COMMAND ALKON INCORPORATED
Last modified: February 20, 2019
How We Collect and Use Personal Data
Personal Data You Provide
CAI collects the personal data you provide. For example, when you sign up for an account, we may collect information like names, e-mail addresses, physical address, phone numbers, etc. You may also provide personal data to, for example, learn more about our products or sign up for our notifications.
Data Collected Through our Products and Services
CAI obtains personal data in connection with providing its products, including:
- SaaS products or services hosted for CAI customers;
- Web-based products or services for collaborative commerce solutions covering the entire ordering and purchasing process in the business-to-business market sector;
- On-premise software products licensed to a customer for use on their own premises through provision of professional services;
- On-premise hardware products sold to a customer for use on their own premises; and
- Customer support services related to SaaS, web-based and on-premise software and hardware products.
For instance, when our customers use the products or services above, they may provide details about their employees, including their names, job titles, e-mail addresses, login credentials, telephone numbers, addresses, dates of birth, driver’s license numbers, and other information. Some of our web-based solutions enable customers to submit personal data to create users of the solution, to store transaction documents that may include some personal data of signatories or business contacts, to use geo-location, and to store contact information associated with trading partners.
Please note that where CAI collects personal data through these products and services, our customers are the Data Controller for what data is collected and how it is used and disclosed. CAI acts as a Data Processor only. Any questions related to how our customers process, use or share the personal data they collect through our products should be directed to the relevant customer.
As you navigate through and interact with our websites and/or SaaS products, we may use automatic data collection technologies to collect certain information about your equipment, actions and patterns (“User Activity Information”), including (i) details of your use, including traffic data, location data through geo-location technology, logs and other communication data and the resources that you access and use and (ii) information about your device, including your operating system, IP address, and other mobile sign-on data.
The User Activity Information that we collect helps us to improve our websites and products, and to deliver a better and more personalized service by enabling us to estimate our usage patterns, display information you request in your relevant time zone as appropriate, and recognize you when you return to our website or product.
How We Use the Information We Collect
CAI uses the information it collects for the purposes of operating effectively, providing its products and services to customers, facilitating business between parties in the industry, and administering and managing its relationships with customers. We also use the information we collect to process, evaluate and respond to your requests, respond to inquiries and applications; create, administer and communicate with you about your account (including any purchases and payments); operate, evaluate and improve CAI’s business (including developing new products and services, managing communications, performing market research, analyzing CAI products/services/websites, and performing accounting, auditing, billing, reconciliation, and collection activities); ensure the safety of CAI network services and resources; and comply with applicable legal requirements.
How We Disclose the Information We Collect
We may disclose information that we collect as follows:
- To our affiliates;
- To third parties, such as contractors, service providers, consultants and other agents (“Service Providers”), that provide assistance to our business. Service Providers with whom we share such information generally are bound by confidentiality obligations;
• To fulfill the purposes for which you provided such information;
- To a buyer or other successor of CAI or any of our affiliates in the event of an acquisition, merger, divestiture, restructuring, reorganization, dissolution or other sale or transfer of some or all of CAI’s or any of our affiliates’ equity or assets, whether as a going concern or as part of bankruptcy, liquidation or similar proceedings, in which Personal Data is among the assets transferred; and
• For any other purpose disclosed by us when you provide the information.
CAI takes reasonable and appropriate precautions to protect personal data from loss, misuse and unauthorized access, disclosure, alteration and/or destruction. Although we work hard to protect your privacy, we cannot guarantee the security of information or that your personal data or private communications always will remain private. Unauthorized entry or use, hardware or software failure, and other factors may compromise the security of user information.
Retention of Information
Your Rights and Choices
Account Information & Requests
In accordance with applicable law you may have the right to access, update or delete personal data we hold about you. This means you may have the right to: (i) be informed of the personal data we collect, how we use it and what information we have shared with third parties, and to be provided with a copy of that information; and (ii) have corrections made or have it deleted if such information is not accurate or processed in violation of applicable laws. You may be able to exercise these rights by logging into your account within the products that you use. Otherwise, to request such information directly, please submit a written request using the details provided in the Contact Us section below.
If you are from certain territories (such as the EEA from 25 May 2018 onwards), you may have the right to exercise additional rights available to you under applicable laws, including broader rights to access and erasure of your personal data, the right to object to or restrict processing of your personal data, or the right to data portability in certain circumstances. If you would like to make such a request, please contact us with a written request using the details provided in the Contact Us section. Where CAI relies on your consent to process personal data, you have the right to withdraw or decline your consent at any time. Please note that this does not affect the lawfulness of the processing based on consent prior to its withdrawal.
Remember that in certain regions, you also have the right to complain to a data protection authority (“DPA”) about our collection and use of your personal data. For more information, please contact your local DPA.
In the event CAI processes information about you on behalf of a customer, please direct your privacy inquiries and requests for access, correction or deletion of personal data to such customer.
From time to time, we may send you marketing communications about our products, in accordance with your preferences. You may opt out of receiving promotional messages from us at any time by following the instructions in those messages (often it will be a notice or link at the bottom of the message). If you opt out, we may still send you non-promotional communications, such as those about your account or our ongoing business relations. Requests to opt out of promotional communications may also be sent to CAI in writing via the methods listed below in the Contact Us section.
If you prefer, you can usually choose to set your browser to remove or reject browser cookies or to clear local storage. Please note that if you choose to remove or reject cookies, this could affect the availability and functionality of our website and services.
You can turn location-based services on and off by adjusting the settings of your mobile device. Please note that if you choose to turn off location-based services, this could affect the full functionality of our products and services.
International Data Transfers and Privacy Shield
CAI is based in the United States and has offices globally. To facilitate our operations and to help deliver our products, we may transfer personal data to the U.S. and any other country where our affiliates, vendors, consultants and service providers operate. Such countries may have laws which are different, and potentially not as protective, as the laws of your country of residence.
When we transfer personal data from the European Economic Area (“EEA”), the United Kingdom, or Switzerland to the United States, we comply with the EU-U.S. Privacy Shield Framework and the Swiss – U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data transferred from the European Union, the United Kingdom, and Switzerland to the United States, respectively. CAI has submitted to the Department of Commerce that it adheres to the Privacy Shield Principles (“Principles”). To learn more about the Privacy Shield program, please visit https://www.privacyshield.gov/.
Legal Basis for Processing (EEA)
If you are an individual from the EEA, our legal basis for collecting and using personal data will depend on the personal data concerned and the specific context in which we collect it. However, we will normally collect personal data from you only where: (1) we have your consent to do so, (2) where we need the personal data to perform a contract with you (such as delivering products or providing services to you), or (3) where the processing is in our or a third party’s legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms. In some cases, we may also have a legal obligation to collect personal data or may otherwise need the personal data to protect your vital interests or those of another person.
or write to:
Command Alkon Incorporated
Chief Privacy Officer c/o The Legal Department
1800 International Park Drive
Birmingham, Alabama 35243