Effective: May 25, 2018
This Privacy Notice is provided by RADAR, Inc. (“RADAR” or “we”) to inform you of our commitment to: (i) visitors to www.radarfirst.com and other subdomains that form our corporate web presence (“Website”); (ii) our customers who purchase a subscription to our software-as-a-service product (accessible at app.radarfirst.com) (“Product”), and (iii) individuals whose personal information is stored in any of our systems or software. This Privacy Notice explains how RADAR collects and uses the personal information and describes the choices available for accessing, updating, and correcting this personal information.
This Privacy Notice applies to our Website visitors, our customers, and individuals whose personal information is stored in any of our systems or software. It does not address privacy policies or practices of any third parties or their services, including third party platforms that you choose to use to connect with our Website or Product.
We reserve the right to modify this Privacy Notice at any time so please review it frequently.
When we make material changes to this Privacy Notice, we will notify you here prior to the changes becoming effective.
Prior versions of this Privacy Notice are available here: www.radarfirst.com/priorprivacynotices.
All references to the Customer Agreement only apply to our customers.
RADAR participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework. RADAR is committed to the use and treatment of all personal information received from EU member countries and Switzerland, respectively, consistent with the applicable Privacy Shield Principles and in reliance on the applicable Privacy Shield Framework. For more information about the Privacy Shield Frameworks, please visit the U.S. Department of Commerce’s Privacy Shield website here. To view our certification, please visit the U.S. Department of Commerce’s Privacy Shield List and search for “RADAR, Inc.” here.
RADAR protects your privacy through the application of the Privacy Shield Principles. We comply with the Privacy Shield Principles for all onward transfers of personal data from the EU member countries and Switzerland, including the onward transfer liability provisions.
RADAR is the data controller for: (i) all personal information collected from EU data subjects who are registered users of the Product (“Registered User Information”); and (ii) all personal information collected from EU data subjects who visit our Website (“Visitor Information”). We collect and process Registered User Information based on our legitimate business interest. We collect and process Visitor Information based on our legitimate business interest and, where required, consent.
RADAR is the data processor for all personal information regarding EU data subjects entered into the Product by our customers (referred to as “User Information”). As the data controllers, our customers determine the purpose and legal basis of the data processing activities for User Information.
RADAR can be contacted via email at email@example.com or you may send a letter to:
319 SW Washington Street
Portland, OR 97204
The Privacy Shield and EU data protection regulations provide EU data subjects with the following rights:
To exercise your rights, see Choice below.
The remainder of this Privacy Notice is organized below with reference to the applicable Privacy Shield Principles, which are also supportive of other privacy protection frameworks.
We provide this Privacy Notice so that you can make informed choices regarding the use and treatment of your personal information.
Here are the types of information that we collect from you through our Website or Product:
Visitor Information: When you register to receive information from RADAR or participate in our events, we collect certain information about you (e.g. first name; last name; title; business email address; phone number; IP address; company information). If you interact with the Website and submit your contact information via a form, you consent for RADAR to contact you for the purposes set forth in the form and this Privacy Notice. All personal data collected through the Website is stored in secure applications with access limited to business needs. No personal data is shared with third parties other than service providers acting as RADAR’s agents. From time to time, we may use surveys for feedback or in connection with events that request personal information. In addition to your contact information, such surveys may request demographic information, information about your personal interests, or your feedback as a RADAR customer.
Registered User Information: When you create or update your profile as a registered user of the Product or when you submit incident information into the Product (including via a web form), we collect certain information about you (e.g. first name; last name; title; business email address; IP address; company information; login and password; authentication). All personal information collected from Registered Users is stored in secure applications with access limited to business needs. No personal data is shared with third parties other than service providers acting as RADAR’s agents. We collect this information for the purposes described in this Privacy Notice and the Customer Agreement, including without limitation to provide you with access to the Product and fulfill the terms of our Customer Agreement.
We utilize application analytics tools to improve customer relations and monitor the performance of our Product. Such information may include frequency and nature of the customer’s use of the Product and information necessary to troubleshoot any issues reported by the customer.
User Information: The functionality of our Product does not require the entry of personal information about individuals in order to provide risk assessments. However, our customers may enter information about individuals into the Product for the purpose of tracking incidents. All information entered into the Product by our customers (including without limitation any personal information) is referred to as “User Information”. We process and store User Information as the data processor. However, our customers, as the data controllers, determine the purpose and legal basis of the data processing activities for User Information. We treat User Information as the property and confidential information of the applicable RADAR customer. We reserve a limited right to disclose any User Information for the purposes set forth in Section 3 of this Privacy Notice or as expressly stated in the Customer Agreement.
Information that We Obtain from Other Sources: RADAR may collect information about you from third party sources and services. We may buy or lease contact, marketing, and demographic data from brokers. RADAR may also access certain profile information from social networking platforms and services that you use to interact with the Website or Product. We may combine that third party information with information that we collect directly from you.
Information that We Automatically Collect: When you visit our Website or use our Product, some information (e.g. IP address; access times; browser type and language; referral website) is logged automatically and stored in log files. We also collect information about your usage and activity on our Website. We may tie your IP address to information that we automatically collect on our Website. We may also tie information that we automatically collect with personal information that we receive from your interactions with the Website or Product. We use products of third parties acting on our behalf to analyze and improve our Website.
We utilize cookies and other information that your browser transmits to better understand our Website audience. Such information includes aspects of your browser’s technical capabilities, information about your device, and your geographic location. Cookies may store information that identifies your browsing device with enough specificity to be able to deliver relevant content.
We will retain your information collected for a commercially reasonable period of time to fulfill the terms of the Customer Agreement (if applicable) and for the purposes described in this Privacy Notice. In addition, we will retain your information for as long as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
When you register to receive information from RADAR about our third party partnerships, we collect certain information about you (e.g. first name; last name; title; business email address; phone number; IP address; company information). By submitting this information, you consent for RADAR to contact you for the purposes set forth in this Privacy Notice and to share your contact information with such third party partners.
By entering personal information into the Website or Product, you expressly allow us to collect, process, store, and use that data in a manner consistent with this Privacy Notice and the Customer Agreement (if applicable).
You may opt-out of receiving promotional emails from RADAR by following the instructions in those emails. If you opt-out, we may still send non-promotional communications, such as emails about your subscription, your account, product notices, or our ongoing business relations.
Customers have the choice to update, add, or delete certain Registered User Information. However, you cannot opt-out of some collection and processing within the Product as it is necessary to ensure security. Customers also have the choice to update, add, or delete User Information.
Upon request, RADAR will provide you with information about whether we hold any of your personal information. You may email firstname.lastname@example.org to: (i) request RADAR to provide you with information about your personal information that we process and store; (ii) request changes to your contact preferences; (iii) request access to your personal information; and (iv) request changes to your personal information. If you would like this information edited or deleted, we will respond to your request within 30 days.
You may request for us to remove you from any mailing list or delete your personal information from any of our systems, except where the deletion of such information would: (i) prevent us from exercising our rights; (ii) prevent us from performing our obligations under the Customer Agreement (e.g. responding to your inquiries); or (iii) violate the terms of our Customer Agreement. We reserve the right to delete your personal information from our system and software if retention of that information is reasonable required for the fulfillment of a contractual or legal obligation. If we are required to refuse for any reason, we will provide prompt written notice of the reason.
If you are a registered user of the Product, you may not opt out of personal information collection because such collection is required to ensure the security and integrity of the Product. If you are a registered user of the Product and you would like to be removed from the applicable Customer account, you will need to contact the administrator within your organization who manages this Customer account.
We do not solicit or seek to collect “Sensitive Information” as such term is defined in the Privacy Shield Frameworks (i.e. personal information specifying medical or health conditions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership or information specifying the sex life of the individual). If you choose to enter Sensitive Information pertaining to an individual into the Product, you agree to provide that information to us for the purpose of storing that information in the Product for your own business purposes. We will never use Sensitive Information for any other purpose without your opt-in consent. For your security and in defense of your privacy rights, we only contract with the third parties who also provide a level of privacy protection that meets or exceeds industry standards.
Cookies are required for use of the Product (e.g. authentication) and may not be disabled.
RADAR engages third parties (e.g. Amazon Web Services) to provide system infrastructure, email, and tools that are necessary for the orderly and efficient function of our business. Such third parties act in accordance with the terms of our agreements, which include data protection provisions and business associate agreements, as appropriate. These agreements require that the third parties use your personal information only in a manner consistent with the purposes for which you entrusted it to us and in accordance with the Privacy Shield Principles. We further require that any such third parties provide us with notification in the event of any intentional or unintentional use inconsistent with these Privacy Shield Principles or where the third party determines that it is no longer able to meet such obligations.
We comply with the Privacy Shield Principles for all onward transfers of personal data from the EU member countries and Switzerland, including without limitation the onward transfer liability provisions.
We may be compelled to disclose personal information obtained through our Website or the Product: (i) in response to a lawful request by the government or public authorities; (ii) to comply with a subpoena or other legal process; (iii) to protect our rights; (iv) to protect your safety or the safety of others; or (v) to investigate fraud. In the event that we are permitted by law to disclose the request or the rationale for the disclosure, we will contact you in order to provide you with an opportunity to respond.
RADAR employs robust security measures to protect your personal information from loss, misuse, unauthorized access, disclosure, alteration, and destruction in light of the nature of the personal information and the risks involved in processing. For example, RADAR conducts annual third party audits and penetration testing. We use passwords, security questions, multi-factor authentication, and other applicable security measures to prevent an inappropriate entity or individual from gaining access to your personal information.
RADAR retains personal information that it collects as a data controller consistent with its Information Retention & Destruction Policy. RADAR retains personal information that it collects as a data processor consistent with this Privacy Notice and the Customer Agreement.
RADAR processes and stores personal information in the U.S.
RADAR uses appropriate contractual and quality control measures to ensure that your personal information is accurate and not confused with that of any other individual or customer or registered user. These measures include: (i) updating records at your request; (ii) applying quality control procedures to software development; (iii) limiting employee access to personal information on the basis of business need; (iv) prohibiting the sharing of user accounts; and (v) other appropriate administrative, quality assurance, and technical safeguards.
We limit our use of your personal information to the purposes set forth in this Privacy Notice and the Customer Agreement (if applicable).
For example, we may use your information to:
We may also use your personal information in other ways than as listed here, in which case, we will inform you.
You have a right to access any personal information about yourself that RADAR processes and stores and correct, amend, or delete such personal information where it is inaccurate or has been processed in violation of the Privacy Shield Principles, except: (i) where the burden or expense of providing access would be disproportionate to the risks to your privacy in the particular situation; or (ii) where the rights of persons other than yourself would be violated. To access, correct, amend, or delete your information, please utilize the interface in RADAR for managing your personal information or contact us for assistance at email@example.com.
Registered Users have access to their Registered User Information and are able to correct, amend, or delete such Registered User Information through the Product’s user interface with limited exception (e.g. security activity logs).
RADAR takes your privacy rights seriously. We provide mechanisms for the resolution of your concerns and any disputes that may arise under this Privacy Notice. If you have any questions or concerns regarding this Privacy Notice or the use and treatment of your personal information by RADAR, please contact us via email at firstname.lastname@example.org or send a letter to:
319 SW Washington Street
Portland, OR 97204
RADAR will respond to your message within a maximum of 30 days.
For natural persons in the EU and with regard to unresolved Privacy Shield complaints, RADAR designates and commits to cooperate with the panel of Data Protection Authorities in the EU to provide recourse, free of charge.
For natural persons in Switzerland and with regard to unresolved Privacy Shield complaints, RADAR designates and commits to cooperate with the Swiss Federal Data Protection and Information Commissioner to provide recourse, free of charge.
Under certain conditions (more fully described on the Privacy Shield website at https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint), you may invoke binding arbitration when other dispute resolution procedures have been exhausted.
With respect to the personal data received or transferred pursuant to the Privacy Shield Frameworks, RADAR is subject to the investigative and enforcement powers of the U.S. Federal Trade Commission.