Rapid Ratings International Inc., together with its subsidiaries (“we”, “our”, “us”) provide this policy to explain our practices regarding the collection and processing of information collected from or about the users of any online portal or website where this policy is posted (“Site”) and our business contacts. Please read the following carefully to understand our views and practices regarding your information and how we will treat it.
For personal data received from the European Union and European Economic Area (“EU Personal Data”), RapidRatings complies with the General Data Protection Regulation (“GDPR”). As part of our GDPR compliance efforts we are certified with the E.U. – U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce. Where this policy refers to “EU Personal Data,” the policy applies to data covered by the GDPR; where the policy refers to “U.S. Personal Information,” the policy applies to the subset of data defined in the Information Collection section below; and where the policy refers to “information,” the policy covers both EU and U.S. data generally.
Lawful Basis of Processing for EU Personal Data
We process EU Personal Data: to carry out our contracts; abide by law; and based on your consent. To the extent that processing is based on consent, you have the right to withdraw consent at any time (see the Data Rights section of this policy). We also process EU Personal Data when it is in our legitimate interests to do so and when these interests are not overridden by your rights. For example, we process data for: preventing fraud; sharing data among subsidiaries for internal purposes; ensuring network and information security; reporting criminal acts or threats to public security; direct marketing; establishing legally binding agreements with third parties; billing third parties; and taking internal measures to improve Site functionality and analyse usage. We will process EU Personal Data when it is necessary to protect your vital interests or the vital interest of another person or if processing is necessary for the performance of a task carried out in the public interest as governed by law.
We collect and process the following information, including U.S. personal information and EU Personal Data:
- Information you give us. You give us information about you by filling in forms on our Site or by corresponding with us. The information you give us includes your name, address, e-mail address and phone number, financial and credit card information (where you purchase a Rapid Ratings service/product) (“U.S. Personal Information”). This also includes information you provide when you register to use our Site, subscribe to our service, use our products and services, place an order on our Site, participate in discussion boards or other social media functions on our Site, enter a competition, promotion or survey, apply for a vacancy advertised on our Site, and when you report a problem with our Site.
- Information we collect about you. With regard to each of your visits to our Site we automatically collect the following information:
- technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
- information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our Site (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page.
- Information we receive from other sources. We receive information about you, including U.S. Personal Information and EU Personal Data, if you use any of the other websites we operate or the other services we provide. We also work closely with third parties (including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies) and receive information from them.
Use of the Information
We, and our subsidiaries, use information held about you, including U.S. Personal Information and EU Personal Data, in the following ways:
- Information you give to us. We will use this information:
- to carry out our obligations arising from any contracts entered into between you and us and to provide you with the information, products and services that you request from us;
- to provide you with information about other goods and services we offer that are similar to those that you have already purchased or enquired about;
- to provide you, with information about goods or services we feel may interest you. If you are an existing customer, we will only contact you by electronic means (e-mail or SMS) with information about goods and services similar to those which were the subject of a previous sale or negotiations of a sale to you.
- to notify you about changes to our service;
- to ensure that content from our Site is presented in the most effective manner for you and for your computer;
- to prevent fraud;
- to ensure network and information security;
- to report criminal acts or threats to public security; and
- to administer our Site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes.
- Information we collect about you. We will use this information:
- to provide or improve our products and services
- to administer our Site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- to improve our Site to ensure that content is presented in the most effective manner for you and for your computer;
- to allow you to participate in interactive features of our service, when you choose to do so;
- as part of our efforts to keep our Site safe and secure;
- to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you;
- to prevent fraud;
- to ensure network and information security;
- to report criminal acts or threats to public security; and
- to make suggestions and recommendations to you and other users of our Site about goods or services that may interest you or them.
- Information we receive from other sources. We combine this information with information you give to us and information we collect about you. We use this information and the combined information, including U.S. Personal Information and EU Personal Data, for the purposes set out above (depending on the types of information we receive).
Disclosure of your Information
We share your information, including U.S. Personal Information and EU Personal Data, with any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries.
We share your information with selected third parties including:
- Business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you.
- Advertisers and advertising networks that require the data to select and serve relevant adverts to you and others. See the Digital Advertising section of this policy for more information.
- Analytics and search engine providers that assist us in the improvement and optimization of our Site.
- Partners for the purposes of determining whether to enter into contracts with you.
We also disclose your information to third parties:
- In the event that we sell or buy any business or assets, in which case we may need to disclose your information to the prospective seller or buyer of such business or assets.
- If Rapid Ratings International Inc., or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
- If we are under a duty to disclose or share your information in order to comply with any legal obligation, or in order to enforce or apply our terms of and other agreements; or to protect the rights, property, or safety of Rapid Ratings International Inc., our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.
Where We Store Your Personal Data
To help prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect. We use a variety of security technologies and procedures to help protect your information from unauthorised access, use, or disclosure. While RapidRatings’ takes all due care in ensuring the privacy and integrity of the information that you provide, we recognise that no data transmission over the Internet can be guaranteed to be 100% secure. The possibility exists that this information could be unlawfully observed by a third party while in transit over the Internet. RapidRatings accepts no liability should this occur.
We retain EU Personal Data only as long as we have a legitimate business purpose to retain such data in accordance with our data retention schedule and/or as otherwise required by applicable law.
E.U. – U.S. Privacy Shield
RapidRatings complies with the E.U. – U.S. Privacy Shield as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of EU Personal Data transferred from the European Union to the United States. RapidRatings has certified to the Department of Commerce that it adheres to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability, and the 16 Supplemental Principles (collectively, “Privacy Shield Principles”), and such adherence is subject to investigation and enforcement by the U.S. Federal Trade Commission.
RapidRatings’ participation in the Privacy Shield applies to all EU Personal Data transferred from the European Union and European Economic Area to RapidRatings in the United States, including (but not limited to), EU Personal Data collected or otherwise processed by RapidRatings on behalf of its Europe-based customers and other users of its Site and services. RapidRatings will comply with the Privacy Shield Principles in respect of such personal data. If there is any conflict between the terms in this policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. RapidRatings’ adherence to the Privacy Shield Principles, including disclosure rules, may be limited in response to lawful requests by public authorities, for instance to meet national security, public interest, or law enforcement requirements.
RapidRatings’ accountability for EU Personal Data that it receives under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, RapidRatings remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process such EU Personal Data on its behalf do so in a manner inconsistent with the Privacy Shield Principles, unless RapidRatings proves that it is not responsible for the event giving rise to the damage (if any).
Individuals whose EU Personal Data is transferred to RapidRatings under the Privacy Shield have the right to access their personal data maintained by RapidRatings, and to correct, amend or delete such data where it is inaccurate or processed unlawfully, as described in the Privacy Shield Principles. To exercise any of these rights, please email the RapidRatings Legal Department at email@example.com.
In addition, RapidRatings provides individuals whose data is transferred to Rapid Rating under the Privacy Shield with certain choices regarding how RapidRatings uses and discloses personal data. First, if RapidRatings uses such data for a materially different purpose than that for which it was originally collected or discloses your personal data to a third party (other than third party providers acting on our behalf), RapidRatings will first provide you with a clear, conspicuous and readily available mechanism to opt-out of any such use or disclosure (e.g., by sending you an email seeking your consent). In addition, all of our email communications include the ability to opt-out from receiving future emails, except those emails that are necessary to provide you with the services you have requested or purchased. If you have any questions about your choices regarding how we use and disclose your data, or how to exercise these choices, please email the RapidRatings Legal Department at firstname.lastname@example.org.
We encourage you to contact us should you have a Privacy Shield-related (or general privacy-related) complaint or inquiry by emailing the RapidRatings Legal Department at email@example.com. For any complaints that cannot be resolved with RapidRatings directly, RapidRatings has chosen to cooperate with JAMS, an alternative dispute resolution provider, to resolve such complaints at no cost to you. Please visit www.jamsadr.com/eu-us-privacy-shield for more information or to file a complaint. As further explained in the Privacy Shield Principles, a binding arbitration option will also be made available to you in order to address residual complaints not resolved by any other means.
To learn more about the Privacy Shield program, please visit www.privacyshield.gov. To view our certification, please visit www.privacyshield.gov/list.
Third Party Links
Our Site will, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
Rights Over EU Personal Data
We will assist you if you choose to exercise any of your rights over your EU Personal Data, including:
- Withdrawing your previously granted consent; however, this will not invalidate any previously consented processing
- Providing confirmation as to whether or not EU Personal Data is being processed and access to personal data that we hold or process
- Correction of any EU Personal Data that is incorrect
- Erasure of any EU Personal Data that we process in certain circumstances
- Restrict processing of your EU Personal Data in certain circumstances
- Asking us to provide you or another company you nominate with certain aspects of your EU Personal Data, often referred to as ‘the right to portability’
- The ability to object to any processing of EU Personal Data where we are processing the data for our legitimate interests
- As applicable, the ability to contest a decision made entirely by automated processing, to express your point of view and to request that a human review the decision
For more information on these rights you can contact firstname.lastname@example.org.
For more information about interest-based advertising on your desktop or mobile browser, and your ability to opt out of this type of advertising by third parties that participate in the Digital Advertising Alliance (“DAA”), please visit the DAA Self-Regulatory Program. Please note that any opt-out choice you exercise through these programs will apply to interest-based advertising by the third parties you select, but will still allow the collection of data for other purposes, including research, analytics, and internal operations. You may continue to receive advertising, but that advertising may be less relevant to your interests.
If you use a different browser or device or clear your cookies you may need to opt-out again.
Our services and this website are not intended for children under the age of 16, and we do not knowingly collect information from children under the age of 16.
You also have the right to lodge a complaint with data protection authorities. You may contact the relevant Data Protection Authority in your country of residence.
Updated: May 23, 2018