Jenzabar Privacy Policy

1. INTRODUCTION. Jenzabar, Inc. (“we” or “us”) is committed to maintaining strong and meaningful protections for our users. We provide services and information to individuals via www.jenzabar.com, services and information to our clients via www.myjenzabar.net (www.jenzabar.com and www.myjenzabar.net, collectively, the “Website Services”), and software, support, managed, and professional services (the “Client Services”) to our clients (the Website Services and the Client Services, collectively, the “Services”). This Privacy Policy (the “Policy”) describes the types of personal information we may collect or receive in connection with these Services and our practices for collecting, using, maintaining, protecting, and disclosing that personal information. Please read this Policy carefully to understand our policies and practices regarding your information and how we will treat it.

We process your personal information only when we have an appropriate basis. For example, we may process your personal information as necessary to provide Services that are subject to terms you have accepted, such as our websites’ terms of use, when necessary to comply with legal obligations, pursuant to your consent, or for purposes of pursuing our legitimate interests (such as providing and improving our Services, fixing bugs, performing analysis and analytics, communicating with you, preventing fraud, enforcing legal claims, and security purposes) if doing so is consistent with your rights and appropriate to the context.

2. INFORMATION WE COLLECT ABOUT YOU.

When you use or access any of the Website Services, we may collect contact information, such as name, e-mail address, phone number, mailing address, state and country residence, and telephone number. When you use or access certain Website Services, we may collect additional personal information as follows:

• When you use or access www.jenzabar.com, we may collect personal information, such as the following:

o Your preferences, areas of interest, and business needs related to the Services.
o Information you submit when you register for or log into our Services, such as authentication credentials.
o Educational or employment information, such as your educational institution or job title.
o Information you submit in connection with an application for employment, such as your resume.
o Registration information associated with our events, webinars, and products and Services demos.

• When you use or access www.myjenzabar.net, we may collect information you submit or that we otherwise receive in connection with client support requests.

We may collect information at live events, such as when we collect your contact information at a trade-show event or our annual convention. We may also collect information related to our Services that you send through our listserv or comments or other information we receive when you interact with our social media accounts, such as Twitter, Vimeo, and Facebook.

When you use the Services, we may automatically collect information, such as the following:

• Your device type, manufacturer, operating system name, and operating system version.
• Name, version, and other information about the online services and software you are using in connection with the Services (such as mobile apps).
• Your mobile device identifier (such as Android UDID and iOS UUID).
• The Internet protocol (IP) address your device uses to access the Internet.
• Your geo-location.
• Other information, such as usage analytics data.

We may use the following automated technology to collect information in connection with the Services:

• Browser and Device Information: Certain information is collected by most browsers or automatically through your device, such as your device type, operating system name and version, device manufacturer and model, Internet browser type and version and the name and version of the online services (such as apps) you are using. We use this information to ensure that the Services function properly.
• Cookies: Cookies are pieces of information stored directly on the computer or mobile device that you are using. Cookies allow us to collect information such as browser type, time spent on the online services, pages visited, referring URL, and other website traffic data. We may use cookies for purposes including enabling you to log in, and stay logged in, to the Services. Refer to the Choices section of this policy for information on how you may be able to reject or disable cookies.
• Google Analytics: Google Analytics uses cookies to help us analyze how visitors use the Services. The information generated by the cookies about your use of the Services includes your IP address, and will be transmitted to and stored by Google on its servers. Google will use this information for the purpose of evaluating your use of our websites, creating reports on website activity, and providing other services relating to Internet usage. Google may also pass this information onto third parties when required to do so by judicial or administrative process or otherwise to the extent required by law, or when such third parties process the information on Google’s behalf. If you so choose, you may be able to opt out by turning off cookies in the preferences settings in your browser, or by downloading and installing the Google Analytics Opt-Out Browser Add-On from http://tools.google.com/dlpage/gaoptout. For more information on Google Analytics, including how Google Analytics collects, uses, and discloses information, refer to the following page: https://policies.google.com/technologies/partner-sites.
• IP Address: Your IP address is a number that is automatically assigned to the computer that you are using by your Internet Service Provider (ISP). An IP address may be identified and logged automatically in our server log files whenever a user accesses the Website Services, along with the time of the visit and the page(s) that were visited. Collecting IP addresses is standard practice and is done automatically by many websites, applications, and other services. We use IP addresses for purposes such as calculating usage levels, diagnosing server problems, and administering our Services. We may also derive your approximate location from your IP address to understand from what regions of the world our website visitors come.

With respect to personal information that we collect or receive from or on behalf of our clients as a result of the Client Services we provide to them, we act as the “processor” of such personal information. In those cases, we collect, receive, use, and disclose personal information at the direction of our clients to, for example, enable our clients to manage recruitment and enrollment, learning, financial aid, advancement, retention, and similar relationship and operational management activities. The types of information we collect or receive may include those described above, as well as other types of information that we collect or receive as dictated by our clients, including authentication credentials; government- or institution-issued identification numbers, such as Social Security numbers, state-issued identification numbers, and student identification numbers; online browsing activity, application usage, and other information we access or receive in connection with providing support services; and information that we host on behalf of our clients. The manner in which we use and disclose that information is subject to our clients’ direction, but will generally align with the descriptions provided below in the sections on How We Use Your Information and Disclosure of Your information.

3. HOW WE USE YOUR INFORMATION. We may use personal information that we collect or receive about you for purposes including the following:

• Providing you with the Services and responding to your requests.
• Providing our clients with the Services, including by providing client support and hosting Services.
• Communicating with you and providing you with information that you request from us or which we feel may interest you, including newsletters, white papers, company updates, survey reports, invitations to events, and otherwise marketing our products and Services.
• Conducting demos of our products and Services.
• Understanding how you and our clients use our Services.
• Improving our Services.
• Calculating user levels and diagnosing server problems.
• Determining your approximate location.
• Customizing our Services according to your individual interests and preferences.
• Analyze and enhancing our marketing communications and strategies.
• Storing information about your preferences and recognizing you when you use the Services.
• Notifying you when updates to the Services are available and of changes to the Services.
• Operating, evaluating, and improving our business.
• Enforcing our policies, terms of use, or rights arising from contracts.
• Protecting the rights, property, or safety of us, our affiliates, our users, our clients, and others.
• Complying with any court order, law, or legal process, and responding to lawful requests from public authorities, including to meet national security or law enforcement requirements.
• Investigating or preventing unlawful activities or misuse of the Services, and/or complying with any court order, law, or legal process, including to respond to any government or regulatory request.

4. DISCLOSURE OF YOUR INFORMATION. We may disclose aggregated, anonymized information about our users to third parties, including our clients, without restriction. We may disclose information (personal or otherwise) collected about you:

• To our clients.
• To our affiliates.
• To our contractors, service providers, and other third parties we use to support our business.
• To comply with any court order, law, or legal process, and respond to lawful requests from public authorities, including to meet national security or law enforcement requirements.
• To enforce our policies, terms of use, or rights arising from any contracts entered into between you and us.
• To investigate or prevent unlawful activities or misuse of the Services.
• If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of us, our clients, or others.
• To a buyer or other successor or organization in the event of an actual or potential merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, including as part of bankruptcy, liquidation, or similar proceeding.

5. CHOICES AND ACCESS. We strive to provide you with choices regarding your personal information. We have created the following mechanisms to provide you with control over your information:

• Cookies. If you do not want information collected through the use of cookies, you may be able to adjust your browser or device settings to automatically decline cookies or be given the choice of declining or accepting the transfer to your device of a particular cookie (or cookies) from a particular site. If, however, you do not accept cookies, you may experience some reduced functionality associated with the Services.
• Email. We include instructions in our marketing emails describing how you can opt out of future marketing or promotional emails.

You may contact us using the information in the Contact Information section to change or correct, if appropriate, Personal Information about you that we maintain.

Some Internet browsers have a “do-not-track” feature that lets you tell websites that you do not want to have your online activities tracked. These features are not yet uniform, and our Services are not set up to respond to do-not-track signals. We may permit third parties to use the Services to collect personal information about users’ online activities over time and across different websites.

We collect information under the direction of, and receive information from, our clients and may have no direct relationship with the individuals whose personal data we process under these circumstances. If you are a customer, employee, or student of one of our clients and would like to make an inquiry or complaint, please contact the client that you interact with directly.

6. YOUR CALIFORNIA PRIVACY RIGHTS. California residents may request certain information regarding our disclosure of their personal information to third parties for those parties’ direct marketing purposes. To make such a request please contact us as described below in the Contact Information section. California residents under the age of 18 who are registered users of the Website Services may request and obtain removal of content or information they post on the Website Services. Such request for removal does not ensure complete or comprehensive removal of the content or information posted on the Website Services. To receive instructions on how to request and obtain removal of content or information posted on the Website Services, please contact us as described below in the Contact Information section.

7. DATA SECURITY. We have implemented measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure. These measures include storing personal information you provide to us on secure cloud servers.

The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain Services, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. We urge you to be careful about giving out information in public areas, such as message boards.

Unfortunately, the transmission of information via the Internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information collected, received, or transmitted in connection with our Services. We are not responsible for circumvention of any privacy settings or security measures we provide.

8. DATA RETENTION. We store personal information for as long as we reasonably need it to fulfill the purposes for which it was collected. We will also retain your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

9. INTERNATIONAL DATA TRANSFERS AND PRIVACY SHIELD PARTICIPATION. We may transfer your personal information to the United States and other countries that may not have the same data protection laws as the country in which you reside. Some of these jurisdictions may not have been deemed adequate by the European Commission to provide a comparable level of protection to that of the European Economic Area (“EEA”) or Switzerland. We participate in and have certified to the U.S. Department of Commerce that we comply with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework (collectively, the “Privacy Shield Framework”) as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. We are committed to subjecting to the Principles of the Privacy Shield Framework all personal information received from EEA member countries and Switzerland in reliance on the Privacy Shield Framework. If there is any conflict between this Policy and the Privacy Shield Framework Principles, the Privacy Shield Framework Principles will govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/.

With respect to personal information that we receive pursuant to the Privacy Shield Framework, we will remain liable for processing of that information by our agents, unless we establish that we are not responsible for the event giving rise to the damage. The Federal Trade Commission has jurisdiction over our compliance with the Privacy Shield Framework.

10. INQUIRIES AND COMPLAINTS PROCESS FOR PRIVACY SHIELD DATA AND DATA PROCESSED IN THE EEA OR SWITZERLAND. If you reside in an EEA member state or Switzerland, and your personal information is transferred to the U.S. pursuant to the Privacy Shield: In compliance with the Privacy Shield Principles, we commit to resolve complaints about our collection or use of your personal information. EEA and Swiss individuals desiring to request access to their personal information or with other inquiries or complaints regarding our Policy or practices should first contact us as described in the Contact Information section of this Policy. If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, you may contact the American Arbitration Association, our U.S.-based third-party dispute resolution provider, (free of charge) through the following web site: http://go.adr.org/privacyshield.html. Under certain conditions, more fully described on the Privacy Shield website, you may invoke binding arbitration when other dispute resolution procedures have been exhausted: https://www.privacyshield.gov/article?id=ANNEX-I-introduction.

Under the Privacy Shield Framework, we are responsible for the processing of personal information we receive and subsequently transfer to a third-party acting as an agent on our behalf. We comply with the Privacy Shield Principles for all onward transfers of personal data from the EEA and Switzerland, including the onward transfer liability provisions.

If you are located in the EEA or Switzerland, and we process your information in an EEA member state or Switzerland: you may have additional rights to request access to, correction of, erasure of, or the transfer of your personal information, as well as the right to object to or restrict the processing of your personal information. You may exercise these rights, if applicable, by contacting us as described in the Contact Information section of this Policy. Individuals located in the EEA or Switzerland also have the right to lodge a complaint with an EEA or Swiss supervisory authority, as applicable.

Where we are processing personal information received from or collected on behalf of our clients: We collect information under the direction of, and receive information from, our clients and may have no direct relationship with the individuals whose personal information we process under these circumstances. If you are a customer, employee, or student of one of our clients and would like to make an inquiry or complaint, please contact the client that you interact with directly.

11. CHANGES TO OUR POLICY. It is our practice to post any changes we make to our Policy on this page. The date this Policy was last revised is identified at the top of the page. You are responsible for periodically visiting this Policy to check for any changes.

12. CHILDREN. Our Services are not intended for children under the age of 13, and we do not knowingly collect personal information from children under the age of 13. If you are a resident of California, under the age of 18, and a registered user of the Website Services, you may refer to the Your California Privacy Rights section above for additional information.

13. EXTERNAL WEBSITES AND SERVICES. Some hyperlinks and banners contained in our Services may link to third-party websites or services. We do not operate these third-party websites or services and they are not subject to this Policy. For information on how your Personal Information will be collected, used, and disclosed, check the privacy policies of these third-party websites or services.

14. CONTACT INFORMATION. To ask questions or comment about this Policy and our privacy practices, contact us at privacy@jenzabar.com, by phone at (617)492-9099, or

Jenzabar, Inc.
101 Huntington Ave., Suite 2200
Boston, MA 02199
Attention: Chief Compliance Officer

Additionally, EEA residents may contact our data protection officer with any questions or concerns regarding how we process their personal information at: privacy@jenzabar.com.