For the purposes of this policy, Reflexis defines the term “client” as an entity with which Reflexis has an established relationship, the term “Participant” as any individual who responds to marketing campaigns by Reflexis or who is included as a contact in a client’s account, and the term “Visitor” as an individual that visits our front-end website (for example www.reflexisinc.com).
Any information stored on Reflexis’ platform is treated as confidential. All information is stored securely and is accessed by authorized personnel only. Reflexis implements and maintains appropriate technical, security and organizational measures to protect Personal Data against unauthorized or unlawful processing and use, and against accidental loss, destruction, damage, theft or disclosure.
In general, you may visit Reflexis’ website, http://www.reflexisinc.com, without providing us with any directly identifiable personal data. However, we may collect indirectly identifiable (pseudonymous) information from you, which includes your IP address used to track unique visits to our site for analytic purposes. In order to grant you access to protected and secure resources we may collect your full name, postal address and email address, to fulfill your requests for information including white papers, allow you to download updates to our products, or participate in feedback surveys. In other instances, we may ask you to provide us with information such as your product interests so that we can send you only the information that is useful to you, including articles, newsletters, product and service alerts, new product and service announcements and event invitations. When we collect your personal data, we will inform you as to why we are asking for information and how the information will be used. However, please note that providing directly identifiable personal data is optional. When you receive your confirmation email or when you receive any email from Reflexis, you will be given instructions on how to remove yourself from the list.
Reflexis’ accountability for personal data that it receives under the EU-US Privacy Shield framework and subsequently transfers internally or to a third party outside the European Economic Area (such as the United States) is described in further detail below. In particular, Reflexis remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process the personal data on its behalf do so in a manner inconsistent with the Principles, unless Reflexis proves that it is not responsible for the event giving rise to the damage.
When Reflexis processes personal data on behalf of others
When providing our software and providing Reflexis services to our corporate clients, Reflexis acts as a Data Processor. We need to collect and use personal data to enter into a contract with a client or to fulfill our contractual obligations. We may also use such data for our legitimate business interests to administer our platforms, provide access to interfaces and features, and to enforce our acceptable use policies and terms of service.
To the extent our clients need to collect and share, and allow us to process personal data of their employees and customers to enable our services, we will rely upon our clients to provide necessary privacy notices and to obtain required consents.
When Reflexis processes personal data for its own purpose
If you are a Visitor to our website only, and not a client of our platform or Participant, then this section is relevant for you.
By visiting this website, you consent to the collection and use of your Personal Data as described herein. If you do not agree with the terms set out herein, please do not visit this website. If required by applicable law, we will seek your explicit consent to process Personal Data collected on this website or volunteered by you. Kindly note that any consent will be entirely voluntary. However, if you do not grant the requested consent to the processing of your Personal Data, the use of this website may not be possible.
Such Personal Data may comprise your IP address, first and last name, your postal and email address, your telephone number, your job title, data for social networks, your areas of interest, interest in Reflexis products, and certain information about the company you are working for (company name and address), as well as information as to the type of relationship that exists between Reflexis and yourself.
We may also use the data collected from our website for our third-party analytics and marketing integration services, such as those provided by Google, LLC to help us track and optimize our website performance and client-facing marketing. Third parties may use both cookies and pixels to help us better manage content on our site by informing us what content is effective. These third parties are prohibited from using collected data for any purpose other than as a service provider to us.
We use these technologies with our website visitors in a de-identified fashion.
Reflexis takes commercially reasonable steps to ensure the ongoing confidentiality, integrity, availability and resilience of our systems and services processing your personal data.
Notably, we implement comprehensive antivirus, anti-spam, and spyware protection for the servers along with a full-fledged intrusion detection system coupled with robust firewalls and alerts system in place.
Reflexis uses the CA Threat management system, which comprehensively covers all types of threats. The AlertLogic IDS (Intrusion Detection System) manages network spoofing, botnet threats, and other similar DOS threats.
If you are our Client or prospect, you have enhanced rights under the GDPR. You may access, correct or request deletion of your personal data.
Reflexis abides by the Data Subject Rights requests referenced within GDPR Articles 13-22 with respect to:
- Right to be informed (about processing activities and applicable rights)
- Right to access data (or obtain data being processed)
- Right to rectify information (when outdated or incorrect)
- Right to erasure (and to be publicly forgotten)
- Right to object to processing (particularly activities based on consent)
- Right to restrict processing (when processing is deemed to be unlawful)
- Right to data portability (between proprietary systems in a common format)
- Rights related to automated decision making (including decisions based on profiling activities)
Reflexis has put into place operational processes to comply with all Data Subject Rights requests within 30 days when received, however we may need to verify certain Personal data fields to ensure we act upon the correct data.
If your business contact information changes, or if you would like to modify or remove your details, or to exercise your other rights, please contact firstname.lastname@example.org.
Additionally, Reflexis is required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
If you are a California resident, you have additional rights to request certain disclosures of personal information collected about you. Please click the link below leading to our California Data Privacy webpage.
All processing of Personal Data is performed in accordance with privacy rights and regulations following the EU Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 (the Directive), and the implementations of the Directive in local legislation. Please below details for Reflexis’ compliance with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework.
From May 25th, 2018, the Directive and local legislation based on the Directive will be replaced by the GDPR and Reflexis’ processing will take place in accordance with the GDPR.
You are entitled to know whether we hold information about you and, if we do, to have access to that information and require it to be deleted, limited or corrected if it is inaccurate. You can do this by contacting us via email@example.com. We encourage you to contact us should you have a Privacy Shield-related (or general privacy-related) complaint.
In compliance with the Privacy Shield Principles, Reflexis commits to resolve complaints about our collection or use of your personal information. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Reflexis at: firstname.lastname@example.org.
Reflexis has further committed to refer unresolved Privacy Shield complaints to JAMS, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact or visit https://www.jamsadr.com/about/submit-a-case. For more information or to file a complaint. The services of JAMS are provided at no cost to you. Reflexis is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC). Under certain circumstances, you may invoke binding arbitration as part of dispute resolution.
Changes will be posted on this page or on the GDPR or CCPA specific webpages if the changes pertain only under those laws. If we make a material change to our privacy practices, we will provide notice on the site or by other means as appropriate.
Reflexis believes that your data rights are important – to view Reflexis’ commitment to the General Data Protection Regulation (GDPR), please click here.
To view Reflexis’s commitment to the CCPA, please click here.
Effective: October 7, 2019