|
|
 |
| Data Privacy Policy |
Thank you for visiting the TRG Customer Solutions Web site. This policy establishes how we will handle information we learn about you from your visit to our site. Please be assured that the privacy of our visitors is of utmost importance to us. We collect no personally identifiable information about you when you visit our site unless you choose to provide that information to us.
The specific practices outlined in this privacy statement apply to Web sites maintained by or on behalf of The Resource Group and its affiliates. Other organizations within The Resource Group may have slightly different practices, though the overarching commitment to your privacy will always be the same. You are encouraged to review the privacy policies of other organizations when visiting their Web sites. Some of our Web pages contain links to Web sites outside TRG Customer Solutions. Please be aware that when you follow a link to another site, you are then subject to the privacy policies of the new site.
Automatic Collections: For each HTTP (which is what your Web browser generates when you request a page or part of a page from a Web site) request received, we collect and store only the following information: |
| |
 |
the date and time |
|
the originating IP address |
|
the type of browser and operating system used (if provided by the browser) |
|
the URL of the referring page (if provided by the browser) |
|
the object requested completion status of the request pages visited |
|
| |
How the Information is Used: We use the information that we collect to measure the number of visitors to the different areas of our sites, and to help us make our sites more useful to visitors. This includes analyzing these logs periodically to determine the traffic through our servers, the number of pages served, and the level of demand for pages and topics of interest.
How Long is the Information Retained: The logs may be preserved indefinitely and used at any time and in any way necessary to prevent security breaches and to ensure the integrity of the data on our servers.
Interaction with Children: The Resource Group sites do not provide content to children and do not collect personally identifiable information from these visitors. Therefore, the requirements of the Children’s Online Privacy Protection Act (COPPA) is not incorporated in this privacy policy.
Cookies: The Resource Group does not use “persistent cookies” or any other persistent tracking methods to collect personally identifiable information about visitors to its Web sites. Cookies are small files that Web servers place on a user’s hard drive. They can serve several functions: |
| |
|
they allow the Web site to identify you as a previous visitor each time you access a site; |
|
they track what information you view at a site (important to commercial sites trying to determine your buying preferences); |
|
in the more advanced cases they track your movements through many Web sites but not the whole Web; |
|
businesses use them for customer convenience to allow them to produce a list of items to buy and pay for them all at one time and to garner information about what individuals are buying at their sites; |
|
advertisers use them to determine the effectiveness of their marketing and offer insights into consumer preferences and tastes by collecting data from many Web sites; |
|
and they can be used to help a Web site tailor screens for each customer’s preference. |
|
| |
To protect your privacy, be sure to close your browser completely after you have finished conducting business with a Web site that does use cookies. If you are concerned about the potential use of the information gathered from your computer by cookies, you can set your browser to prompt you before it accepts a cookie. Most Internet browsers have settings that let you identify and/or reject cookies.
Personal Information via Forms: Some of our sites provide forms allowing visitors to submit search engine queries, questionnaires, feedback, or other information. Some of these forms may request personally identifiable information (e.g., name, address, e-mail address) for specific purposes, such as when the submitter is requesting a personal response, registering for a conference, or subscribing to a mailing list. All information submitted by visitors is voluntary.
We may store non-personally identifiable information we collect (such as search engine queries and anonymous survey responses) indefinitely to help us better understand and meet the needs of our visitors. We may share non-personally identifiable information with others, including the public, in aggregated form (for instance, in a list of our most popular search engine queries), in partial or edited form (such as in a report summarizing responses to a questionnaire), or verbatim (for example, in a complete listing of survey responses). |
| |
| Before collecting personally identifiable information, we will prominently disclose: |
| |
|
why we are requesting the information; |
|
how it will be used; |
|
how long it may be retained; and |
|
under what conditions, and with whom, it may be shared. |
|
| |
Consent to Information Collection /Sharing: Generally, we will not share any personally identifiable information you give us with any government agency, private organization, or the public, except with your consent or as required by law. By pressing the “submit” button, each visitor constitutes consent to use the information for purposes stated in this policy.
How e-mail is Handled: By sending us an electronic mail message (for example, an e-mail message containing information request), you may be sending us personally-identifying information. In these cases, we may retain the information as long as necessary to respond to your request or otherwise resolve the subject matter of your e-mail. Please be aware that email is not necessarily secure from interception or misdirection. For your own protection you may wish to communicate sensitive information using a method other than email.
Information Protection: We want to be very clear: regardless of the information being transmitted to any TRG Customer Solutions site, we will protect all such information consistent with applicable.
For site security purposes and to ensure that this service remains available to all users, this computer system employs software programs to monitor network traffic to identify unauthorized attempts to upload or change information, or otherwise cause damage to the information on our Web sites. Unauthorized attempts to upload information or change information on this service are strictly prohibited and may be punishable under the Computer Fraud and Abuse Act of 1986.
Except for authorized law enforcement investigations, no other attempts are made to identify individual users or their usage habits. Raw data logs are used for no other purposes and are scheduled for regular destruction.
The Resource Group may share information received from its Web sites with other TRG affiliates. For example, if a breach of our IT security protections were to occur, the information collected by our servers and staff could be shared with appropriate law enforcement and Security officials.
Dispute Resolution: If for some reason you believe this site has not adhered to these principles, please notify the Director of Security and Compliance by e-mail at security@trgworld.com. If our web pages are not fully in compliance with our stated policies, they will be corrected. |
| |
| Safe Harbor Policy |
| |
| TRG Customer Solutions respects individual privacy and values the confidence of its customers, employees, vendors, business partners and others. TRG strives to collect, use and disclose Personal information in a manner consistent with the laws of the countries in which it does business, and has a tradition of upholding the highest ethical standards in its business practices. TRG abides by the Safe Harbor Principles developed by the U.S. Department of Commerce and the European Commission and the Frequently Asked Questions (FAQs) issued by the Department of Commerce on July 21, 2000. This Safe Harbor Privacy Policy (the “Policy”) sets forth the privacy principles that TRG follows with respect to transfers of Personal information anywhere in the world, including transfers from the European Economic Area (EEA) (which includes the twenty-seven member states of the European Union (EU) plus Iceland, Liechtenstein and Norway to the United States. |
| |
| 1. SAFE HARBOR |
| |
The United States Department of Commerce and the European Commission have agreed on a set of data protection principles and frequently asked questions (the “Safe Harbor Principles”) to enable US companies to satisfy the requirement under European Union law that adequate protection be given to Personal information transferred from the EU to the United States. The EEA also has recognized the US Safe Harbor as providing adequate data protection (OJ L 45, 15.2.2001, p.47). Consistent with its commitment to protect Personal privacy, TRG adheres to the Safe Harbor Principles.
TRG has a Privacy Officer who is responsible for TRG’s compliance with and enforcement of this Policy. TRG educates its employees concerning compliance with this Policy and has self-assessment procedures in place to assure compliance. TRG’s Privacy Officer is available to any of its valued employees, customers, vendors, business partners or others who may have questions concerning this Policy or data security practices. Relevant contact information is provided below. |
| |
| 2. SCOPE |
| |
This Policy applies to all Personal information received by TRG in any format including electronic, paper or verbal. TRG provides customized computer services designed to help companies manage their telecom facilities more effectively, increase profitability and reduce operational costs.
TRG collects and processes call detail records from customer telephone phone equipment, local and long distance carriers for the purpose of providing cost allocation, traffic analysis, fraud notification and other reports used for management of corporate telecom facilities. During this process, some or all the following information may be provided to TRG by the customer based upon the scope of services to be rendered and local privacy laws: |
| |
|
Company Name |
|
Organizational Hierarchy |
|
Department Name |
|
Employee Name |
|
Employee Title |
|
Telephone or Extension Numbers |
|
Telephone or Extension Numbers |
|
| |
Processed call information is made available to customers via a secured web interface or delivered directly to authorized customer recipients based upon customer instruction. TRG does not own or control any of the information it processes on behalf of TRG’s customer. All such information is owned and controlled by TRG’s customer. In this capacity TRG receives information transferred from the EU to the US merely as a processor on behalf of its customer and TRG's customer remains the data controller.
TRG will not sell or share this information with third parties unless required to do so by law. On a global basis, TRG will, and will cause its affiliates to, establish and maintain business procedures that are consistent with this Policy.
All Personal information collected by TRG will be used for legitimate business purposes consistent with this Policy. |
| |
| 3. PROCESSING CONTRACTS |
| |
Before starting any processing on behalf of TRG’s customer, TRG will enter into a processing contract with the EU data controller responsible for the personal information pursuant to the applicable EU Member State Data Protection law. The processing contract ensures that the EU data controller (TRG's customer) will be in compliance with the Member State Data Protection law. Any data processed by TRG will not be further disclosed to third parties except where permitted or required by the processing contract, EU Safe Harbor or the applicable Member State Data Protection law. Any information which TRG’s customer (acting as the EU controller) identifies as sensitive will be treated accordingly.
The processing contract will also specify that the processing will be carried out with appropriate data security measures. TRG has in place measures to protect personal information from loss, misuse, unauthorized access, disclosure, alteration and destruction. |
| |
| 4. PRIVACY PRINCIPLES |
| |
The privacy principles in this Policy are based on the seven Safe Harbor Principles. NOTICE: Where TRG collects Personal information directly from individuals, it will inform them about the purposes for which it collects and uses Personal information, the parties to which that information may be accessible, and the choices and means, if any, TRG offers individuals for limiting the use and disclosure of their Personal information. Notice will be provided in clear and conspicuous language when individuals are first asked to provide Personal information to TRG, or as soon as practicable thereafter. TRG may disclose Personal information if required to do so by law or to protect and defend the rights or property of TRG.
Inquires or complaints regarding TRG's adherence to this policy should be directed to the TRG Privacy Officer identified in section 5 below. |
| |
| CHOICE: |
| |
As Personal information provided to or collected by TRG is never disclosed to a non-agent third party, or used for a purpose other than the purpose for which it was originally collected and as TRG's customer controls what level of Personal information is made available for TRG processing, there is no need to offer individuals the opportunity to choose (opt-out) not to have their Personal information disclosed.
TRG will provide individuals with reasonable mechanisms to exercise their choices should requisite circumstances arise. |
| |
| TRANSFERS TO AGENTS: |
| |
| Although it is TRG's intent to provide contracted services without use of Agents, certain circumstance may require the assistance of a reputable Agent as a subcontractor. In such circumstances TRG will obtain assurances from its Agents that they will safeguard Personal information consistently with this Policy. Where TRG has knowledge that an Agent is using or disclosing Personal information in a manner contrary to this Policy, TRG will take reasonable steps to prevent or stop the use or disclosure. TRG holds it Agents accountable for maintaining the trust our employees and customers place in the company. ACCESS: Upon request, TRG will grant individuals reasonable access to Personal information that it holds about them. In addition, TRG will take reasonable steps to permit individuals to correct, amend or delete information that is demonstrated to be inaccurate or incomplete. |
| |
| SECURITY: |
| |
| TRG will take reasonable precautions to protect Personal information in its possession from loss, misuse and unauthorized access, disclosure, alteration and destruction. TRG protects data in many ways. Physical security is designed to prevent unauthorized access to database equipment and hard copies of sensitive Personal information. Electronic security measures continuously monitor access to our servers and provide protection from hacking or other unauthorized access from remote locations. This protection includes the use of firewalls, restricted access and encryption technology. TRG limits access to Personal information and data to those persons in TRG’s organization, or as agents of TRG, that have a specific business purpose for maintaining and processing such Personal information and data. Individuals who have been granted access to Personal information are aware of their responsibilities to protect the security, confidentiality and integrity of that information and have been provided training and instruction on how to do so. |
| |
| DATA INTEGRITY: |
| |
| TRG will use Personal information only in ways that are compatible with the purposes for which it was collected or subsequently authorized by the individual. TRG will take reasonable steps to ensure that Personal information is relevant to its intended use, accurate, complete and current. |
| |
| ENFORCEMENT: |
| |
| TRG will conduct internal compliance audits of its relevant privacy practices to verify adherence to this Policy and the US Department of Commerce Safe Harbor Principles. Any employee that TRG determines is in violation of this Policy will be subject to disciplinary action up to and including termination of employment |
| |
| 5. DISPUTE RESOLUTION |
| |
Any questions or concerns regarding the use or disclosure of Personal information should be directed to the TRG Privacy Officer at the address given below. TRG will investigate and attempt to resolve complaints and disputes regarding use and disclosure of Personal information in accordance with the principles contained in this Policy. For complaints that cannot be resolved between TRG and the complainant, TRG agrees to participate in a dispute resolution procedure with The DMA Safe Harbor program, an independent, third party service to resolve the complaint.
Submit written inquiries to:
TRG Customer Solutions 200 Industry Drive Pittsburgh PA 15275 Attention: Vincent Lape, Director of Security and Compliance
Or send via email to: security@trgworld.com |
| |
| 6. CHANGES TO THIS SAFE HARBOR PRIVACY POLICY |
| |
| The practices described in this Policy are current Personal data protection policies as of May 06, 2008. TRG reserves the right to modify or amend this Policy at any time consistent with the requirements of the Safe Harbor Principles. Appropriate public notice will be given concerning such amendments. |
|
|
|
|
| |
|
|
|
