This privacy notice (“Notice”) provides information on the collection, use, sharing and processing of Personal Data by Oversight Systems, Inc. (“Oversight”) in connection with your use of Oversight websites, live or web events, social media pages, and sales and marketing activities.
We may have links on our website to other websites we do not operate. If you click on a third-party link, you will be taken directly to that site which is governed by its own privacy notice. We strongly encourage you to read that privacy notice. We do not control that site and assume no responsibility for the content, policies or its practices.
This Notice was last updated November 16, 2021. We may periodically change or update this Notice to comply with legal requirements or changing business needs, so we encourage you to come back and read it periodically.
“Personal Data” means data that can be used to identify an individual. Personal Data we may collect includes:
Company, Job title/Role;
Publicly available information such as social media posts;
Information on your interaction with our website, such as your site navigation, pages clicked or viewed, and date and time of activities.
Like many websites, we collect certain information automatically and store it in log ﬁles. The information may include internet protocol (IP) addresses, the region or general location where your computer or device is accessing the internet, browser type, operating system and other usage information.
Oversight does not require and we request that you do not send us any sensitive Personal Data such as social security or national identification numbers, information related to racial or ethnic origin, political opinions, religious beliefs, health data, biometrics or genetic information, criminal background or trade union membership information.
The information that we process relating to you is used for
Marketing and sales;
Improving the content and performance of our website;
Providing you with a more personal overall experience;
Communications with you;
Delivering functionality on our sites and for their technical and functional management;
Managing the security of our sites, networks and systems;
Complying with applicable laws and regulations and to operate our business;
Oversight is relying on the following lawful grounds to collect and process personal data:
We have a legitimate interest in communicating with you and responding to your requests.
In order to engage in transactions with clients, we need to process Personal data necessary to enter into or perform a contract with you.
Based on your consent, we process Personal Data for marketing and sales activities where so indicated on our sites at the time your personal information was collected, and then based on our legitimate interest to market and promote our services.
In order to analyze, develop, improve and optimize our website and services, and to maintain the security of our website, networks and systems we rely on legitimate interest.
In order to comply with applicable laws and regulations, such as to comply with a subpoena or other legal process, or to process an opt-out request.
Oversight does not sell your Personal Data. We will share or disclose your information in the following ways:
With third party service providers, agents, or contractors. We use other companies, agents or contractors ("Service Providers") to perform services on our behalf or to assist us with providing services to you. For example, we may engage Service Providers to provide services such as marketing, advertising, communications, and to analyze and enhance data (including data about users' interactions with our service). These Service Providers may have access to your personal data in order to provide these functions. In addition, some of the information we request may be collected by third party providers on our behalf. Service Providers are under confidentiality agreements and we do not authorize them to use or disclose your personal information except in connection with providing their services.
Analytics. Specifically, for analytics providers, we use Google Analytics. Google Analytics which is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Service. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network.
Business Transfers. We may engage in a merger, acquisition, bankruptcy, dissolution, reorganization, or similar transaction or proceeding that involves the transfer of the information described in this Notice. In such transitions, customer information is typically one of the business assets that is transferred or acquired by a third party. In the unlikely event that we or substantially all of our assets are acquired or enter a court proceeding, you acknowledge that such transfers may occur and that your personal information can continue to be used as set forth in this Notice.
E-mail. If you do not wish to receive e-mails from us, you may update your settings or opt out at any time. If you opt out of a marketing e-mail, we may still send you transactional and administrative emails about this privacy notice or about the products or services you have purchased.
Cookies. Your browser’s help function should contain instructions on how to set your computer to accept all cookies, to notify you when a cookie is issued, or to not receive cookies at any time.
Advertising. You can opt out of online targeted advertising by opting out within the advertisement itself or by visiting Digital Advertising Alliance, the Digital Advertising Alliance of Canada or the European Interactive Digital Advertising Alliance.
Individual Rights. You may have certain rights under applicable data protection laws such as the EU General Data Protection Regulation (GDPR) or the California Consumer Privacy Act (CCPA):
The right to know what Personal Data is being collected about you.
The right to access and receive a copy of your Personal Data.
The right to rectify inaccurate Personal Data.
The right to request the deletion of your Personal Data.
The right to object to the processing of your Personal Data.
The right to request restriction to the processing of your Personal Data.
If you feel that our processing of your personal data infringes on data protection laws, you may have a legal right to lodge a complaint with a supervisory authority responsible for data protection.
Please note, 1) we will need to verify your identity before being able to respond to requests and 2) in some cases, we may not be able to fulfill a request, in which case we will let you know if we are unable to do so and why.
To exercise a right you might have under data protection law, please contact us at firstname.lastname@example.org or by calling +1 866.876.5578 and selecting option 9.
We have further appointed IT Governance Europe Limited to act as our EU Representative and GRCI Law Limited to act as our UK Representative. If you wish to exercise your rights under the EU General Data Protection Regulation (EU GDPR), or have any queries in relation to your rights or general privacy matters, please email our Representative at email@example.com If you wish to exercise your rights under the UK General Data Protection Regulation (GDPR) or have any queries in relation to your rights or privacy matters generally please email our Representative at firstname.lastname@example.org. Please ensure to include our company name in any correspondence you send to our Representatives.
Oversight has implemented appropriate physical, technical, and organizational measures and safeguards with respect to Personal Data designed to protect against accidental or unlawful destruction or accidental loss, alteration, and unauthorized disclosures or access.
Your Personal Data is stored by Oversight on its servers, and on the servers of the cloud-based database management services Oversight engages, located in the United States. Oversight will retain your Personal Data only for as long as is necessary for the purposes set out in this Notice.
Please note at this time, we do not recognize automated browser signals regarding tracking mechanisms, which may include "do not track" instructions as there is no consistent industry standard for compliance.
Our site is not directed at children. If you learn that your minor child has provided us with their personal data, please contact us.
We welcome any queries, comments or requests you may have regarding this Notice. You may contact us at:
+1 866.876.5578 and selecting option 9
Oversight Systems, Inc.
Attn: Mac McMullin, DPO
360 Interstate North Pkwy, Suite 300
Atlanta, GA 30339
Oversight complies with the EU-U.S. Privacy Shield Framework and the Swiss–U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union, the United Kingdom and Switzerland to the United States, respectively. Oversight has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this Notice and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/. Oversight is responsible for the processing of personal data it receives under the Privacy Shield Framework and subsequently transfers to a third party acting as an agent on its behalf. Oversight complies with the Privacy Shield Principles for all onward transfers of personal information from the EU, including the onward transfer liability provisions.
With respect to personal information received or transferred pursuant to the Privacy Shield Framework, Oversight is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission.
Oversight has further committed to refer unresolved privacy complaints under the Privacy Shield Principles utilizing JAMS International, an alternative dispute resolution provider headquartered in London with additional locations in Amsterdam, Milan, New York and Rome. If you do not receive acknowledgement of your inquiry, or if your inquiry has not been satisfactorily addressed, you should contact our U.S.-based third- party dispute resolution provider (free of charge) at https://www.jamsadr.com/eu-us-privacy-shield. Under certain conditions, more fully described on the Privacy Shield website https://www.privacyshield.gov, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.
1. Only disclose data when legally compelled to do so through:
a valid subpoena, court order or search warrant issued under the procedures described in the Federal Rules of Criminal Procedure or other applicable procedures; or
a valid state or local warrant or document production request; or
a Mutual Legal Assistance Treaty (MLAT) or similar legal processes from international law enforcement and governmental agencies.
2. Review all client data disclosure orders and contest the request if we believe a request is invalid under applicable law.
3. Limit client data disclosure to only what is legally required. Oversight requires access requests to be narrowly targeted and only seek information about specific clients.
4. Where possible and legally permitted, refer the request directly to the affected client.
5. Notify clients when their data is being sought in response to a legal process except where providing notice is explicitly prohibited by the legal process itself, by a court order, or by applicable law.
|Reporting Period||United States|
|January 1 - December 31, 2020||Number of Requests||Number of Disclosures|
|Number of Requests||Number of Disclosures|