Website Privacy Policy – GDPR, Privacy Shield and CCPA

For the purposes of this document, SiteSpect refers to three corporate entities:

  • SiteSpect, Inc., located in Auburndale, Massachusetts, United States
  • SiteSpect Limited, located in Derby, Derbyshire, United Kingdom
  • STSP Europe BV (d/b/a SiteSpect Europe), located in Breukelen, The Netherlands

SiteSpect is committed to meeting all European Union (EU) General Data Protection Regulation (GDPR) requirements, and the California Consumer Protection Act (CCPA or CaCPA).

SiteSpect complies with the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries, the United Kingdom, and Switzerland transferred to the United States pursuant to Privacy Shield.  SiteSpect has certified that it adheres to the Privacy Shield Principles with respect to such data. If there is any conflict between the policies in this privacy policy and data subject rights under the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/.

SiteSpect is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).

Information Collected

When you visit the SiteSpect public website (the Site), our systems automatically collect certain information about your visit, such as the type of Internet browser you use, the website from which you have come to the Site and your IP address (the unique address which identifies your computer on the internet). We use automatically collected information to assist us in providing and improving the Site, and to collect broad demographic information for aggregate use. We do not use automatically collected information to learn any information about you personally. We may use such information to identify specific companies that are interested in our services and to market to those companies generally.

The Site may collect non-personal information using cookies, pixel tags, web beacons, embedded web links, and similar technologies. All of such information tells about how the website is being used and helps us tailor our website to the needs of our visitors. If you are visiting our site from a location within the EU you will be asked to provide consent to this collection.

The Site may include certain social media features (such as a “share” or “like” button). Those features are provided by the applicable social media platforms (such as Twitter or Facebook). Where information is collected through the social media feature, the use of that information is governed by the privacy policy published by the social media platform that provides the feature.

Collecting Personal Information

“Personal Information” is information that is used to identify a discrete individual person. We may collect Personal Information in a variety of ways including:

  • Through web pages on the Site (e.g. when you request a white paper or complete a form for general or partner inquiries);
  • Through responses to an online, email or electronic promotion or survey;
  • Over the telephone.

Such Personal Information may include:

  • Your name, email address, postal address or telephone number;
  • Your title, company name and address;
  • Details of the resources you access on the Site and any data you download;
  • Details of other engagements with SiteSpect, such as trade show interactions.

Individuals have the right to request that SiteSpect limit the use and disclosure of personal data to third parties. Such requests should be made to dpo@sitespect.com and will be processed within a reasonable timeframe.

Using Personal Information

We use your Personal Information in a number of ways including:

  • To assist in responding to your inquiries, including answering your questions on pricing and technical information relating to SiteSpect’s services;
  • To learn more about your requirements (through surveys and the like) in support of development of our service;
  • To carry out research on our users’ demographics;
  • To send you information we think you may find useful about our services;
  • To subscribe you to our newsletter and alerts concerning the services we provide;
  • To request your opinion and feedback on areas of the Site or in connection with our services.

We may obtain information from third parties to combine with the Personal Information we have gathered as described in this Policy, in order to improve our marketing activities and to ensure the details we hold are relevant and up-to-date. Also, if we provide a means for you to refer a third party to the Site, we may send the third party an email on your behalf with details about the Site. SiteSpect will not use the third party’s information for any other purpose.

You can unsubscribe to emails by following the unsubscribe instructions on any email communications sent to you, or you can remove your information from our email database by visiting our preferences center, or by post at the address provided at the bottom of this policy.

SiteSpect acknowledges that EU and Swiss individuals, pursuant to Privacy Shield, have the right to access the personal information that we maintain about them. An EU or Swiss individual who seeks access, or who seeks to correct, amend, or delete inaccurate data, should direct their query to dpo@sitespect.com or through any of the means listed in the Contacting Us section below. If requested to remove data, we will respond within a reasonable timeframe.

Information Sharing and Disclosure

  • We do not sell or rent Personal Information to third parties. We do not share Personal Information, except as expressly provided in this Privacy Policy.
  • We may disclose aggregate statistics about visitors to the Site in order to describe our services generally, including on our website and to prospective partners and other third parties, but these statistics will not include Personal Information.
  • We may disclose your Personal Information to our reseller partners to allow them to provide marketing information on our behalf as described above.
  • We may disclose your Personal Information to service providers who assist us in: (i) website hosting and maintenance; (ii) sending communications; (iii) updating marketing lists and database management; (iv) analyzing data; and (v) in other tasks relevant to the provision of the Site and the marketing of our services. Our service providers will only use your Personal Information to the extent necessary to perform their functions and will be subject to contractual obligations to maintain the security and confidentiality of all information they process.
  • In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. We may also disclose your Personal Information to any regulatory or law enforcement agency if we believe that such action is necessary to protect the rights, property or personal safety of SiteSpect, its customers or any third party.

In cases of onward transfer to third parties of data of EU or Swiss individuals received pursuant to the EU-US and Swiss-US Privacy Shield Frameworks, SiteSpect is potentially liable.

Storage and Transfer of Your Personal Information

We may transfer your Personal Information to our affiliates, which may process your Personal Information outside the European Economic Area; provided our affiliates will process information in accordance with the EU’s GDPR, the EU-U.S. Privacy Shield Framework and the Swiss – U.S. Privacy Shield Framework and certain contractual obligations established to protect your Personal Information.

The controller of your information is SiteSpect, Inc. or any subsidiary of SiteSpect, Inc. that collected your information.

Security

SiteSpect has a comprehensive and mature Information Security program and is committed to the privacy and security of the data that may be shared with us.  Any information stored or passing through our network is treated as confidential.  All information is stored securely and is accessed by authorized personnel only.  SiteSpect implements and maintains appropriate technical, security, and organizational controls to protect all personal data against unauthorized or unlawful processing and use, and against accidental loss, destruction, damage, theft or disclosure.  While we use all reasonable efforts to prevent the loss or misuse of your Personal Information, we cannot guarantee the security of any Personal Information you submit via the Site.

Public Forums

The Site may, from time to time, make blogs, message boards, news groups or other public forums available to its users. Any information that is disclosed in these areas becomes public information and you should exercise caution when using these and never disclose your Personal Information. We are not responsible for any Personal Information you post in public forums.

External Links

The Site may, from time to time, contain links to external sites. We are not responsible for the privacy policies or the content of such sites and you should familiarize yourself with such policies upon use of such sites.

EU-US and Swiss-US Privacy Shield

In compliance with the Privacy Shield Principles, SiteSpect commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to Privacy Shield. European Union and Swiss individuals with Privacy Shield inquiries or complaints should first contact SiteSpect at dpo@sitespect.com or through any of the means listed in the Contacting Us section below.

SiteSpect has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers  for more information and to file a complaint. This service is provided free of charge to you.

If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms.  See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction.

Your California, US Privacy Rights

If you are a California, US resident, note that SiteSpect, Inc. does not share or sell website visitor data to third parties. Under the CCPA law, you may request (a) a notice disclosing the categories of personal information about you that we have shared with third parties for their direct marketing purposes during the preceding calendar year, and (b) that we delete any information we have collected about you. To request either or both of these actions, please submit your request using the instructions listed under the Contacting Us section below. Please allow 30 days for a response.

Contacting Us

Please submit any data requests, questions, or comments related to this Privacy Policy by email to dpo@sitespect.com, or in writing to the following postal address.  If you are requesting us to take action on your behalf, please include your SSID cookie identifier(s) so that we may accurately verify and retrieve your information.

SiteSpect, Inc.
Attn: Data Privacy Officer
275 Grove St, Suite 3-400
Auburndale, MA 02466
USA

For inquiries and complaints from EU individuals relating to your GDPR rights, you may contact the appropriate national supervisory authority. A list of these authorities may be found here: http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm.