European Union (“EU”) Data Subject Requests? For EU data subject requests, contact us by emailing email@example.com or use our online data subject request form.
1. Our Services.
- 1.1 Customers and Users. Our customers use our Services as a wealth management platform for the recordkeeping of account information. We also provide business process outsourcing for managing account information.
2. What Information About You Do We Collect?
- When you use our Services, we collect information relating to you and your use of our Services from a variety of sources, described below. Later sections describe what we do with the information.
- 2.1 Information We Collect Directly From You Includes:
- Application / Registration Information. When you submit an application or contract request forms, we collect data which may include details such as your name, email address, phone number, and employment information.
- Support. You are required to have an account to communicate with our support team. We require you to provide your contact details, such as a name, address, phone number, and email address, for this purpose.
- Responses You Intentionally Share. We collect your personal information and other data if you submit it to us in response to support inquiries.
- Cookies and Other Tracking Information. We collect usage data, device data, referral data, and information from cookies and page tags. Cookies are small bits of data we store on the device you use to access our Services so we can recognize repeat users. Each cookie expires after a certain period of time, depending on what we use it for.
- 2.2 Information About You That We Collect From Third Parties.
- We use third-party vendors to collect information about you and your use of our Services to provide us with analytics and tools to manage, improve, market and expand our Services.
3. What Do We Do With the Information We Collect?
- Responses. We store and maintain user responses submitted to all support inquiries as well as submissions via any and all webforms.
- Usage Data. Vestmark may also analyze user usage patterns to improve or optimize our Services.
- To Manage Our Services. We internally use your information, including certain responses, for the following limited purposes:
- To Monitor and Improve Our Services and Related Features. We internally perform statistical and other analysis on information we collect (including usage data, device data, referral data, and information from page tags) to analyze and measure user behavior and trends, to understand how users use our Services, and to monitor, troubleshoot and improve our Services. However, we do not use the non-public content of surveys (i.e., the content of questions and responses that you have not publicly shared) for these purposes.
- To Prevent Potentially Illegal Activities.
- To Create New Services, Features or Content (Public Data and Metadata Only). We may use public survey data and anonymized survey metadata (that is, data about the characteristics of a survey but not its non-public content), to create and provide new Services, features or content. For example, we may look at statistics like response rates, question and answer word counts, and the average number of questions in a survey and publish interesting observations about these for informational or marketing purposes.
- To Contact You About Your Account. We occasionally send you communications of a transactional nature (e.g. service-related announcements, billing-related matters, changes to our Services or policies, or a welcome email when you first register). You cannot opt out of these communications since they are required to provide our Services to you.
- To Respond to Legal Requests and Prevent Harm. If we receive a subpoena or other legal request, we may need to inspect the data we hold to determine how to respond.
- Cookies. We use information we obtain from cookies for several reasons:
4. How Do We Share the Data We Collect About You?
- Rest assured that Vestmark does not sell your email address to any third parties. Nor does Vestmark sell your responses. To be clear, Vestmark does not sell your information to third parties, we only disclose your information to third parties (other than those in your organization) for a limited number of reasons:
- Research. We may disclose aggregated, anonymous, or anonymized data, including aggregated and anonymous responses, to third parties for market research, academic research, benchmarking, forecasting, trend research, or any other purpose. In all such instances, we will not disclose any identifiable information about users or our customers.
- The Presence of a Cookie to Advertise Our Services. We may ask advertisers to display ads promoting our Services on other websites. We may ask them to deliver those ads based on the presence of a cookie but in doing so will not share any other information with the advertiser.
- Change in Business Ownership or Structure. If ownership of all or substantially all of our business changes, or we undertake a corporate reorganization (including a merger or consolidation) or any other action or transfer between Vestmark entities, Vestmark will provide notice of such a transfer in accordance with applicable laws.
5. Do We Publicly Share Your Information?
- Yes, but only in certain circumstances. Information you submit to publicly accessible blogs or community forums available through our Services may be read, collected, and used by others who access them. We are not responsible for any personal information you choose to submit in these publicly accessible areas of our Services.
6. Safety of Minors and COPPA.
- Our Services are not intended for and may not be used by minors. "Minors" are individuals under the age of majority in their place of residence (or under 13 in the United States or under age of 16 in the European Union). Vestmark does not knowingly collect personal data from minors or allow them to register as users. If it comes to our attention that we have collected personal data from a minor, we may delete this information without notice. If you have reason to believe that this has occurred, please contact us at firstname.lastname@example.org or email@example.com regarding an EU data subject.
7. What Are Your Rights to Your Information?
- You can:
- Update Your Account Details. You can update your registration and other account information on the Settings page.
- Capture Your Responses. You can take screenshots of your information and data, including but not limited to responses. We may in our discretion provide other tools to export the data.
- Cancel Your Account. Deleting your account will not cause all the responses in the account to be permanently deleted, but will disable your access to any other Services that require a Vestmark account.
- Submit a Request. You can submit a request by email to firstname.lastname@example.org or to email@example.com for EU data subject requests or by using our online request form. We will respond to your request, including any appropriate request to access, correct, update, restrict processing or object to processing, or delete your personal information within the time period specified by applicable law or without excessive delay. We will promptly fulfill requests to delete personal data unless the request is not technically feasible or such data is required to be retained by applicable law (in which case we will block access to such data, if required by applicable law). If we are processing your personal data on behalf of a customer, we will promptly refer your request to our customer and support the customer in responding to your request.
8. For How Long Do We Retain Your Data?
- We retain your data as long as necessary to provide our Services and to comply with our legal obligations. Within thirty (30) days after your data is no longer needed to provide our Services or comply with our legal obligations, we anonymize and aggregate your data permanently. However, we reserve the right to delete or purge such data.
9. Third Party Data Sources.
- We obtain information about prospective customers and users from third party sources including data licensors and marketing company databases. We use the information to market Vestmark Services.
- The security of your data and information is important to us, and we strive to implement and maintain reasonable, commercially acceptable security procedures and practices appropriate to the nature of the information submitted to us, intended to protect it from unauthorized access, destruction, use, modification, or disclosure. However, please be aware that no method of transmission over the internet, or method of electronic storage is 100% secure, and we are unable to guarantee the absolute security of your data and information.
11. Supplemental Notice to EU Data Subjects.
- Vestmark processes personal data for the limited purposes identified above.
- 11.1 Lawful Grounds. If you reside in the European Economic Area or Switzerland (collectively the “EU”), we rely on the following lawful grounds under the General Data Protection Regulation (“GDPR”) to process (collect, store, and use) your personal data: (a) it is necessary for the performance of a contract with you; (b) our or a third-party’s legitimate business interest; or (c) your consent.
- 11.2 Data Transfer Notice. We transfer your personal data to the United States for processing in the United States. We make the transfer to the United States in the absence of an adequacy decision because it is necessary for the performance of a contract with you, or with your explicit consent.
- 11.3 Individual Rights and Data Subject Requests. We provide you with tools to change access, delete, or modify your personal information within the Services. We also provide tools to our customers to respond to your data subject request within the Services. Additionally, you may also contact us at firstname.lastname@example.org our use our online form to request access to, transfer of, and rectification or erasure of your personal data, or restriction of processing, or to object to processing of your personal data. If sending an email, please specify the nature of your request and the information that is the subject of your request. We may require you to submit additional information necessary to verify your identity and status as an EU data subject. We will respond to your request within thirty (30) days. You may file a compliant with the appropriate Member State and with the supervisory authority of the Member State where you reside, work, or where the infringement occurred.
- 11.4 Withdraw Consent. If we are processing your personal data based upon the lawful ground of your consent, you have the right to withdraw your consent for such processing at any time without affecting the lawfulness of processing based on consent before it is withdrawn. To withdraw consent, email us at email@example.com.
100 Quannapowitt Pkwy #205, Wakefield, MA 01880
Attn.: Data Protection Officer
+1 (781) 224-3640
firstname.lastname@example.org or if you are in the EU at email@example.com