ledgers, intended to immutably record transactions across wide networks of computer systems. Many block chains are open to forensic analysis which can lead to deanonymization and the unintentional revelation of private financial information, especially when block chain data is combined with other data. Because block chains are decentralized or third-party networks that are not controlled or operated by the Company or its affiliates, we are not able to erase, modify, or alter Personal Data from such networks.
5. Security of Your Personal Data
We protect Personal Data with appropriate physical, technological and organizational safeguards and security measures. Your Personal Data comes to us via the internet which chooses its own routes and means, whereby information is conveyed from location to location. We may audit our procedures and security measures regularly to ensure they are being properly administered and remain effective and appropriate. Every member of the Company is committed to our privacy policies and procedures to safeguard Personal Data. Our Site has security measures in place to protect against the loss, misuse and unauthorized alteration of the information under our control. More specifically, our server uses TLS (Transport Layer Security) security protection by encrypting your Personal Data to prevent individuals from accessing such Personal Data as it travels over the internet.
6. Retention of Your Personal Data
The length of time we retain Personal Data outside our back-up system varies depending on the purpose for which it was collected and used, as follows:
- Data you provide to us when subscribing for our Services: while user remains active.
- Country location data: while user remains active.
- Data on your preferences: while user remains active.
- IP address login: until subsequent login from a new IP.
When Personal Data is no longer necessary for the purpose for which it was collected, we will remove any details that identifies you or we will securely destroy the records, where permissible. However, we may need to maintain records for a significant period of time (after you cease using a particular Service) as mandated by regulation. For example, we may be subject to certain anti-money laundering laws that require us to retain the following, for a period of five (5) years after our business relationship with you has ended:
- A copy of the records we used in order to comply with our client due diligence obligations;
- Supporting evidence and records of transactions with you and your relationship with us.
Except where prohibited by law, this period may extend beyond the end of the particular relationship with us, but only for as long as we are bound to do so for the audit, regulatory or other accounting purposes. When Personal Data is no longer needed, we have procedures either to destroy, delete, erase or convert it to an anonymous form. If you have opted-out of receiving marketing communications, we will hold your details on our suppression list so that we know you do not want to receive these communications. After you have terminated the use of our Services, we reserve the right to maintain your Personal Data as part of our standard back-up procedures in an aggregated format.
7. Storage of Personal Data
The Company stores your Personal Data at secure locations. The Company ensures that appropriate security standards are in place regarding the safeguarding, confidentiality, and security of Personal Data. The information that we collect from you may be transferred to, and stored in, destinations outside of your country, including outside the European Economic Area (“EEA”) as described below:
We may transfer your Personal Data outside your home country to other company subsidiaries, service providers and business partners (i.e., Data Processors), in relation to the blockchain vault, who are engaged on our behalf. To the extent that we transfer your Personal Data outside of your home country, we will ensure that the transfer is lawful and that Data Processors in other countries are obliged to comply with the GDPR and the UK Data Protection Act 2018. If transfers of Personal Data are processed in the US, we may in some cases rely on applicable standard contractual clauses.
8. Your Rights
The rights that are available to you in relation to the Personal Data we hold about you are outlined below.
Information Access
If you ask us, we will confirm whether we are processing your Personal Data and, if so, what information we process and, if requested, provide you with a copy of that information within 30 days from the date of your request.
Rectification
It is important to us that your Personal Data is up-to-date. We will take all reasonable steps to make sure that your Personal Data remains accurate, complete and up-to-date. If the Personal Data we hold about you is inaccurate or incomplete, you are entitled to have it rectified. If we have disclosed your Personal Data to others, we will let them know about the rectification where possible. If you ask us, if possible and lawful to do so, we will also inform you with whom we have shared your Personal Data so that you can contact them directly. You may inform us at any time that your personal details have changed by emailing us at info@on1global.com and we will change your Personal Data in accordance with your instructions. To proceed with such requests, in some cases we may need supporting documents from you as proof that we are required to keep for regulatory or other legal purposes.
Erasure
You can ask us to delete or remove your Personal Data in certain circumstances such as if we no longer need it, provided that we have no legal or regulatory obligation to retain that data. Such requests will be subject to any agreements that you have entered into with us, and to any retention limits, we are required to comply with in accordance with applicable laws and regulations. If we have disclosed your Personal Data to others, we will let them know about the erasure request where possible. If you ask us, if possible and lawful to do so, we will also inform you with whom we have shared your Personal Data so that you can contact them directly.
Processing restrictions
You can ask us to block or suppress the processing of your Personal Data in certain circumstances, such as, if you contest the accuracy of that Personal Data or object to us processing it. It will not stop us from storing your Personal Data. We will inform you before we decide not to agree with any requested restriction. If we have disclosed your Personal Data to others, we will let them know about the restriction of processing where possible. If you ask us, if possible and lawful to do so, we will also inform you with whom we have shared your Personal Data so that you can contact them directly.
Data portability
In certain circumstances, you might have the right to obtain Personal Data you have provided us with (in a structured, commonly used and machine-readable format) and to re-use it elsewhere or ask us to transfer this to a third party of your choice.
Objection
You can ask us to stop processing your Personal Data, and we will do so if we are:
- Relying on our own or someone else’s legitimate interests to process your Personal Data, except if we can demonstrate compelling legal grounds for the processing;
- Processing your Personal Data for direct marketing; or
- Processing your Personal Data for research, unless we reasonably believe such processing is necessary or prudent for the performance of a task carried out in the public interest (such as by a regulatory or enforcement agency).
Automated decision-making and profiling
If we make a decision about you based solely on an automated process (e.g. through automatic profiling) that affects your ability to access our Services or has another significant effect on you, you can request not to be subject to such a decision unless we can demonstrate to you that such a decision is necessary for entering into, or the performance of, a contract between us. Even if a decision is necessary for entering into or performing a contract, you may contest the decision and require human intervention. We may not be able to offer our Services if we agree to such a request by terminating our relationship with you. You can exercise any of these rights by contacting us at info@on1global.com.
9. Acceptance
By using the Services, you signify your agreement to this Privacy Policy. The Company reserves the right to change or amend this Privacy Policy at any time. If we make any material changes to this Privacy Policy, the revised Policy will be posted here prior to the changes taking effect so that you are always aware of what information we collect, how we use it and under what circumstances we disclose it. Please check this page frequently to see any updates or changes to this Privacy Policy.
10. Questions and Complaints
Any questions about this Privacy Policy, the collection, use and disclosure of Personal Data by the Company or access to your Personal Data as required by law (to be disclosed should be directed to info@on1global.com. In the event that you wish to make a complaint about how we process your Personal Data, please contact us in the first instance at info@on1alliance.com, and we will attempt to handle your request as soon as possible. This is without prejudice to your right to launch a claim with the data protection supervisory authority in the country in which you live or work where you think we have violated data protection laws.
U.S. California Residents
This section supplements the information in our main Privacy Policy and is intended to provide additional privacy disclosures as required under the California Consumer Privacy Act (“CCPA”) concerning the collection and disclosure of Personal Information (as defined in the CCPA of California residents in the preceding 12 months.
Categories of Information
In the preceding 12 months we have collected the following information:
- Identifiers, such as name, contact information, online identifiers, email address, account name and other government-issued identifiers;
- Commercial information, such as transaction information and transaction history;
- Internet or network activity information, such as browsing history and interactions with our Site;
- Geolocation data, such as device location and IP location;
- Biometric data;
- Professional or employment related information.
We may use this personal information for the following business purposes: (i) to operate, manage, and maintain our business, (ii) to provide our products and services, and (iii) to accomplish our business purposes and objectives, including, for example, using personal information to develop, improve, repair, and maintain our products and services and to fulfill your requests; personalize, advertise, and market our products and services; conduct research, analytics, and data analysis; maintain our property; undertake quality and safety assurance measures; conduct risk and security control and monitoring; detect and prevent fraud; perform identity verification; perform accounting, audit, and other internal functions, such as internal investigations; to carry out corporate transactions, such as mergers, joint ventures or acquisitions; comply with law, legal process, and internal policies; maintain records; and exercise and defend legal claims.
Your Rights
Pursuant to the CCPA, upon request and upon our verification of your identity, California residents may:
- Request access to the specific and Personal Information that we have collected about you over the past twelve months, the categories of sources of that information, our business or commercial purposes for collecting the information, and the categories of third parties with whom the information was shared;
- Obtain a copy of your Personal Information in a format that would permit you to transfer that Information to another Repository;
- Submit a request for deletion of Personal Information, subject to certain exceptions, including (without limitation) in the event that we may need to retain Personal Information to complete the transaction for which the Personal Information was collected, detect security incidents, protect against illegal activity, exercise certain rights of free speech, comply with legal obligation or for internal uses permitted by law. If your request is subject to any exception, we may deny your request to delete your data. Please note that you must verify your identity and request before further action is taken by us. To do so, we will notify you of what we require via email.
- To be free from unlawful discrimination for exercising your rights under the CCPA.
Do Not Sell My Personal Information
The Company does not sell Personal Information in the normal course of our business, but the CCPA defines sale more broadly than the traditional sense of an exchange of data for money and may encompass transactions in which we may share your Personal Information. Accordingly you may, subject to exceptions in CCPA, request that the Company not “sell” your Personal Information to the extent that we may do so. Please be aware that certain sharing of your Personal Information, such as disclosures of that Information to “Service Providers” as that term is defined and in accordance with CCPA, or for certain business operations of the Company, are not considered “sale” of Personal Information. CCPA comprises provisions that explicitly prohibit us from making any adverse decisions about you or your account based upon your exercise of this right (“non-discrimination”). The CCPA permits you to request certain information regarding our disclosure of Personal Information to third parties for their direct marketing purposes. To exercise any of the above rights, you may contact us at info@on1alliance.com. Consistent with California law, you may designate an authorized agent to make a request on your behalf. In order to designate an authorized agent, please contact us via email at info@on1alliance.com. Please note that any proposed appointment is subject to verification checks and we may deny requests from agents who are unable to prove their identity or provide proof of authority to act on your behalf. While many browsers permit you to send a signal about your Do Not Track (“DNT”) preferences, we do not respond to DNT signals sent from browsers.
Children’s Online Privacy Protection Act
The Company complies with the Children’s Online Privacy Protection Act (“COPPA”), which requires the consent of a parent or guardian for the collection of personally identifiable information from children under 13 years of age. The Company does not knowingly collect, use or disclose personal information from children under 13, or equivalent minimum age in the relevant jurisdiction, without verifiable parental consent. However, it is possible that we may inadvertently receive information pertaining to children under 13. If you believe that we have received information about your child that is under the age of 13, please do not hesitate to notify us at info@on1alliance.com. When we receive your notification, we will obtain your consent to retain the information or will delete it permanently.
Vermont Privacy Rights (Applicable to Vermont Residents) under the Vermont Financial Privacy Act
The Vermont Financial Privacy Act limits what we can do with your financial information and gives you rights to limit our sharing of your financial information. Under the Vermont Financial Privacy Act, Vermont residents have the right to receive notice and opt-in to sharing non-public Personal Information with non-affiliated third parties. Additionally, residents must consent to us sharing information regarding credit worthiness.
We do not share your information with affiliates and non-affiliated third parties, except for certain business purposes (e.g., to service your accounts), to market our products and services, as permitted by law, or with your consent. Additionally, we will not disclose credit information about you with our affiliates or non-affiliated third parties, except as required or permitted by law. You can access our Privacy Notice for information about our practices in accordance with the Vermont Financial Privacy Act. Please contact us to opt-in to, or opt-out of, sharing your non-public Personal Information.
Your Nevada Privacy Rights
Nevada residents have the right to request to opt out of any “sale” of their personal information under Nevada SB 220. You may request to “opt out” of the future sale of your Personal Information, although we do not sell your Personal Information. If you are a Nevada resident and would like to make such a request, please send an email to info@on1alliance.com, and provide “Nevada Privacy Rights” in the subject line. You must include your full name, email address and postal address in your request so that we can verify your Nevada residence and respond. In the event we collect your personal information after the receipt of your request, we will make reasonable efforts to comply with such request.
Cayman Islands Data Protection Act
The Cayman Islands Data Protection Act (as amended, the “DPA”) applies to the Company entities or its affiliates that are organized in the Cayman Islands. Where you engage the services of such an entity, that entity is a data controller with respect to your Personal Data and shall process your Personal Data in accordance with the requirements of the DPA. Subject to complying with the DPA, the entity may also share your Personal Data with its affiliates, its service providers and applicable regulatory and governmental authorities from time to time. Any transfer of your Personal Data outside of the Cayman Islands will be carried out in accordance with the DPA. Individuals have certain rights under the DPA with respect to their Personal Data, including the right to: (a) be informed about the purposes for which your Personal Data are processed; (b) access your Personal Data; (c) stop direct marketing; (d) restrict the processing of your Personal Data; (e) have incomplete or inaccurate Personal Data corrected; (f) ask us to stop processing your Personal Data; (g) be informed of a Personal Data breach (unless the breach is unlikely to be prejudicial to you); (h) complain to the Cayman Islands Data Protection Ombudsman; and (i) require us to delete your personal data in some limited circumstances.
Privacy Disclosures for the European Economic Area (EEA) and the United Kingdom (UK)
About This Disclosure
These additional disclosures are made in accordance with European and UK law, including the European General Data Protection Regulation (“GDPR”) and the UK GDPR. Terms that are not defined here have, unless otherwise indicated, the meanings set forth in our Privacy Policy. If you are based elsewhere in the world this Disclosure does not apply to you.
Our Legal Basis for Processing Personal Data
The European GDPR and the UK GDPR require us to have a legal basis for processing Personal Data about you. Depending on the Personal Data and data processing activities at issue, the legal bases upon which we rely may include:
- Consent. When you have given us clear consent for us to process your Personal Data for a specific purpose;
- Contract. When processing your Personal Data is necessary to perform a contract we have with you, or when you have asked us to take specific steps before entering into a contract;
- Legal obligation. When processing your Personal Data is necessary for us to comply with the law (not including contractual obligations
- Public task. When our use of your Personal Data is necessary for us to perform a task in the public interest lawfully, or the exercise of official authority vested in the controller; or
- Legitimate interests. When our use of your Personal Data is necessary to pursue our legitimate interests or those of a third party (provided your privacy interests do not override such interests).
To the extent that we rely on your consent, we will not invoke another legal basis. Further details on when we collect Personal Data, what we collect, as well as how and why we use it, are set out in our Privacy Policy and below.
Registering Customers
When you register with us to receive our Services, we may process your contact details; credit card information (when you make a purchase); professional information such as your role and company name; IP address and device information; and transaction information such as purchase and subscription information or courses that you follow. We ask for this data to create and manage your account with us; to communicate with you about your account; and, to provide you with the Service. We may rely on your consent, our legitimate interests, and/or the fulfillment of a contractual obligation as the lawful basis for processing your Personal Data. Our legitimate interests are to provide you with the Service you have requested and to ensure we deliver the Service with the appropriate quality.
Providing Our Services
When you use the Service, or when we provide our Service, we may process your contact details; professional information such as your role and company name; the login and connection information used to enable the Service; your IP address and device information; Company forum posts (where applicable); feedback to us; or Company customer support interactions. We process this Personal Data to operate or provide the Service; to carry out security checks; to fulfill our commitments to you; to contact you about your use of the Service; and, to generally improve the quality of the Service. We may rely on legitimate interests and/or the fulfillment of a contractual obligation as the legal basis for processing your Personal Data. Our legitimate interests are to provide you with the Service that you or your company have requested appropriately.
Providing the Service to You if You Are an Agent or an End User
Regarding your capacity as an end user of the Company products or services, we may process your contact details; professional information such as your role and company name; the login and connection information used to enable the Service; your IP address and device information; and Company forum posts (where applicable). We ask for this Personal Data to create and manage your account with us; to communicate with you about your account; and, to provide you with the Service. We may rely on legitimate interests and/or the fulfillment of a contractual obligation as the legal basis for processing your Personal Data. Our legitimate interests are to provide you with the Service you or your company have requested appropriately.
Marketing Operations
We may process your contact details and your marketing preferences to provide you with marketing if we think you will be interested in our Service or if you sign up to receive marketing from us, such as signing up for webinars and conferences. We always carry out marketing activities based on your consent or opt-in if legally required. Otherwise, we may rely on legitimate interests and/or the fulfillment of a contractual obligation as the legal basis for processing your Personal Data. We may rely on implied consent or opt-in in some circumstances, such as if you previously contacted us about our products and Services, subscribed to our Services, declined to opt out of marketing, etc.
Addressing Fraud and Security Threats
To prevent and detect fraud and unauthorized access to our customers’ accounts or the Services and our systems, we may process contact details; professional information such as your role and company name; the login and connection information used to enable the Service; your IP address and device information. We rely on our legitimate interests to minimize fraud and security issues and/or the fulfillment of a contractual obligation as a legal basis to use this Personal Data.
Compliance Requirements
To conduct security and identity checks, and to comply with other legal and regulatory requirements for screening individuals, we may process contact details; professional information such as your role and company name; the login and connection information used to enable the Service; your IP address and device information; and transaction information. We use this Personal Data to carry out identity and credit checks and address other Know Your Customer (“KYC”) and compliance obligations. We rely on our legitimate interests and our need to comply with legal obligations to process this information.
Analytics
To monitor how our customers and users use the Site and the Service, and make improvements or modifications to them, we may process your IP address, device information and transaction information, and other user activity data. We rely on your consent when such Personal Data is collected via non-essential cookies if required by law, and also our legitimate interests to deliver and improve our products and services, as our legal bases.
Your Privacy Rights
Subject to applicable law, including relevant exemptions and exceptions, you may have the following rights concerning your Personal Data.
- Right of access. The right to be provided with a copy of Personal Data about you that we process.
- Right to rectification. The right to require us to modify Personal Data that you think is inaccurate.
- Right to erasure (also known as the “right to be forgotten”). The right to require us to delete your Personal Data.
- Right to restriction of processing. The right to require us to restrict processing of your Personal Data in certain circumstances, e.g., if you contest the accuracy of the data.
- Right to data portability. The right to receive the Personal Data you provided to us in a structured, commonly used, and machine-readable format and transmit that data to a third party in certain situations.
- Right to object. The right to object to your Personal Data being processed for direct marketing (including profiling) and in certain other situations, e.g., processing pursuant to our legitimate interests.
- Right to not be subject to profiling. The right not to be subject to a decision based solely on automated processing (including profiling) without any human intervention that produces legal effects concerning you or similarly significantly affects you.
These rights do not apply to non-UK and non-EEA citizens, nor do they apply to anonymized data or data that does not otherwise constitute Personal Data. If you are an individual based in the UK or the EEA and you would like to exercise any of these rights described above, please email info@on1global.com with proof of your identity and address and describe what right you want to exercise and the information to which your request relates. To the extent permitted by applicable law, a charge may apply before we provide you with a copy of any of your Personal Data that we maintain. To the extent required under applicable law, we will respond to you within 30 days to let you know that we have complied with the request, to ask for further information or an extension of time, or to explain why we are not able to comply with the request. If you do not agree with our decision, then you can make a complaint as outlined below.
Supervisory Authority
We hope that we can resolve any concerns you may have about our use of your Personal Data. However, if we are unable to resolve your query to your satisfaction, then you may exercise your right to file a complaint with a supervisory authority.
- United Kingdom. For UK citizens, this will be to the Information Commissioner’s Office (“ICO”). You can contact the ICO here.
- European Economic Area. If you are an EEA citizen, this will be the supervisory authority in the member state where you work, normally live, or where the alleged infringement of data protection laws has occurred. A list of EEA supervisory authorities is available here.
- Denmark. If you are also a citizen of Denmark, you can contact the Danish Data Protection Agency (Datatilsynet) in Denmark. Their contact information can be found here.
Security
If you believe that you have found a security vulnerability relating to a Company product or the Site, please send a bug report to info@on1alliance.com.
How to Contact Us
Please contact us if you have any questions about this Privacy Policy or the Personal Data we hold about you by email at info@on1global.com or by postal mail at:
On1 Global, LLC
13809 Research Boulevard
Suite 500
Austin, TX, 78750