This Privacy Statement is effective on January 01, 2018.
Canfield Consulting
Group, LLC, a Maryland limited liability company (“CCG,” “we,”
“our,” or “us”) is driven by our mission to build
high-performance artificial intelligent cybersecurity-centric
solutions for the most demanding businesses and governments on Earth.
CCG and its subsidiaries around the world understand that when our
clients, partners and other individuals provide personal data to CCG,
they place their trust in us. We take this trust seriously and are
committed to respecting each individual’s privacy and protecting
the personal data we handle.
This Privacy
Statement describes our privacy practices to help you understand what
personal data we collect, use, share and transfer and to inform you
about the choices you can make regarding your personal data.
This Privacy
Statement applies to CCG websites, domains, or applications that link
to this Privacy Statement (this “Statement”), including those of
our subsidiaries. We may supplement this Statement with a privacy
statement for a specific product, services or website. When we do,
the more specific statement is applicable. As an example only, for
information describing how we treat personal data you provide for
recruiting and hiring purposes will be subject to additional terms
for verifying the information for the purpose of recruiting or
hiring.
Summary
- How
We Collect and Use Personal Data - How
We Protect Your Personal Data - How
Long We Retain Personal Data - How
We Share Your Personal Data - How
We Transfer Personal Data Across International Borders - How
We Respect Your Privacy in Marketing - How
To Request Access To Your Personal Data - How
To Contact Us
How We Collect and
Use Personal Data
We collect and use
personal data that you provide in order to operate our business,
provide our products and services, send marketing and other
communications, and comply with applicable laws and regulations. In
addition to the data you provide to us directly, we may also process
personal data about you that we receive from our clients or third
parties.
The types of personal
data we process will depend on the purpose, including:
- Provide products and services – contact details (such as name, email, address, company name, phone number, IP address, OS, device details, and other necessary information) to provide services to our clients and our client’s customers, including providing warranty and repair services and product support updates;
- Improve our products and services – contact details to conduct quality controls and evaluate the performance of our products and services, including conducting customer satisfaction surveys;
- Conduct due diligence – contact details and publicly available information about financial or reputational status of a client or third party supplier/partner;
- Generate sales and marketing leads – contact details, marketing preferences, publically available social media information to maintain a client relationship management database and send relevant newsletters, solution updates, event notifications and other marketing communications;
- Customize your website experience – contact details and information obtained through the use of digital collection tools such as cookies (for more information about the way we use cookies);
- Manage relationships with our clients, suppliers, and partners – contact details and payment information in order to execute contracts, generate invoices and make payments;
- Respond to inquiries or requests for information – contact details for electronic communication; and
- Secure our premises and networks – contact details for authentication to use guest networks, collaboration tools and visit our offices; images captured through our encrypted systems set up for security purposes in our offices.
When we receive
personal data about you from our clients in order to provide our
services, CCG processes the personal data as instructed by our
clients and in accordance with our contractual obligations. Our
clients are responsible for complying with regulations or laws
regarding notice, disclosure, and/or obtaining consent prior to
transferring the personal data to CCG for processing.
How We Protect
Your Personal Data
We use reasonable
security procedures and technical and organizational measures to
protect against accidental or unlawful destruction, loss, disclosure
or use of personal data we handle. Our network and systems used to
provide services are governed by CCG’s limited Small Business
liability Information Security policies, which are based upon
standards, including International Organization for Standardization
(ISO) 9001:2015 and National Institute of Standards and Technology
(NIST).
We limit access to
and use of your personal data to authorized persons and trusted third
parties who have a reasonable need to know the information in order
to perform our services and business operations and who are bound by
confidentiality obligations.
How Long We Retain
Personal Data
We retain your
personal data for as long as is necessary to fulfill the purpose for
which the data was collected from you and in consideration of and
compliance with applicable legal or regulatory requirements to
maintain the data for legitimate purposes. For example, where
required by law for audits or accounting requirements, to enforce our
agreements or handle disputes.
When personal data is
no longer needed for the purpose it was collected or processed or to
comply with a legal obligation, we securely destroy it.
How We Share Your
Personal Data
We do not sell or
otherwise disclose personal data about our website visitors or others
that interact with CCG or our products or services, except as
described herein.
We may share your
personal data with authorized CCG’s personnel in our subsidiaries
with a need to know the information in order to process the personal
data for the purpose we collected it. We also share personal data
with third parties who are acting on our behalf in order to provide
the products or services you request or to support our relationship
with you. These third parties are not authorized by us to use or
disclose the information except as necessary to perform services on
our behalf pursuant to a contractual obligation or to comply with
legal requirements. CCG requires such third parties to comply with
applicable data protection and privacy laws and agree to implement
and maintain appropriate technical and organizational security
measures to safeguard the personal data.
Our sharing may
include:
- With any of our
CCG’s subsidiaries and trusted third party suppliers/partners in
order to perform our services or business operations; - With our
professional advisors and insurers to run our business; - With competent legal
authorities when required by applicable laws or regulations; - With law enforcement
authorities or other government officials when we are required to do
so by law or pursuant to legal process (including for national
security purposes);when we believe disclosure is necessary or
appropriate to prevent physical harm or financial loss or in
connection with an investigation of suspected or actual fraud or
illegal activity; or when we believe that disclosure is necessary to
protect our rights, protect your safety or the safety of others; - With appropriate
third parties in connection with the sale, transfer or financing of
all or part of a CCG’s business or its assets, including any such
activities associated with a bankruptcy proceeding.
How We Transfer
Personal Data Across International Borders
CCG is a global
enterprise based in the United States with operations in countries
around the world. Authorized CCG’s personnel and third parties
acting on our behalf may access, use and process personal data
collected from you in a country that is different from the country
where you entered the personal data, which may have less stringent
data protection laws.
As an IT and security
services company, CCG has implemented global privacy practices for
processing personal data protected under various data protection
laws. CCG transfers personal data between the countries in which we
operate in accordance with the standards and conditions of applicable
data privacy laws, including standards and conditions related to
security and processing and acceptable transfer mechanisms.
How We Respect
Your Privacy in Marketing
CCG’s uses various
means of communication and tools to market its products and services.
We provide commercial marketing email to persons who consent or where
we have a legitimate interest and it is otherwise permissible under
applicable law. You may opt-out of our commercial marketing emails by
using the “Unsubscribe” or “Opt-out” link in the commercial
email or by contacting us at https://www.phen-ai.com/contact-us/.
We strive to make
your CCG experience the best it can be by using various tools that
provide us with information about how you and other visitors interact
with our website so that we can tailor your CCG experience and
improve our web properties. These tools include Cookies and other
automatic data collection tools. For information on these tools,
please click https://www.phen-ai.com/contact-us/.
How To Request
Access To Your Personal Data
We rely on you to
provide accurate, complete and current personal data to us.
If you need to
correct or update the personal data you provided to us, in many
cases, you can edit your data from the location where you provided
the personal data to us. If you are not able to access it yourself,
we will respond in a timely manner to all reasonable requests to
access, correct or delete your personal data. Requests and questions
can be submitted to https://www.phen-ai.com/contact-us/.
Your California
Privacy Rights
CCG and its
subsidiaries are Data Processors/Service Providers for our clients
where we process personal data in order to provide our solutions to
our clients. When we are a Data Processor/Service Provider, we
process the personal data in accordance with the instructions of the
Data Controller/Business.
If you are a
California consumer seeking to exercise your rights under the
California Consumer Privacy Act with respect to information we hold
on behalf of our clients, you should reach out directly to the client
responsible for determining the purposes and means of processing your
personal information.
For information that
CCG holds as a business under CCPA regarding our business contacts,
we share information gathered through cookies and other technologies
for our own and third party marketing purposes (a potential “sale”
under the CCPA). California consumers have the right to request to
opt out of the sale of personal information. If you would like to opt
out of cookie/tracking technologies, please
click https://www.phen-ai.com/contact-us/.
Under California’s
“Shine the Light” law, Civil Code Section 1798.83,
California residents who provide personal information in obtaining
products or services for personal, family or household use are
entitled to request and obtain once a calendar year information about
the customer information shared, if any, with other businesses for
their own direct marketing uses. Please contact us at the addresses
below for more information.
How To Contact Us
If you have any
questions or comments regarding this statement or our privacy
practices, or any concerns regarding a possible violation of this
statement, our practices or any applicable privacy law, or a concern
or complaint about our practices related to the Privacy Shield,
please contact the https://www.phen-ai.com/contact-us/
and
we will promptly respond.
Our mailing addresses
are:
4104 Alfalfa Terrace
Olney, Maryland, 20832
United States
Links To Other
Websites
As a convenience to
our website visitors, we sometimes provide links to other websites.
These linked sites are not under the control of CCG and we are not
responsible for their content. You should review the privacy
statements of any linked website to understand their privacy
practices before using the site.
Children
It is not our intent
to collect personal data from children under the age of consent in
their country of residence. Our websites are not designed to attract
children and we request that children under the age of consent not
submit personal data to us through our websites.
Updates To Our
Privacy Statement
We may update this
Privacy Statement from time to time. When we update this statement,
we will also update the date at the top. Only the current statement
is effective, so please review it periodically. If we make any
material changes, we may also notify you by contacting you directly
or posting a notice on our website. You may request a copy of our
prior Privacy Statement by contacting us
at https://www.phen-ai.com/contact-us/