Effective Date February 26 2020
Please read the following carefully to understand our views and practices regarding your personal data and how we will use it.
Data that you provide to us also will be governed by the agreement between you and the Company regarding your use of the Network (the “Network Agreements”).
Information We Receive or Collect From You
You may give us data about you when you:
- set up an account with the Network, for example, user name and password;
- access or use the Network, for example, identifying information such as information about the organization you represent, contact information, postal address, email address, phone number, financial information, employer identification number or taxpayer identification number (“Customer Information”);
- post any information on the Network;
- contact or correspond with us (for example via phone, email or otherwise); or
- complete a survey about the use of the Network.
We may collect information about you such as:
- information about transactions between Network users;
- information about your use of the Network even if you are not a registered user; or
- certain technical information if you visit the Network, for example the type of device (and its unique device identifier) you use to access the Network, the Internet protocol (IP) address used to connect your device to the Internet, your login information, browser type and version, time-zone setting, browser plug-in types and versions, operating system, mobile network information and platform, full Uniform Resource Locator (URL), clickstream to, through and from the Network (including date and time), pages you viewed, page response time, download errors, length of visit to certain pages, page interaction information (such as scrolling, clicks and mouse-overs), and methods used to browse away from the page.
We may be given data about you, the organization you represent, or a third party such as:
- information the organization you represent provides to us when it registers with the Network; or
- information about you and the organization you represent from third party services that interoperate with the Network, such as Dun & Bradstreet DUNS numbers.
Except with respect to Network visitors invited by a current Network user, we do not record the names or email addresses of visitors who do not register as Network users unless such users subscribe to receive information via electronic mail.
To protect children’s personal information, we do not knowingly collect any personal information from persons under the age of sixteen (16) that can be used to specifically identify them and the Company does not permit persons under the age of sixteen (16) to use the Network.
If you believe we might have any information from or about underage children, please contact us at [email protected].
Purpose and Legal Basis for Processing your Data and the Customer Information
- comply with laws that apply to us;
- protect the vital interests of a natural person, such as in an emergency or to protect you or the Company from threats (such as security threats or fraud);
- enable us to administer our business, such as for quality control and customer service;
- manage corporate transactions; and/or
- understand and improve our business and customer relationships generally.
As set forth above, if you email us, we may keep your message, email address, and contact information to respond to your message. In certain instances, our response may be provided to other Network users or third-parties as necessary to address certain problems, comments, and requests.
We employ Stripe™ as a payment intermediary service to receive payment from users, and do not request or store any of your financial information, such as your bank routing or account numbers, or your debit or credit card account numbers.
Following termination or deactivation of your account with the Network, we may retain information, including profile information and Customer Information, in order to comply with applicable law, prevent fraud, resolve disputes, troubleshoot problems, assist with any investigation, enforce our rights under our agreements with you, for backup, audit or regulatory purposes, and for other actions permitted by law. In addition, you acknowledge the inherent nature of blockchain networks will make any records stored on the blockchain ledger impossible to delete.
Otherwise we will only retain your personal data for as long as reasonably necessary to fulfil the purposes we originally collected it for. To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.
We may share your Customer Information for marketing purposes but only with your prior consent. Those uses will be subject to such third party’s privacy policies. Also, the Company may share your Customer Information with third parties in aggregated and/or anonymized form.
Special Cases in which We Share Personal and Password Information
We may share your information, including Customer Information and personal information, with a third party in connection with a merger, sale, or acquisition, or a bankruptcy. Also, we may disclose your information to affiliated legal entities and businesses with whom we are under common corporate control.
Under certain circumstances, Customer Information and personal information may be subject to disclosure pursuant to applicable law, judicial or other government subpoenas, warrants, or orders (such disclosures, “Disclosures Required by Law”). In such circumstances, you acknowledge the Company may disclose such information to the extent necessary to comply with such legal requirement. Also, we may share your Customer Information or personal information in an emergency if necessary to protect the safety of Company employees, agents, customers or any person. Again, when your information is disclosed under this paragraph, we may also disclose such information on a non-aggregated, non-anonymous basis.
We may also share Customer Information and personal information with our service providers, business partners, suppliers, sub-contractors or agents who perform services for us, as well as our professional advisers (including our lawyers, bankers, auditors and insurers), and analytics and search engine providers that assist us in the improvement and optimization of the Network.
Aside from Disclosures Required by Law, any disclosure to a third party will only be made if such third party satisfies the requirements of the EU-U.S. Privacy Shield (as defined below), or has entered into a written agreement with us providing that it will provide at least the level of privacy protection as is provided in the EU-U.S. Privacy Shield.
Use of Other Users’ Information
If you use the Network, your email address and certain other information you choose to add to your profile may be accessible to other users. By using the Network, you agree that, with respect to other users’ information you obtain through your use of Network, you will only use such information for: (i) communications related to the Network that are not unsolicited commercial messages; and (ii) any other purpose that such user expressly agrees to after adequate disclosure of such purpose. Under no circumstances may you disclose information of another user to any third-party without our consent and the consent of such other user.
Third Party Communications
When you are involved in a transaction as a result of your use or access of the Network, each party involved in such transaction may obtain access to the other party’s name, email address, phone number and other contact and shipping information. We cannot guarantee the privacy or security of your information when you deal with such third parties.
From time to time, personal information we collect from data subjects in the European Economic Area (“EEA”) may be transferred to, stored, processed or accessed by, us and other entities who may be based outside of the EEA, for example, the United States. Also, we may allow our service providers or assistance providers, who may be located outside the EEA, to access your personal data. In addition, we may make other disclosures of your personal data outside the EEA, for example, in the event we receive a legal or regulatory request from a foreign law enforcement body.
We will always take steps to ensure any transfer of such information to entities based outside the EEA is carefully managed to protect your rights and interests by implementing appropriate safeguards to protect your personal information. Your personal data may be transferred to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission. To find out which countries are covered by this, please see here.
Where there is no adequacy decision by the European Commission in respect of a country (to the extent that they are outside the EEA), which means it is not deemed to provide an adequate level of protection to your personal data, we will ensure your personal data receives an adequate level of protection. For example, each such transfer to a third party will be protected by contractual commitments and further assurances (where appropriate) such as the European Commission’s approved Standard Contractual Clauses, or certification schemes such as the EU – U.S. Privacy Shield for the protection of personal data transferred from within the EEA to the United States of America.
If you would like to find out more about these safeguards in respect of processing your personal data, please contact us at [email protected].
Control, Email and Opt-Out
You have control over your Customer Information and other personal information related to your use of the Network. Accordingly, you may access, review, add, modify, correct, delete or update your Customer Information or other personal information at any time.
If you receive one or more emails from us, it means one of two things: (i) your email address is on our list of customers or prospective customers; or (ii) you have provided us your email address so that we could contact you. If you believe you receive an email from us in error, please contact us immediately at [email protected]
We provide you with the opportunity to opt-out of receiving marketing communications from us at any point in time. If you wish to cease receiving marketing emails and other communications from us, you can opt-out by contacting us at [email protected].
In addition to the above rights of access, correction, amendment or deletion, if you live in the EEA, subject to applicable law, you may have some or all of the following rights with respect to your personal information:
- to restrict processing of your personal data if the data is inaccurate, the processing is unlawful or we no longer need it for the purpose for which we hold it;
- to transmit your data (as provided by you, directly or otherwise collected by us by virtue of your use of the Network) in machine-readable format to you or to a third party when we justify our processing on the basis of your consent or the performance of a contract with you;
- to withdraw your consent to our processing of your personal data (where that processing is based on your consent);
- to obtain, or see a copy of the appropriate safeguards under which your personal data is transferred to a third country or international organization;
- to object, at any time, to the processing of your personal information, on legitimate grounds, except if otherwise permitted by applicable law;
- to erase your personal data (in limited circumstances, such as where it is no longer necessary in relation to the purposes for which it was collected or processed); and
- to file a complaint with your local supervisory authority for data protection.
You can exercise the above rights by: (i) email sent to [email protected]; or (ii) mail sent to the Company at Chainyard Supplier Management Inc., One Copley Parkway #216, Morrisville, North Carolina 27560. If you establish a membership account with the Network, you may make changes to the Customer Information related to your account by accessing your account settings.
Please note that if you ask us to stop processing your personal data in a certain way or erase your personal data, and this type of processing or data is needed to facilitate your use of the Network you may not be able to use the Network as you did before, or at all. This does not include your right to object to direct marketing, which can be exercised at any time without restriction. Please allow at least ten (10) working days for your request to be addressed.
Please note that the rights mentioned above do not extend to non-personal data. Please also note that it may be necessary to retain your personal data for the purposes of assessing and verifying data that is submitted to and/or held on the Network, and to manage the Network; your rights under applicable law may be limited accordingly.
Security of the Information Collected
We use technical, organizational, administrative, and physical security measures designed to protect against the loss, misuse and alteration of data used by, or transmitted to or from, our system. No data transmissions over the Internet, however, are guaranteed to be completely secure. While we strive to protect your data from unauthorized use or disclosure, the Company does not warrant or guarantee the security of the data that you provide to us; any transmission is at your own risk.
You are responsible for maintaining the security of any password, biometrics, user ID or other form of authentication involved in obtaining access to password protected or secure areas of any of our digital services. In order to protect you and your data, we may suspend your use of the Network without notice, pending an investigation, if any breach of security is suspected.
Information Choices and Changes
You may request to review, correct, delete or otherwise modify information you have previously provided to us through the Network. Notwithstanding the foregoing, you acknowledge the inherent nature of blockchain networks will make any records stored on the blockchain ledger impossible to delete. You acknowledge that we will make reasonable efforts to delete such information, to the extent technically feasible.
You have the right to ask us not to collect, use, process or disclose your Customer Information in any of the manners described herein. This will affect your user experience. You can notify us of your intention to halt the collection, use, processing, or disclosure of your Customer Information at any time by contacting us at [email protected]
Some personal information is automatically collected via the use of data analytics tools. If you object to such collection, your only choice is not to access the Network.
There are two types of cookies: session-based cookies and persistent-based cookies. Session cookies exist only during an online session. They disappear from your computer when you close your browser software or turn off your computer. Persistent cookies remain on your computer after you have closed your browser or turned off your computer. They include such information as a unique identifier for your browser. Standing alone, cookies do not contain personal data, and therefore do not identify you personally; they merely recognize your browser. Also, we may use other standard technologies including, but not limited to, pixel tags and web beacons, to track visitors to the Network. These technologies also help us to gather information including, but not limited to, the number of visitors to the Network, how visitors arrived at the Network, and the pages those visitors accessed. This information also helps us to improve the appearance and content of the Network and enhances the functionality of Network resources. Unless you choose to identify yourself to the Company by using the Network, you will remain anonymous to the Company. You may delete cookies if you no longer wish to store them on your computer.
The cookies we use do not transmit personally identifiable information to us or to our service providers. You have the choice to opt-out of receiving cookies from both the Company and third parties which will prevent the Company and third parties from tracking information about the online advertisements that you visit. Please note that you still will have the ability to view our online advertisements even if you opt-out of receiving cookies OR if you choose to disable cookies, you may still use the Network; however, you may have limited access to some areas of the Network.
For more detailed information about cookies and how they can be managed and deleted, please visit www.allaboutcookies.org.
You may also use the above contact information if you think any information about you is inaccurate, incomplete.
The Company receives this data from Google in an aggregated, anonymous form that does not personally identify you. The Company will not use Google Analytics to track, collect or upload any data that personally identifies you (such as a name, address, or billing information), or other data that can reasonably be linked to such information about you by Google.
The Company will not facilitate the merging of personally identifiable information with non-personally identifiable information that is collected through any Google product or feature unless you have specifically and affirmatively provided the Company with your consent to that merger of personally identifiable and non-personally identifiable information.
The Company and other third-party vendors, including Google, use first-party cookies (such as the Google Analytics cookie) and third-party cookies together to inform, and optimize the Trust Your Supplier Site & Network based on your past visits to the Trust Your Supplier Site & Network.
If you would like to learn more about how Google uses information collected through Google Analytics, you can read about it at: https://support.google.com/analytics/answer/6004245.
If you would like to opt-out of Google Analytics you can download and install the add-on for your web browser at: trustyoursupplier.com/privacy), so please check this page regularly and make sure to check the effective date of the policy as set forth above. If you have any questions or concerns about the changes, please contact us at [email protected].
Notice to California Residents
Pursuant to California Civil Code Section 1789.3, California users are entitled to the following consumer rights notice: California residents may reach the Compliant Assistance Unit of the Division of Consumer Services for the California Department of Consumer Affairs by mail at 1625 North Market Blvd., Sacramento, CA 95834, or by telephone at (916) 445-1254 or (800) 952-5210.
Notice to Non-U.S. Data Subjects
Notice to Canada Data Subjects
EU-U.S. Privacy Shield
Our accountability for personal data that we receive under the EU-U.S. Privacy Shield and subsequently transfer to a third party is described in the Privacy Shield Principles or the DPA, as applicable. In particular, we remain responsible and liable under the Privacy Shield Principles if third party agents that we engage to process the personal data on our behalf do so in a manner inconsistent with the Privacy Shield Principles, unless we prove we are not responsible for the event giving rise to the damage.
If you have questions regarding our compliance with the EU-U.S. Privacy Shield, please contact us at [email protected].
How to Contact the Company
Please also contact us if you would like to know more about our data processing activities, to update or amend any of your personal data which you have sent us or if you believe our records relating to you are inaccurate