Privacy Policies

 

Privacy Policy

 

The Privacy Policy applies with immediate effect to all Individual Customers, suppliers, contractors, service providers and users of ASG’s website.

Welcome! Thank you for visiting the Privacy Policy of ASG Technologies Group, Inc. (“ASG” “we” “us”). ASG has adopted this Privacy Policy (“Policy”) so that you as the Data Subject may understand how it governs ASG’s collection, receipt, use and disclosure of personal information. This Policy is designed to assist ASG to maintain an adequate level of personal information privacy protection. This Policy applies to the processing of personal information that ASG or its affiliates (together the “ASG Group”) obtains from Data Subjects located in countries and states with applicable privacy and data protection laws.

Please read this Policy carefully. We may change our Policy from time to time. We therefore ask you to check it occasionally to ensure that you are aware of the most recent version. If a revision meaningfully reduces your rights, we will notify you.

This website may contain links to a number of other non-ASG websites. The privacy policies and procedures described here do not apply to those third-party sites. Please visit those sites directly for information on their data collection and distribution policies. Any reference to a linked site or any specific third-party product or service by name does not constitute or imply its endorsement by us - you assume all risk with respect to its use.

All ASG employees who handle Personal Information are required to comply with this Policy.

Capitalized terms are defined in Section 19 of this Policy.
 

1. Identity of the Data Controller 

ASG Technologies Group, Inc., a State of Delaware corporation, TIN-59 2634496, with its main place of business at 708 Goodlette Road North, Naples, Florida 34102, United States of America and its branches as well as affiliates worldwide.

2. SCOPE

This Policy applies to Personal Information that ASG collects or receives within its commercial activities and transactions with business, governmental, or charitable organizations. It does not apply to or cover data belonging to individual persons as private (household) consumers nor data from which individual persons cannot be identified or situations in which pseudonyms are used. (The use of pseudonyms involves the replacement of names or other identifiers with substitutes so that identification of individual persons is not possible.) This Policy does not cover information collected by the ASG Group regarding its employees or contractors.

3. RESPONSIBILITIES AND MANAGEMENT

ASG has designated its Legal and Information Security Departments to supervise its corporate-wide information security program, including its compliance with the EU-U.S. and Swiss-US Privacy Shield Frameworks. The Legal Department in cooperation with the Information Security Department shall review and approve any material changes to this program as necessary.

ASG will maintain, monitor, test, and upgrade information security policies, practices, and systems to assist in protecting the personal information that it collects. ASG personnel will receive training, as applicable, to effectively implement this Policy. Please refer to Section 10 for a discussion of the steps that ASG has undertaken to protect Personal Information.

4. Privacy Shield Framework

ASG complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries, the EEA and Switzerland, respectively. ASG has certified that it adheres to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability. If there is any conflict between the policies in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/.

The Federal Trade Commission (“FTC”) has jurisdiction over ASG’s compliance with the EU-U.S. and Swiss-U.S. Privacy Shield programs.

5. RENEWAL / VERIFICATION

ASG will renew its EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield certifications annually, unless it subsequently determines that it no longer needs such certifications or if it employs a different adequacy mechanism.

Prior to the re-certification, ASG will conduct an in-house verification to ensure that its attestations and assertions with regard to its treatment of Personal Information are accurate and that the company has appropriately implemented these practices. Specifically, as part of the verification process, ASG will undertake the following:

1. Review this Policy as also publicly posted on its website to ensure that it accurately describes the practices regarding the collection of Individual Customer Personal Information;

2. Update the publicly posted privacy policy so that it informs Data Subjects of ASG’s participation in the EU-U.S. and Swiss-U.S. Privacy Shield programs and where to obtain a copy of additional information (e.g., a copy of this Policy);

3. Update this Policy such that it continues to comply with the EU-U.S. and Swiss-U.S. Privacy Shield Principles;

4. Confirm that Data Subjects are made aware of the process for addressing complaints and that JAMSADR is available for an independent dispute resolution process (ASG may do so through its publicly posted website, Individual Customer contract, or both);

5. Review its processes and procedures for training Employees about ASG’s participation in the EU-U.S. and Swiss-U.S. Privacy Shield programs and the appropriate handling of Personal Information.

ASG will prepare an internal verification statement on an annual basis.
 

6. COLLECTION AND USE OF PERSONAL DATA

ASG collects Personal Information from Data Subjects such as

  • Individual Customers;
  • users of its websites;
  • its suppliers, contractors, service providers; and
  • business partners.
ASG obtains Personal Information from Data Subjects when they
  • purchase ASG’s products as Individual Customers for business use;
  • register with our website and log-in to their account for product or license key downloads and maintenance purposes;
  • request support from ASG’s Global Customer Care;
  • complete surveys;
  • request information through contact forms; or
  • otherwise communicate with ASG through live support means or posting to a message board or forum.

Personal Information: The Personal Information that we collect may vary based on the Data Subject’s interaction with us through our webpages or our employees and requests for our services. As a general matter, ASG collects the following types of personal information from its Data Subjects: business contact information, including, a contact person’s name, business email address, business mailing address, the company’s invoice address, business telephone or mobile number, job title or role, company name, products purchased, estimated deal value, services provided, as well as payment information (which might include corporate credit card and/or bank account information).
The next paragraphs 6.A. – 6.G. provide more detailed information how and when collection of personal information takes place, the legal basis and the data storage period.
6.A. Individual Customers: The information that we collect from Individual Customers is used for direct marketing and selling ASG’s products and services, managing transactions, reporting, invoicing, renewals, providing services and products to the Individual Customer, improving our products and services, defending our rights, and investigating fraud. Some Individual Customers have the option to log into their accounts online and to request service online, including through a live support option.  We will only collect information that they choose to provide to us through these portals.
For certain products, ASG serves as a service provider providing software maintenance and/or hosting of software as a service. In our capacity as a service provider, we will receive, store, and/or process Personal Information in order to supply the service. In such cases, we are acting as a data processor and will process the personal information on behalf of and under the direction of our Individual Customers and/or agents. The information that we collect from our Individual Customers in this capacity is used for managing transactions, reporting, invoicing, renewals, providing services to the Individual Customer, and as otherwise requested by our Individual Customer and/or agent.
ASG uses the Personal Information that it collects directly from its Individual Customers and for its agents indirectly in its role as a service provider for the following business purposes, without limitation:
A1. maintaining and supporting its products, delivering and providing the requested products/services, and complying with its contractual obligations related thereto (including managing transactions, reporting, invoices, renewals, and other operations related to providing services to an Individual Customer);
A2. satisfying governmental reporting in respect of tax(es), import/export and other requirements;
A3. storing and processing data, including Personal Information, in computer databases and servers located in the United States and Europe;
A4. verifying identity (e.g., for online access to accounts);
A5. as requested by the Individual Customer;
A6. for other business-related purposes permitted or required under applicable local law and regulation, including protecting our business or our Individual Customers or investigating fraud or misconduct; and
A7. as otherwise required by law or court order.

Legal basis: We carry out the various types of processing listed under no. A1 through A7 on basis of the existing contractual relationship with you as the Individual Customer for requested services and queries or downloads via our website and portals.

Data storage period: The data we obtain because of the contractual relationship between yourself and us will be retained by us for the duration of the contractual relationship and also afterwards in accordance with legally mandatory retention periods under commercial, accounting and tax laws and court procedure / litigation rules.
A8. We use the Personal Information that we collect directly from our Individual Customers for sending information of interest about our products and services (“Advertisements”) by electronic and non-electronic means.

Legal basis: We may do so on basis of the presently existing contractual relationship with you as the Individual Customer. You may unsubscribe at any time from such electronic communication by exercising the “unsubscribe” link, by emailing privacy@asg.com or by following the instructions in this Policy. In case we send you Advertisements by non-electronic means, we may do so on basis of our legitimate interest in promoting our company, its products and services. You may at any time contact us, either by email or by post, to stop such Advertisements.

Data storage period: Your contact data as an existing Individual Customer for sending Advertisements will be kept until no longer necessary for the purposes for which it is being processed, unless otherwise required by applicable law.
A9. In instances where we serve you as a data processor and process personal information at your prior and express request, a data protection agreement shall be agreed between us before processing of any personal information can commence under your instruction. A data protection agreement shall be concluded for any software error issues where Personal Information derived from your live production environment is required or cannot be avoided by other alternatives, as for example dummy or pseudonymized data or through a Webex session. Such data protection agreement shall also be agreed in the provision of hosting of software as a service. A template of the data protection agreement may be found here. Should it be required, E.U. Standard Contractual Clauses for the data transfer shall be executed additionally.

Legal basis: We may do so on basis of the presently existing contractual relationship with you as the Individual Customer.

Data storage period: The Personal Information which you provide to us will only be processed for purposes outlined above. Any Personal Information for software error resolution will not be backed up and will be destroyed completely upon completion of the support incident ticket.
6.B. Request of information by other website users: We collect Personal Information from users of our website who request information through the “contact us” field or application forms for downloads and/or events in order to attend and respond to their requests.
Legal basis: We may collect your Personal Information and process it on basis of your prior express consent and express acknowledgment of this Privacy Policy at the point of requesting the information on our website.
Data storage period: Your personal information as a website user will be kept for a period of six (6) months. Should no further contact or business relationship ensue, your Personal Information will be deleted.
B1. We use your Personal Information for sending Advertisements.
Legal basis: We may do so on basis of your prior express consent and express acknowledgment of this Privacy Policy. This happens, on occasion, on certain ASG webpages when you decide to click on a checkbox to confirm your express and free consent that ASG may send to you Advertisements. You may unsubscribe at any time from these Advertisements by exercising the “unsubscribe” link at the bottom of each commercial communication or by contacting us by email at privacy@asg.com or posted letter to withdraw your consent and/or request deletion of your details.
Data storage period: Your Personal Information as a website user will be kept for a period of six (6) months. Should no further contact or business relationship ensue, your Personal Information will be deleted.
6.C. ASG Training Services: At times, Individual Customers may book customer-facing training offered by ASG as part of a software purchase. For purposes of establishing the training environment, ASG will use the participating students’ full names, email addresses, contact phone numbers, job titles or roles as well as any student logon IDs which the Individual Customer provides when registering its employees as students for the training. Legal Basis: We may use the Personal Information provided on basis of the existing contractual relationship. Data Storage Period: ASG will not retain the Personal Information of Individual Customers’ employees who are registered by the Individual Customer in ASG Training Services for a period exceeding six (6) months from the start of each training event. At the end of the six-month period, ASG will fully destroy any such employees’ details, including their full names, email addresses, contact phone numbers, job titles or roles as well as any student logon IDs to ASG-provided training environments.
6.D. Partners: We collect and store Personal Information from our business partners to set up partner profiles in our CRM, for managing transactions, reporting, invoicing, renewals, providing services and products to end user businesses, improving our products and services, defending our rights, and investigating fraud. Some business partners have the option to log into their accounts online and to request online services, such as our ACCESS portal or through a live support option. We will only collect information that they choose to provide to us through or for these portals. With regard to ASG Training Services for so-called partner enablement training, ASG will only store the participating employees’ first and last names as well as their email address.
Legal basis: We may do so on basis of the presently existing contractual relationship with you as a business partner for requested services and queries or downloads via our website and portals or, in the case of partner enablement training, to grant access to ASG’s learning management system, for accreditation and re-certification as required by the partner business program.
Data storage period: The data we obtain because of the contractual relationship between yourself and us will be retained by us for the duration of the contractual relationship and also afterwards in accordance with legally mandatory retention periods under commercial, accounting and tax laws and court procedure / litigation rules.
6.E. Suppliers, contractors, and service providers: We collect and store personal information of our suppliers, contractors and service providers for registering these in our ERP tool, to manage the contracted services, the purchase orders, invoices and payments as well as, if any, evaluation of the services provided. We would also keep their contact details such as email, phone number(s), fax (if any) and mailing address for potential future hiring and/or collaboration.
Legal basis: We may do so on basis of the precontractual or contractual relationship.
Data storage period: The data we obtain because of the contractual relationship between yourself and us will be retained by us for the duration of the contractual relationship and also afterwards in accordance with legally mandatory retention periods under commercial, accounting and tax laws and court procedure / litigation rules.
6.F. Webinars: For your information, ASG will not collect your data when you sign up for webinars listed on our website. When you click on a link, you will be re-directed to BrightTalk, a content provider used by ASG.
6.G. Special Note Regarding Children Under 16. ASG cares about protecting the privacy of children. We will not specifically market to or knowingly collect the Personal Information from children under 16 for marketing purposes. Because some information is collected online, it may not appear to be the Personal Information of a child under 16. If a child under 16 submits Personal Information to us and we learn that the Personal Information is the information of a child under 16, we will attempt to delete the Personal Information as soon as possible. If you are under 16, please do not register for any of our services or provide us any information about yourself (such as your name, email address or phone number).

7. COOKIE POLICY

ASG uses cookies to discern the various users on its websites.  In doing so, ASG seeks to improve its website offering and provide users with a practical and optimal browsing experience.  When you visit our webpages and/or use our services online, we will:

  • collect your IP address and browser type for anonymous, non-personal information on your geographic location;
  • record the duration of the visit and the specific ASG website content(s) viewed;
  • show content and ads about ASG, its products and services which might be of interest in relation to ASG webpages visited;
  • associate your IP address and browser type with a specific Individual Customer in order to authenticate the log-in credentials;
  • collect Personal Information from you when you, on occasion, contact us through our website to request additional information; in this situation, we would collect your business contact information (as discussed above) and any other information that you choose to submit through our website via contact request forms.

For detailed information about the use of cookies in ASG’s websites, their disablement or deletion, please read and review our Cookie Policy found here. ASG currently does not respond to Do Not Track requests.
 

8. DISCLOSURES / ONWARD TRANSFERS OF PERSONAL DATA

ASG discloses your Personal Information to Third Parties who reasonably need to know such data only as required to provide the services to you, and not for other purposes. Such Third Parties must agree to abide by confidentiality obligations and enter into data protection agreement with ASG.

ASG may provide your Personal Information to Third Parties that act as agents, consultants, and providers to perform tasks on behalf of and under our instructions. For example, ASG may store such Personal Information in the facilities operated by Third Parties. This is the case for CRM, customer care and marketing platform service providers. Such Third Parties are thoroughly selected on basis of their credentials, their industry standing as well as their track record surrounding privacy, data protection and security. They must warrant compliance with all Applicable Data Protection Laws. Third Parties instructed by ASG must agree to use such Personal Information only for the purposes for which they have been engaged by ASG, and they must abide by confidentiality obligations and agree to provide adequate protections for the Personal Information that are no less protective than those set out in this Policy.

ASG currently uses these providers:

Microsoft – Office 365 Applications; and

Zendesk – ASG’s ACCESS platform for its Global Customer Care team.

ASG also may disclose Personal Information for other purposes or to other Third Parties, if and when a Data Subject has expressly consented to or requested such disclosure or when otherwise permitted under law. This may be necessary with ASG’s business partners for commercial negotiation and contract performance. Please be aware that ASG may be required to disclose an individual’s personal information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements. ASG will not, however, ever sell your personal information to any third party.

In cases of onward transfer to Third Parties of data of EU or Swiss individuals received pursuant to the EU-U.S. Privacy Shield or Swiss-U.S. Privacy Shield, ASG is potentially liable.
 

9. SENSITIVE DATA

ASG does not collect Sensitive Data from its Individual Customers.
 

10.TECHNICAL AND ORGANIZATIONAL MEASURES, DATA INTEGRITY AND SECURITY

ASG uses appropriate technical and organization measures (“TOMs”) to protect the Personal Information adequately as required. ASG will use reasonable efforts to update the TOMs to maintain their accuracy, confidentiality and integrity. For instance, regular reviews are conducted throughout each business month as data in ASG’s databases is used for customer billing and invoicing. ASG has implemented adequate physical, administrative and technical safeguards designed to protect Personal Information in ASG’s custody and control from loss, misuse, and unauthorized access, disclosure, alteration, or destruction.

11. NOTIFICATION

ASG notifies Data Subjects about its adherence to the EU-U.S. and Swiss-U.S. Privacy Shield Principles through its publicly posted website privacy policy, available at https://www.asg.com/en/Privacy-Policies-and-Statements/Privacy-Policy.aspx and assumes Data Subjects’ approval and adherence to the current policy when they provide their information to us in the transactional processes as described further here.

12. ACCESSING PERSONAL INFORMATION

ASG has an approved list of managers and personnel with access to Personal Information and may access and use Personal Information only for the purposes for which they are authorized. Access is monitored and logged. Individuals with access are trained on the requirements of this Policy and security.;

13. OPTING-OUT

Data Subjects have a right to opt-out at any time by contacting us at privacy@asg.com. You may also contact us under privacy@asg.com at any time for removal from any mailing lists or by simply following the “unsubscribe” instructions on emails from ASG.
 

14. RIGHT TO ACCESS, CHANGE OR DELETE PERSONAL DATA OR PERSONALLY IDENTIFIABLE INFORMATION

14.A. Right to Access. Data Subjects have the right to know what Personal Information about them is included in ASG’s databases and to ensure that such Personal Information is accurate and relevant for the purposes for which ASG collected it. Data Subjects may review their own Personal Information stored in the databases and correct, erase, or block any data that is incorrect, as permitted by applicable law and ASG policies. Upon reasonable request and as required by the Privacy Shield Principles, the GDPR as well as Applicable Data Protection Laws, ASG allows Data Subjects access to their Personal Information, in order to correct or amend such data where inaccurate, provided they can sufficiently identify themselves and the reason for their access query when requested to do so by ASG.
 
14.B. Right to Rectification. Data Subjects may request edits to their Personal Information by contacting ASG by email (privacy@asg.com). In making modifications to their Personal Information, Data Subjects must provide only truthful, complete, and accurate information.
 
14.C. Right to erasure. To request erasure of Personal Information, Data Subjects should submit a written request to ASG at privacy@asg.com. Data Subjects are entitled to request ASG the erasure of their Personal Information when the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed, the Data Subject withdraws the consent given expressly beforehand on which processing is based and there is no other legal ground for the processing.  A Data Subject may also among other legal reasons request the unconditional erasure of Personal Information where its data was unlawfully processed, or there are no overriding legitimate grounds for the processing, or the Data Subject objects to processing for direct marketing purposes.
 
14.D. Right to restrict processing. The Data Subject shall have the right to restrict processing of  Personal Information by ASG to ensure that only accurate data is processed, or for the establishment, exercise or defense of legal claims upon the Data Subject’s request.
 
14.E. Right to object to processing. The Data Subject shall be entitled to object to the processing of Personal Information, on grounds related to the particular situation, at any time where processing takes place on basis of ASG’s legitimate interest.  ASG will stop processing the Personal Information of the Data Subject, except for compelling legitimate reasons or for the establishment, exercise or defense of any claims under law.
 
14.F. Right to Portability. The Data Subject shall have the right to receive the Personal Information belonging to them, which was provided to ASG as Data Controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided where a) the processing is based on prior express consent or on basis of a contract to which the Data Subject is party or in order to take steps prior to entering into such a contract and b) the processing is carried out by automated means.
 
For any data subject access rights, ASG will endeavor to comply as soon as practically possible, however not later than thirty (30) days.  If ASG is not able to attend to your request, ASG will inform you of a later date, but not later than reasonable or where specified according to applicable mandatory law. ASG reserves the right to request such additional information from you as reasonably required in order to verify your identity.
14.G. Requests for Personal Information. ASG will track each of the following and will provide notice to the appropriate parties as required under law and contract when either of the following circumstances arise: (a) a legally binding request for disclosure of the personal information is made by a law enforcement authority, unless prohibited by law or regulation; or (b) a written request is received from the Data Subject. ASG will respond to this request, or as necessary, ASG will refer such Data Subject to that Individual Customer, supplier, contractor or service provider.
 
14.H. Satisfying Requests for Access, Modifications, and Corrections. ASG will endeavor to respond in a timely manner to all reasonable written requests to view, modify, or inactivate personal information.

15. CHANGES TO THIS POLICY

This Policy may be amended from time to time, consistent with the EU-U.S. and Swiss-U.S. Privacy Shield Principles and Applicable Data protection Laws.  The date this Policy was last revised is provided at the bottom of the page. We will notify our Individual Customers, suppliers, contractors and service providers if we make changes that materially affect the way we handle Personal Information previously collected.  We will also allow them to choose whether their Personal Information may be used in any materially different manner. You are, however, responsible for ensuring we have an up-to-date active and deliverable email address for you, and for periodically visiting ASG’s website and this Policy to check for any changes.

16. QUESTIONS OR COMPLAINTS

For any questions or complaints and also the treatment of the Personal Information you provided to ASG, you may contact us using either of our contact information below:
 
ASG Technologies Group, Inc.
Data Protection Officer
By email: privacy@asg.com
By post: 708 Goodlette Road North, Naples, Florida 34102, U.S.A.
Alternatively, by post to that office location nearest to you, as published on our webpage.

 

17. ENFORCEMENT AND DISPUTE RESOLUTION

In compliance with the EU-U.S. and Swiss-U.S. Privacy Shield Principles, ASG commits to resolve complaints about your privacy and our collection or use of your personal information. European Union or Swiss individuals with inquiries or complaints regarding this privacy policy should first contact us at:  privacy@asg.com.

If an EU or Swiss Individual Customer’s question or concern cannot be satisfied through this process, ASG has further committed to refer unresolved privacy complaints under the EU-U.S. and Swiss-U.S. Privacy Shield Principles to JAMS Privacy Shield Dispute Resolution, an  alternative dispute resolution provider located in the United States and operated by JAMS. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://www.jamsadr.com/file-an-eu-us-privacy-shield-claim for more information and to file a complaint.

Please note that if your complaint is not resolved through these channels, under limited circumstances, a binding arbitration option may be available before a Privacy Shield Panel.

We will cooperate with the national data protection authority in the country of your residence to resolve privacy complaints which you submit about us.  In order to make a complaint about ASG, please contact your relevant data protection authority. A list of data protection authorities can be found under https://edpb.europa.eu/about-edpb/board/members_en.
 

18. YOUR CALIFORNIA PRIVACY RIGHTS

Special Note Regarding Personal Information of Residents of California:

18.A. California Online Privacy Protection Act
As required by the California Online Privacy Protection Act (“California Act”) and the California Business and Professions Code, this Policy also identifies the categories of “Personal Information” (as that term is defined in the California Act) that we collect through our website about Individual Customers who use or visit our website and the categories of Third Parties with whom such Personal Information may be shared.
Depending on the visitor’s activity at our website, certain Personal Information may be collected, in addition to information set forth in other sections of this document.
Please refer to Section 14 for a description of the process maintained by ASG for an Individual Customer who uses our website to review and request changes to any of his or her Personal Information that is collected through our website.
Please refer to Section 15 for a description of the process by which we notify Individual Customers who use our website of material changes to this Policy.
See more about the California Act at https://consumercal.org/california-online-privacy-protection-act-caloppa/#sthash.0FdRbT51.dpuf.

B. California’s Shine the Light Law
Pursuant to California Civil Code Section 1798.83, if you are a California resident, you have the right to request and receive, once a year and free of charge, information about Third Parties to whom we have disclosed certain types of Personal Information (if any) about you for their direct marketing purposes in the prior calendar year, and a description of the categories of Personal Information shared. To make such a request, please send an email to privacy@asg.com and please include the phrase “California Privacy Request” in the subject line, the domain name of the website you are inquiring about, along with your name, address and email address. At our option, we may respond to such requests by providing instructions about how our users can exercise their options to prevent our disclosure of Personal Information to Third Parties for their direct marketing purposes. 

C. California Consumer Privacy Act
Pursuant to California Civil Code §§ 1798.100 to 1798.199, if you are a California resident, the California Consumer Privacy Act of 2018 (“CCPA”) (Cal. Civ. Code §§ 1798.100 to 1798.199) provides you with additional rights regarding ASG’s use of your Personal Information. This Policy shall serve to ensure ASG’s compliance with the CCPA, describes your CCPA rights and explains how to exercise those rights.
You have the right to request that ASG discloses certain information to you about ASG’s collection and use of your Personal Information over the past 12 months. Once we receive and confirm your verifiable consumer request, we will disclose to you:
•     The categories of Personal Information we collected about you.
•     The categories of sources for the Personal Information we collected about you.
•     Our business or commercial purpose for collecting that Personal Information.
•     The categories of third parties with whom we shared that Personal Information.
•     The specific pieces of Personal Information we collected about you.
•     If we disclosed your Personal Information for a business purpose to a third party, a separate list:
-     identifying the Personal Information categories that each category of recipient obtained.
You also have the right to request that ASG deletes the Personal Information we have collected and used about you.  Once we receive and confirm your verifiable consumer request, we will delete either all or part of such Personal Information as directed by you.
For a more detailed explanation, please see Section 14 Right to Access, Change or Delete Personal Information. In order to submit a verifiable consumer request, please enter your details on our CCPA Enquiry Form, found on https://www.asg.com/Privacy-Policies-and-Statements.aspx.
Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your Personal Information. You may also make a verifiable consumer request on behalf of your minor child.
You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:
•     Provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Information or an authorized representative.
•     Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm the

Personal Information relates to you.
In the last twelve (12) months, ASG has collected or disclosed the following categories of Personal Information for a business purpose to its service providers and business partners:

Category A: Identifiers consisting of, as the case may be, Data Subjects’ full names, their company/business email addresses and telephone numbers as well as company/business addresses;

Category B: California Customer Records Personal Information categories consisting of a name, signature and job title on fully executed contracts; and

Category D: Commercial information such as ASG products or services the Data Subject purchased, obtained, or was interested in.
ASG does not sell your Personal Information. If you exercise your rights under the CCPA, ASG will not discriminate against you.

To learn more about the CCPA and your privacy rights, visit https://leginfo.legislature.ca.gov/faces/billTextClient.xhtml?bill_id=201720180AB375
Please refer to Section 15 for a description of the process by which we notify Data Subjects of material changes to this Policy.

19. DEFINED TERMS

Capitalized terms in this Policy have the following meanings:

Applicable Data Protection Laws” means most importantly and before all the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data (the “GDPR”) and any similarly protective laws and regulations for the protection of Personal Information, including but not limited to those referenced in this Policy, and which ASG Group undertakes to comply with as it acts upon its legitimate interests or consent during its corporate-wide pursuit of business activities and as described in this Policy. 

Individual Customer” means any enterprise which as an individual current, prospective or former customer is or has been or intends to be a business client of the ASG Group. The term also shall include any individual employee, agent, or representative, of an individual customer of the ASG Group.

Data Controller” means the ASG Group which, alone or jointly with others, determines the purposes and means of the processing of Personal Data (or where applicable, Personally Identifiable Information).

 “Data Subject” means an identified or identifiable natural living person. An identifiable person is one who can be identified, directly or indirectly, by reference to a name, or to one or more factors unique to his or her personal physical, psychological, mental, economic, cultural or social characteristics. For ASG, a Data Subject can be an employee of Individual Customers,business partners, suppliers, contractors, and service providers, or also a user of its website.  For Individual Customers, business partners, suppliers, contractors, service providers or website users residing in Switzerland, a Data Subject also may include a legal entity. Notwithstanding, a partnership, sole trader, association or cooperation may also be a data subject.

Employee” means an employee (whether temporary, permanent, part-time, or contract), or independent contractor, or job applicant of ASG or any of its affiliates or subsidiaries.

Europe” or “European” refers to a country in the European Union or the European Economic Area (“EEA”).

Personal Information” is a globally accepted term which Applicable Data Protection Laws define as data that directly identifies or may be used to indirectly identify a natural person either by reference to one identifying element (for example, but not limited to, names, job title and role, user ID, email address, phone number) or in combination with one or more factors specific to the identity of that person (for example, but not limited to, user ID, password, and customer number).  Personal Information belongs to one individual natural person, including any of the following: first and last name; a home address (if any) or other physical address, including street name and name of a city or town; e-mail address; telephone number; social security number; any other identifier that permits the physical or online contacting of a specific individual; or information concerning a user that the website or online service collects online from the user and maintains in personally identifiable form in combination with another identifier.

Personal Information does not include data that is pseudonymized, anonymous, or has been manifestly made public by the individual natural person. For some jurisdictions, the term “person” includes both a natural person and a legal entity, regardless of the form of the legal entity. Notwithstanding, a firm, individual, partnership, proprietorship, sole trader, association, committee or cooperation and any other organization or group of persons acting in concert may also be a “person”.  
“pseudonymize” or “pseudonymization’ means the processing of personal information in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.

Sensitive Data” means personal information that discloses for example, but not exhaustively, a Data Subject’s medical or health condition, race or ethnicity, political, religious or philosophical affiliations or opinions, sexual orientation, or trade union membership.

Third Party” means any individual or entity that is neither ASG nor an ASG employee, agent, contractor, or representative.
 
LAST UPDATED: 10/08/2020