Privacy Shield Statement
INKY Technology Corporation (“INKY”) complies with the EU-U.S. Privacy Shield Framework and Swiss-
U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union, the United Kingdom, and Switzerland to the United States. INKY has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/
1. Scope
This EU-U.S. Privacy Shield Statement applies to all Personal Data, as defined below, that is received by INKY in the US from the EU. INKY commits to comply with the Privacy Shield Principles in respect of such Personal Data.
2. Definitions
- “Customer” or “customers” refers to INKY’s business customers that use the INKY Phish Fence phishing detection service.
- “EU-U.S. Privacy Shield Statement” refers to this EU-U.S. Privacy Shield Statement section of the INKY Privacy Policy.
- “Personal Data” or “Personal Information” refers to any information relating to an identified or identifiable individual, recorded in any form.
- “Privacy Policy” refers to the INKY Privacy Policy, this web page, found at https://www.inky.com/privacy-policy/
- “Privacy Shield Principles” refers to the principles issued by the U.S. Department of Commerce and contained in Annex II to the European Commission’s decision of July 12, 2016 on the adequacy of the protection provided by the EU-U.S. Privacy Shield.
- “Sites” refers to INKY websites accessible at https://www.inky.com
- “Services” refers to the Sites and INKY Phish Fence software.
3. Types of Personal Data Collected
Personal Data That You Provide Through the Services
We collect Personal Data from you when you voluntarily provide such information by reporting an email using the “Report” button which is part of the INKY Phish Fence banner. By voluntarily providing us with Personal Data, you are consenting to our use of it in accordance with this Privacy Policy. If you provide Personal Data to the Service, you acknowledge and agree that such Personal Data may be transferred from your current location to the offices and servers of INKY and the authorized third parties located in the United States.
Personal Data that We Receive From Our Customers
The Company may collect Personal Information from its Users in a variety of ways, such as through the Website, email marketing, paper marketing, advertising, telephone contact and other instances where Users have volunteered this information to the Company (such as a conference or event). This collected information may include:
- Contact information, such as name, email address, mailing address, phone number;
- Billing information such as a billing address;
- Information about a User’s business, such as the company name, address, business type;
The Company does not collect the following types of information from its Users:
- Personal information specifying medical or health conditions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership or information specifying the sex life of the individual), ideological views or activities, information on social security measures or administrative or criminal proceedings and sanctions, which are treated outside pending proceedings.
Other Types of Information
COOKIES
When Users interact with the Website, the Company uses “Cookies” to keep track of a User’s preferences and to make the User’s experiences simple and meaningful. A “Cookie” is a small file that is stored on the User’s computer for record keeping purposes. The Company does not link this information to any personally identifiable information that may be submitted by the User on the Website. The Personal Data the Company collects may include the pages on the Website which a User visited or how long such User visited the Website for. The primary purpose of Cookies is to provide a convenience feature to save Users time when the Users revisit the Website. If a User prefers otherwise, each User has the ability to decline Cookies, modify them, or remove them by changing their web browser settings.
LOG FILES, WEB BEACONS/GIFS
The Company uses a third-party provider that employs a software technology called “Clear Gifs” (also known as “web beacons” or “web bugs”), which are tiny graphics with a unique identifier, similar in function to Cookies, and are used to track the online movements of web users. In contrast to Cookies, which are stored on a web user’s computer hard drive, Clear Gifs are embedded invisibly on web pages or in emails and are about the size of the period at the end of this sentence. The Company uses Clear Gifs in its HTML-based emails to let it know which emails have been opened by the recipients. This allows the Company to gauge the effectiveness of its marketing campaigns. The Company ties the information gathered by Clear Gifs in emails to its Users’ Personal Information. If a User would like to opt-out of these emails, they should contact the Company directly by mail, telephone or email at the contact information provided below, or, at any time, a User may request to opt-out by clicking the ‘unsubscribe’ link located in the footer of all marketing communication.
LOG FILES/ANALYTICS
The Company gathers certain information automatically and this is stored in a log file. This information includes Internet protocol addresses (“IP”), browser type, domain names, access times, referring website, country, pages visited, operating system, date and time stamp and other data about what pages User visited on the Website and how long a User was there. The Company does not link this information to personally identifiable information, it is used purely for analytics purposes to see trends on the use of the Website and to gather information about the visitors to the Website.
ADVERTISING
The Company uses third-party providers to deliver targeted advertising messages. Cross-device matching: Identifying all devices that are likely to be associated with Users so that ads can be targeted, capped and sequenced across those devices. For example, cross-device matching helps us NOT show you ads for the shoes you were looking at on your phone but that already purchased on your tablet. Instead we’ll try to show you ads for an upcoming triathlon where you can put those shoes to work. It also helps us match devices so we can honor your opt-out choices across all devices we know are connected to the opted-out cookie.
THIRD PARTY TRACKING TECHNOLOGIES
The use of third-party tracking technologies by the Company’s service providers, such as with the various social media features, is not covered by this Privacy Policy and the Company does not have access or control over these third-party tracking technologies.
4. Purposes of Collection and Use
The Company may use the Personal Information it collects to:
- Send Users requested information about the Company’s products or services;
- Respond to requests submitted by Users;
- Administer User accounts;
- Send Users marketing communications;
- Respond to User questions and concerns; and
- Improve the Website and marketing efforts.
5. Our Disclosure of Your Personal Data and Other Information
INKY may disclose Personal Data to third-party service providers (such as providers of customer and lead management services, email communication and customer support services) and subcontractors (such as providers of compute and storage resources) who perform certain services or provide certain solutions on our behalf and under our instructions as necessary in connection with the performance of requested services or solutions. INKY maintains contracts with these third parties restricting their access, use and disclosure of Personal Data in compliance with the Privacy Shield Principles.
INKY may also disclose Personal Data as necessary in connection with the sale or transfer of all or part of its business.
INKY may also disclose Personal Data as required or permitted by law, or when INKY believes that disclosure is necessary to protect its rights or to comply with a judicial proceeding, a court order, a law enforcement request, or other legal process, or lawful requests by public authorities, including to meet national security or law enforcement requirements.
In addition to the above, we may share Personal Data about you with others to the extent you consent to such sharing.
6. Choice
Each User may access all its Personal Information which the Company has collected and maintained on the User by contacting the Company by mail, telephone or email at the contact information provided below. Such access by a User includes making changes, corrections, removing or amending account information, or other Personal Information the Company may have about a User. The Company will take commercially reasonable steps to verify a User’s identity prior to giving them access or making changes and corrections to personally identifiable information.
The Company will retain a User’s Personal Data for as long as the Company is providing a product, service or information to User which the User has requested or contracted to receive from the Company. The Company may also retain and use a User’s Personal Data as necessary to comply with legal obligations, enforce its agreements with the User, or to resolve a dispute.
Users have the right to choose (opt out) whether their Personal Data is: (a) to be disclosed to a third party, or (b) to be used for a purpose other than the purpose for which it was originally collected or subsequently authorized. Individuals may send opt out requests to the Company by mail, telephone or email at the contact information provided below. All Users, at any time, may request to opt-out of the Company’s marketing communications by clicking the ‘unsubscribe’ link located in the footer of all marketing communication, or may do so by contacting the Company by mail, telephone or email at the contact information provided below.
To opt out of AdRoll please visit this link; https://app.adroll.com/optout
In order to request that INKY not use an individual’s Personal Data, such individual should contact INKY by email at: privacy@INKY.com.
Individuals may also opt out of receiving marketing messages from INKY by notifying INKY at: privacy@INKY.com.
7. Data Integrity and Purpose Limitation
Consistent with the Privacy Shield Principles, we will limit collection of Personal Data to the information that is relevant for the purposes of processing and we will not process such Personal Data in a way that is incompatible with the purposes for which it has been collected or subsequently authorized by you. To the extent necessary for those purposes, we will also take reasonable steps to ensure that Personal Data is reliable for its intended use, accurate, complete and current. We will adhere to the Privacy Shield Principles for as long as we retain Personal Data about you.
8. Accountability for Onward Transfer
Pursuant to the Privacy Shield Principles, INKY remains accountable for Personal Data that it receives under the Privacy Shield and subsequently transfers to a third-party agent. In particular, INKY remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process the personal data on its behalf do so in a manner inconsistent with the Privacy Shield Principles, unless INKY proves that it is not responsible for the event giving rise to the damage.
9. Security
We are committed to securing all Personal Data provided to us. We have deployed and maintain reasonable and appropriate process and technology measures to provide reasonable assurance that your Personal Data is secured against loss, misuse and unauthorized access, disclosure, alteration and destruction.
10. Access
Upon request, INKY will grant individuals reasonable access to Personal Data that it holds about them. In addition, INKY will take reasonable steps to permit individuals to correct, amend, or delete information where it is inaccurate, or has been processed in violation of the Privacy Shield Principles. INKY will process all reasonable requests for access within a reasonable time period, but reserves the right to restrict access in cases where the legitimate rights of persons other than the individual would be violated or where the burden or cost of providing access would be disproportionate to the risks to the individual’s privacy.
11. Recourse; Enforcement
In compliance with the Privacy Shield Principles, INKY commits to resolve complaints about our collection or use of your personal information. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact INKY at: privacy@INKY.com
INKY has further committed to refer unresolved Privacy Shield complaints to the International Centre for Dispute Resolution, the international division of the American Arbitration Association (ICDR/AAA), an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please visit http://go.adr.org/privacyshield.html for more information or to file a complaint. The services of ICDR/AAA are provided at no cost to you.
With respect to Personal Data received or transferred pursuant to the Privacy Shield framework, INKY is subject to the regulatory enforcement powers of the US Federal Trade Commission.
In certain circumstances, the Privacy Shield Framework provides the right to invoke binding arbitration to resolve complaints not resolved by other means, as described in Annex I to the Privacy Shield Principles.
12. Comments
If you have any questions, comments or concerns about our privacy practices, please contact us via email using the address privacy@INKY.com.