Stratus22 Privacy Policy

Last Updated September 2018

GENERAL INFORMATION

The following Privacy Policy governs our collection and handling practices of personal information of visitors and users of the pages and services of the Site. Specifically, it outlines the types of information that we gather about you while you are visiting and using the Site and the ways in which we use and don’t use that information. As used herein, the term “personal information” means information that specifically identifies an individual (such as a name, telephone number, mobile number, e-mail address, mailing address, test scores, grade point average, or credit card number), or information about that individual that is directly linked to personally identifiable information. Personal information does not include “aggregate” information, which is data we collect about the use of our website or about a group or category of services or users, from which individual identities or other personal information has been removed. This Privacy Policy in no way restricts or limits our collection and use of aggregate information. The terms “you,” “your,” “yours” and “User” refer to you, the user of this site.

Please read this Privacy Policy carefully. By visiting and using the Site, you expressly consent to our handling of your personal information in accordance with this Privacy Policy, and you agree that your use of the Site, and any dispute over privacy, is governed by this Privacy Policy and our Terms of Use. From time to time, we may change our Privacy Policy, in which case we’ll post the changes to this Privacy Policy on the Site. By continuing to use the Site after we post any such changes, you accept the Privacy Policy as modified. This Privacy Policy is incorporated into and subject to the terms of the Site’s Terms of Use.

This Privacy Policy has been developed also in accordance with the EU General Data Protection Regulation (GDPR).

Links to other sites
This Privacy Policy applies solely to information collected on the Site. The Site may contain links to third-party websites or resources, whose privacy policies and practices we do not control. Accordingly, we encourage you to read such third-party sites’ terms of use and privacy policies before using them, in order to understand whether and how they process data about your use thereof.

Collection and use of personal information

We collect personal information for the reasons listed below to enable us to operate our business on a reasonable basis and to provide you with a safe, smooth, efficient, and customized experience.

In general, you may visit the Site without providing us with or revealing any personally identifiable information about yourself. However, if you choose to register with the Site, you will be required to provide us with certain personal information, as described below. By providing us with such personal information, you explicitly agree to our collection and use of such information as described in this Policy.

When you register with the Site you provide us with two kinds of information: personal information you knowingly choose to disclose and Site use information collected by us as you interact with the Site.

When you register with the Site, you provide us with your name, email address and, on an optional basis, with your gender, location, age, etc., as well as with information about your educational and professional background and interests. In any case, PLEASE NOTE that the name and other personal information you provide to us are automatically published on the Site as part of your profile, i.e. they become available to the other registered users of the Site to whom you have allowed access to your profile (via your privacy settings). Accordingly, if you do not wish to make the above information available to the other users of the Site, please either configure your privacy settings accordingly and/or abstain from providing any optionally required data, or abstain entirely from registering with the Site. Similarly, when you submit reviews or ratings of any Site content such reviews and ratings will appear on the relevant content’s reviews as well as on your profile. If you do not wish such reviews and ratings to appear on your profile and/or on the content’s reviews, please set your privacy settings accordingly or abstain from submitting such reviews and ratings.

When you enter the Site, we collect your browser type and IP address. This information is gathered for all Site visitors. In addition, we may also use “cookies” or similar electronic tools to collect anonymous information, such as the date and time you accessed the Site, the pages you requested and visited, and the site you linked from to reach the Site. A cookie is a small text file that your web browser places on your hard drive for record-keeping purposes. By showing how and when visitors use the Site, cookies help us deliver advertisements, identify how many unique browsers visit us, and track user trends and patterns. They also prevent you from having to re-enter your preferences on certain areas of the Site where you may have entered preference information before. Most browsers are set to accept cookies by default. If you prefer, you can usually set your browser to disable cookies, or to alert you when cookies are being sent. The help function on most browsers contains instructions on how to set your browser to notify you before accepting cookies or to disable cookies entirely. However, it is possible that some parts of the Site will not function properly if you disable cookies.

When you use the Site, you may set up your personal profile, create and publish your own Library, create and participate in groups (eventually), attend and publish courses, organize and participate in conferences (eventually), place and answer questions, send messages, perform searches and queries, transmit information through various channels, etc. We collect this information so that we can provide you the service and offer personalized features, for example, so as to enable you to manage your knowledge, to return to view prior messages you have sent, to easily see your contact list, etc. When you update information, we usually keep a backup copy of the prior version for a reasonable period of time to enable reversion to the prior version of that information.

When needed (e.g. in order to bill you for any services rendered) we may ask for your credit card information. However, we do not store credit card information.

Please keep in mind that whenever you make your personal information available for viewing by third parties online – for example by putting it in your profile or contact information and allowing third parties to have access to it, by putting it on message boards, web logs, through email or in chat areas, etc. – that information can be seen, collected and used by others besides us. Similarly, other users of the Site can also see and may collect and use any content you have published on the Site, including courses, tests, questions, answers, offerings, etc. We cannot be responsible for any unauthorized third-party use of such information. Besides, although we allow you to set privacy options that limit access to your pages, please be aware that no security measures are perfect or impenetrable. Therefore, we cannot and do not guarantee that any content you post on the Site will not be viewed by unauthorized persons. We are not responsible for circumvention of any privacy settings or security measures contained on the Site. You understand and acknowledge that, even after removal, copies of any content posted by you on the Site may remain viewable in cached and archived pages or if other users have copied or stored it. In this respect, please also keep in mind that, whenever possible, personally identifiable information is requested at the Site on an optional basis, which means that it is you who choose what information you put in your profile, including contact and personal information, pictures, knowledge, interests and groups you join.

As mentioned above, the name under which you register with the Site is displayed and made available to the other registered users of the Site as part of your profile. All of your activities on the Site will be identifiable to your registered name. Accordingly, please keep in mind that if you register under your name, other registered users of the Site will be able to personally identify your activities on the Site.

Any personal information collected by us will be processed in adherence to applicable United States and European Data Protection legislation. Reasonable and appropriate measures are taken to ensure that your personal information is protected from unauthorized access or modification, unlawful destruction and improper use. However, the Internet is an open system and we cannot and do not guarantee that the personal information you have submitted will not be intercepted by others and decrypted.

Under no circumstances will we sell or rent any of your personally identifiable information or your contact information (even if not personally identifiable) to third parties for marketing purposes without your explicit prior consent. However, we may aggregate personal information in a manner that does not allow your identification as an individual and disclose such information to advertisers and other third parties for marketing and promotional purposes (e.g. for displaying targeted advertisements on the Site). Further, except as otherwise described herein, we will only share your personal information with third parties to carry out your instructions or to provide services, or as necessary to enforce our Terms of Use Agreement or protect the rights, property, or personal safety of Stratus22, LLC. For example, we may use a third party service provider to perform services such as billing users for fee-based services. In addition, we may transmit personal information to one or more third parties providing external hosting services to us. These third parties do not retain, share, or store any personal information except to provide these services (including all third party hosting services, which generally will store this information as part of the service they provide to us), and they are bound by confidentiality agreements limiting the use of your information.

We will use your personal information for the purpose for which you have provided it, i.e. for providing you with the Site’s services that you request, as well as for offering you personalized features and contacting you to inform you of new products, promotions, features and helpful tips for our services. Furthermore, we may use your personal information if deemed necessary to comply with the law, respond to claims, resolve disputes, troubleshoot problems, protect our computer systems and customers, ensure the integrity and operation of our business and systems, protect the rights, property or safety of the Site, any Site users, or other third parties, enforce our Terms of Use agreement, bill any amounts due from you, measure consumer interest in our products and services, customize your experience, and as otherwise described to you at the time of collection, use or disclosure.

You agree that we may also use your personal information to contact you and deliver information to you that are targeted to your interests, such as targeted advertisements, notices, offerings, and communications relevant to your use of the Site.

Any improper collection or misuse of information provided on the Site constitutes a severe violation of the Site’s Terms of Use and should be reported to us at our contact information given above.

If the ownership of all or substantially all of the Site or the services offered through it were to change, your user information may be transferred to the new owner, so the service can continue operations. In any such transfer of information, your user information would remain subject to the terms contained in any pre-existing Privacy Policy.

INFORMATION SECURITY
We store all user information in secure databases protected via a variety of industry-standard access controls. Secure passwords, SSL encryption and disk-based encryption, firewalls, and other electronic measures are in place that help us protect your data. We also maintain physical and procedural safeguards, such as secure areas in buildings, authentication procedures, training our employees in the proper handling of personal information, and limiting employee access to this information to those employees with a business need for access. We employ these measures to ensure this data is accessed only for the purposes specified in this privacy statement. When we use third parties to assist us, we require that they comply with all the same confidentiality and security measures. However, since the internet is not a 100% secure environment, we cannot ensure or warrant the security of any information you transmit to the Site. There is no guarantee that information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards. It is your responsibility to protect the security of your login and account information. Please note that emails, instant messaging, and similar means of communication are not encrypted, and we strongly advise you not to communicate any confidential information through these means.

stratus22.com uses industry best practices to keep any information collected and/or transmitted by the Services secure. This includes the use of HTTPS with TLS (Transport Layer Security), which encrypts all transmitted data, and OAuth 2.0 protocols for authentication and data transfer. Certain Personal Information, such as stratus22.com login details, is encrypted during transmission using TLS. Once validated within the stratus22.com system, passwords are deleted from the system. In addition, stratus22.com uses third-party vendors and hosting partners to provide the necessary hardware, software, networking, storage, and related technology required to run the Services. These vendors have been selected for their high standards of both physical and technological security, including ISO and SSAE16 certifications. When payments are processed via credit card,stratus22.com uses third-party vendors that are PCI-DSS Compliant. Submission of information over the Internet is never entirely secure.stratus22.com cannot guarantee the security of information submitted via the Services while it is in transit over the Internet and any such submission is at Client’s own risk, and this risk is specifically disclaimed in our Terms of Service. It is advisable that Client logs out of its Account at the end of every session and not leave a logged-in account unattended for any period of time, particularly if using a shared computer or device.

All information accessed through https://stratus22.com is in compliance with the required information security mandates of Article 32 of the GDPR. Specifically, Article 32 mandates the following:

  • Implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including inter alia as appropriate –
    • The pseudonymization and encryption of personal data
    • The ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services.
    • The ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident.
    • A process for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing.

Please note that refusal to provide Personal Information may result in our inability to provide the Services to you, to manage our relationship with you, or to improve the Services.

Accessing, modifying, rectifying and removing of personally identifiable information
You retain the right to access, modify, rectify or remove any personally identifiable information in our possession at any time. However, where you make use of the communication features of the Site to share information with other users of the Site (e.g., public comments, posts, discussions, etc.) you generally cannot remove such communications once posted. Accordingly, please keep in mind that even after you remove information from your profile or delete your account, copies of that information may remain viewable elsewhere to the extent it has been shared with others, it was otherwise distributed pursuant to your privacy settings, or it was copied or stored by other users.

Access and control over most personally identifiable information on the Site is available through the profile editing tools. Site users may modify, rectify or remove any of their profile information at any time by logging into their account. Information will be updated immediately. If you wish to deactivate your account or have us remove any personally identifiable information of yours from our databases, you may exercise these rights by contacting us at the contact information given above, on the condition that you can prove your identity.

California Privacy Rights. California Civil Code Section 1798.83 permits users that are California residents to request that we not share their personally identifiable information with third parties if we know or have reason to know that the third parties use the personally identifiable information for the third parties’ direct marketing purposes. For their protection, we exercise this right on behalf of our California users and require third parties hired by Stratus22 LLC, to keep all personally identifiable information related to California users secure and to not permit any use of personally identifiable information for direct marketing or any other purposes not authorized by Stratus22 LLC.

If you have any questions or concerns relating to this privacy policy, the security of the Site or any other relevant matter, please contact us at info@stratus22.com.

GDPR Data Privacy Rights

If you are an EU resident and stratus22.com is processing, and/or transmitting your personal data, then you – as an “EU data subject” – benefit from the following rights and privileges under the General Data Protection Regulation (GDPR) –

  • Right of Access: You have the right to obtain from us, as controllers, confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, access to the following personal data and information:
  1. The purposes of the processing;
  2. The categories of personal data concerned;
  3. The recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations;
  4. Where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
  5. The existence of the right to request from us rectification or erasure of personal data or restriction of processing of personal data concerning you or to object to such processing; (f) the right to lodge a complaint with a supervisory authority;
  6. Where the personal data are not collected from you, any available information as to their source; and
  7. The existence of automated decision-making, including profiling, along the lines indicated by Article 22(1) and (4) GDPR, and meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for you.
  • Right to Rectification: You have the right to obtain from us without undue delay the rectification of inaccurate personal data concerning him or her. Taking into account the purposes of the processing, you have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
  • Right to Erasure (“Right to be Forgotten): You have the right to obtain from us the erasure of your personal data without undue delay, and we have the obligation to erase personal data without undue delay when: a) your data are no longer necessary for the purposes for which they were collected; b) you had consented to the processing; c) you have objected to the processing, as per below; d) you persona data had been unlawfully collected; e) your personal data need to be erased as a matter of compliance with a legal obligation.
  • Right to Restriction of Processing: You have the right to obtain from us the restriction of processing if you: a) contest the accuracy of the personal data, until this is verified; b) the processing is unlawful but you don’t want erasure; c) we no longer need the persona data, but you require them to establish, exercise fo defend a legal claim; d) you have objected to processing but there is a need to verify whether our legitimate grounds override your rights to object.
  • Right to Data Portability: Where your personal data have been provided on the basis of your consent or for the performance of a contract, and their processing occurs in an automated way, you have the right to receive the personal data you have provided to us in a structured, commonly used and machine-readable format and have the right to transmit those data– or have directly transmitted – to another controller.
  • Right to Object: You have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data based on a legitimate ground point (e) or (f) of Article 6(1), including profiling based on those provisions. In this case, we can no longer process your personal data unless we show that there is a compelling legitimate ground for the processing which override your interests, rights and freedoms or for our establishment, exercise or defense of legal claims.

Information Storage and International Transfers
If you are in the EEA, in transferring your Personal Information to countries outside of the EEA, to the extent that we transfer the personal data to recipients who are located outside the European Union or the European Economic Area, we will provide an adequate level of protection of your personal data, including appropriate technical and organizational security measures and through the implementation of appropriate contractual measures to secure such transfer, in compliance with applicable law, and will inform you accordingly.