Privacy Policy

TrustArc Privacy Notice

Protecting personal information
is a core TrustArc value.

This Privacy Notice highlights how TrustArc uses the information collected through its websites, apps, and privacy services and technology solutions.

TRUSTe is now TrustArc. This Privacy Notice has been updated to reflect our corporate name change. The policies and practices described here have not changed. Certification programs and dispute resolution services are offered by TRUSTe LLC (“TRUSTe”), a subsidiary of TrustArc Inc, and are powered by the TrustArc Platform.

Effective October 20, 2017

This Privacy Notice highlights how TrustArc Inc and its subsidiaries and successors worldwide, including without limitation, its subsidiary in the Philippines and TRUSTe LLC. (collectively “TrustArc”) use the information collected through its websites, privacy services and technology solutions, or received from third party sources.

Collection and Use | Tracking Technologies | Disclosure to 3rd Parties | Other Information

Protecting personal information is a core value at TrustArc. This Privacy Notice describes how TrustArc collects, uses, and discloses the personal information we receive or that you provide or make available to us. It also describes the choices available to you regarding TrustArc's use of your personal information, and the steps you can take to access this information and to request that we correct or delete it.

EU-U.S. and Swiss-U.S. Privacy Shield Participation

TrustArc participates in the EU-U.S. and the Swiss-U.S. Privacy Shield Frameworks (“Privacy Shield”), and has self-certified with the Department of Commerce that we adhere to the Privacy Shield Principles. TrustArc is committed to applying the Privacy Shield Principles to all personal information received from countries in the European Economic Area (EEA) and Switzerland in reliance on the Privacy Shield. To learn more about the Privacy Shield, visit the U.S. Department of Commerce’s Privacy Shield website.

Under the Privacy Shield, TrustArc is responsible for the processing of personal information it receives and subsequently transfers to a third party acting for or on its behalf. TrustArc is liable for ensuring that the third parties we engage support our Privacy Shield commitments.

The U.S. Federal Trade Commission has regulatory enforcement authority over TrustArc’s processing of personal information received or transferred pursuant to the Privacy Shield Framework.

How We Collect and Use Your Information

TRUSTe Dispute Resolution Program

We encourage you to use TRUSTe’s Dispute Resolution Program to report and resolve privacy complaints you may have concerning TRUSTe Certification or Dispute Resolution Program Participants, or to report misuse of TRUSTe trademarks. If you file a privacy-related complaint, we will collect your name, email, and country location. We will also request that you provide the details that gave rise to your complaint. Any additional personal information you choose to provide in the complaint form is optional. We will use the information you provide to investigate your complaint and to send you an optional customer satisfaction survey once your complaint is resolved.

We will not share your name or contact information with the TRUSTe Certification or Dispute Resolution Program Participant that is the subject of your privacy-related complaint unless you give us permission to do so. Please be aware, however, that if we cannot share this information, then we may not be able to resolve your complaint.

TrustArc Contact Us Forms, Surveys, and Websites

We use information submitted through our Websites or collected through email or hard copy surveys to analyze the characteristics of our customers and improve our services. Occasionally, we will provide anonymized aggregated statistics about our customers in reports made available to our customers, to third parties, or to the general public. These reports will not identify individual TrustArc customers.

If you request information about TrustArc products and services, we will collect your name, email address, phone number, and additional company information. We use this information to contact you about your request, and to follow up with you about the products and services in which you have expressed an interest. We will also send information to you regarding upcoming TrustArc events, webinars, and relevant privacy related news and alerts. You may unsubscribe from these communications at any time by clicking on the unsubscribe link provided in the email.

TrustArc Customer Information

TrustArc Customer Information is information we collect from you when you purchase and contract with us to provide services or technology solutions. We will ask you provide the following information:

  • Email address;
  • Phone number;
  • Information regarding your role within your company;
  • Company information, including company name, address, billing information (e.g., P.O. number, bank wire information, credit card number), and company size; and
  • Contact information for other relevant points of contact within your company as needed for TrustArc to provide its services.

If you purchased one of TrustArc’s technical solutions, such as Assessment Manager, you may have the option to add additional users to your account. We will ask for the name and email address of the additional users you want to add. This information is used by TrustArc to provide the requested service. Added users may independently sign up to receive other TRUSTe communications.

We will use your Customer Information to:

  • Provide the services and access to the technology solutions you have purchased;
  • Renew subscription-based services or TRUSTe certification programs you have purchased;
  • Provide customer support. While providing you with customer support we may also gather additional information from you to investigate technical issues, and respond to your support questions;
  • Communicate regularly with you about your use of the service, TrustArc events and other industry or privacy-related news, and other TrustArc services we believe may be of interest to you. You may opt-out of receiving emails regarding TrustArc events and other TrustArc services by clicking unsubscribe link provided in the email. You will continue to receive notices regarding TrustArc services and technical services you purchased, and privacy-related updates such as notification of new or changes to existing privacy regulations.
  • Analyze the characteristics of our customers (e.g., types and size of companies) and customer utilization of our products and services, at an aggregated- level, in order to understand customer and market needs, to improve our existing products and services, to design new products and services, for business development, and for marketing communications.

In the course of using TrustArc’s technical solutions or services, you may provide business information related to your company. Business information may include copies of your company’s policies and process documents, responses to assessment questionnaires and evidence to support those responses. This is information is stored on TrustArc’s systems, and is used to provide contracted services in accordance with the applicable terms and conditions of agreements between TrustArc and your company.

If you are using the free version of TrustArc’s Assessment Manager offered in partnership with IAPP, see the IAPP GDPR Readiness Assessment Powered by the TrustArc Platform Privacy Notice for information on how TrustArc manages and uses the information collected through that service.

Information TrustArc Receives from Third Party Sources

TrustArc obtains business contact and company information from third party sources, such as business intelligence providers. The information obtained by these third parties is from publicly available sources (e.g., news articles). This information is used to support TrustArc’s marketing and sales efforts. TrustArc’s sales team may contact you based on this information to determine your company’s interest in TrustArc’s services and technology solutions. You may opt-out of these communications at any time by clicking the unsubscribe link provided in the email or by sending a request to the TrustArc Data Governance and Privacy Office using the Contact Us form available on this page.

TrustArc Communications

If you sign up for TrustArc blog update alerts, webinars, or other communications; download a whitepaper or other business resource or, if you contact us generally, we will collect your contact information to fulfill your request. If you provide us with contact information (through the use of our services, in signing up for communications, or otherwise), we will contact you regarding TrustArc events and webinars, and TrustArc services we believe may be of interest to you. To unsubscribe from TrustArc communications, follow the unsubscribe link that appears at the end of each email communication. You will be unsubscribed from all TrustArc marketing communications.

From time to time we will also offer you the opportunity to receive information about privacy-related products or services offered by our third party partners. We will not share your personal information with these third parties for their marketing purposes unless we have your permission to do so.

Consumer Opinion Surveys

From time to time we will also offer you the opportunity to receive information about privacy-related products or services offered by our third-party partners. We will not share your personal information with these third parties for their marketing purposes, unless we have your permission to do so.

Ads Interests Manager

TrustArc may also collect information about your interests through its Ads Interests Manager tool accessible through an icon placed in an ad. To learn more about how TrustArc uses your interest data click here. To access and view interest information you have provided us click here. Please note, to view your interests you will need to access the link using the same device from which your interests were originally set.

Tracking Technologies

Cookies and other data collection technologies

We use cookies and other data collection technologies on our site, technology solutions, and consumer privacy tools to:

  • Help you navigate our website or technical solutions
  • Personalize and provide a more convenient experience to you;
  • Analyze which pages you visit, which features you are using in our technical solutions, and which consumer privacy tools you use;
  • Provide feature such as social sharing widgets and videos
  • Measure advertising and promotional effectiveness
  • Assess which areas of our site you visit to remarket to you after you leave our site
  • Provide content from our third party content partners

We also use cookies with our interest-based advertising notice and choice program’s opt-out tools to assist with your opt-out choices and to help us measure usage. Our opt-out tool signals companies to not use your browsing behavior to provide interest-based advertising by setting their opt-out cookie in your browser. When you access our preference manager, session cookies will be set by the ad networks listed in our preference manager to honor your preferences if you choose to not to receive interest-based advertising.  If you clear your browser cookies, this will remove all cookies including the opt-out cookies set by the companies. You will need to re-access the opt-out tool to reset your preferences. Our cookie only knows your last set of preferences and does not reflect the current state of cookies on your browser.

 

We work with third parties to track your activities on our web site to improve our marketing efforts and provide you advertising based on your visit. If you do not want to have your information collected and used for remarketing purposes you can opt-out through TrustArc’s Preference Manager tool by clicking here. TrustArc complies with the Digital Advertising Alliance Principle for Online Behavioral Advertising. If you opt-out of retargeted online ads, you will still continue to see and receive other online advertisements.

Videos and other features on our site use Flash cookies to collect and store your preferences such as sound volume. Flash cookies are different from browser cookies because of the amount of, type of, and how data is stored. Cookie management tools provided by your browser will not remove Flash cookies. To learn how to manage privacy and storage settings for Flash cookies click here.

Please note that some cookies may be placed by a third party service provider who performs some of these functions for us.

Information Automatically Collected By Our Site

We automatically gather server log file information, such as your IP address, browser type, referring/exit pages, and operating system. We use this information to administer our website and our technical solutions, understand how visitors navigate through our Sites and services, and enhance your experience while using our Sites and services.

How We Share Your Personal Information

We may make your personal information, customer information, or business information available to companies that provide services to help us with our business activities, such as website analytics or offering customer service. These third parties are authorized to use your personal information, customer information, or business information only as necessary to provide these services to us.

We may also disclose your personal information, customer or business information

  • As required by law, such as to comply with a subpoena or similar legal process. To the extent we are legally permitted to do so, we will take commercially reasonable steps to notify you in the event that we are required to provide your personal information, customer information, or business information to third parties as part of a legal process. TrustArc also may be required to disclose personal information in response to lawful requests by public authorities, including requests from national security or law enforcement authorities.
  • When we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a written government request;
  • If TrustArc becomes involved in a merger, acquisition, or any form of sale of some or all of its assets. In the event of a merger, acquisition, or any form of sale of some or all of TrustArc’s assets, we will ensure that the acquiring organization agrees to protect personal information in accordance with the commitments we have made in this Privacy Notice, including our Privacy Shield commitment, and that the acquiring organization will provide notice before personal information, customer information, or business information becomes subject to a different Privacy Notice.
  • To any other third party with your prior consent to do so.

We will share your personally information, customer or business information with third parties only in the ways that are described in this Privacy Notice. We do not otherwise sell your personally information to third parties.

Other Information

Accessing and Updating your Personally Information

To review and update your personally identifying information to ensure it is accurate, contact us.

TrustArc will make commercially reasonable efforts to provide you reasonable access to any of your personal information we maintain within 30 days of your access request. We provide this access so you can review, make corrections, or request deletion of your data. If we cannot honor your request within the 30-day period, we will tell you when we will be able to provide access. In the unlikely event that we cannot provide you access to this information, we will explain why we cannot do so.

Security and Data Integrity

Safeguarding the information you give us or we receive about you is a priority for TrustArc. We take appropriate security measures to protect against loss, misuse and unauthorized access, alteration, disclosure, or destruction of your information. TrustArc has taken steps to ensure the ongoing confidentiality, integrity, availability, and resilience of systems and services processing personal information, and will restore the availability and access to information in a timely manner in the event of a physical or technical incident.

We will retain personal information, customer and business information for as long as it is needed to:

  • Provide products and services that you or your organization have requested;
  • To communicate with you about a request you have made to us;
  • To manage your choices and rights you have exercised pursuant to this Privacy Notice;
  • To enable you maintain an account with us, provided that you or the organization through which your account was created have not otherwise requested that we delete your information;
  • To comply with our legal and regulatory obligations, to demonstrate compliance, and to enforce TrustArc’s rights and agreements.

Links to Other Web Sites

This Privacy Notice applies to TrustArc services and websites. Our Site and technical services include links to other websites. If you submit personal or other information to any of those sites, your information is subject to their privacy notices. We encourage you to carefully read the privacy notice of any website you visit.

Changes to this Privacy Notice

Please note that this Privacy Notice may change from time to time. If we change this Privacy Notice in ways that affect how we use your personal information, we will advise you of the choices you may have as a result of those changes. We will also post a notice on our home page that this Privacy Notice has changed.

Questions regarding this Privacy Notice

Questions regarding TrustArc’s privacy and information management practices can be submitted to the TrustArc Data Governance and Privacy Office using the Contact Us form available on this page.

If you are a resident of the EEA and have an unresolved privacy or personal information collection, use, or disclosure concern that we have not addressed satisfactorily, please contact the EU Data Protection Authorities. If you are a resident of Switzerland and have this concern, please contact the Swiss Federal Data Protection and Information Commissioner. In connection with its self-certification under the Privacy Shield, TrustArc commits to cooperate with the panel established by the EU Data Protection Authorities and comply with the advice given by the panel with regard to personal information transferred from the EU. TrustArc also commits to cooperate with and comply with the advice of the Commissioner with regard to personal information transferred from Switzerland. This is provided at no cost to you.

For more information on how to contact the EU Data Protection Authorities, click here.

For more information on how to contact the Swiss Federal Data Protection and Information Commissioner, click here.

Under certain conditions, more fully described on the Privacy Shield website, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.

Defined Terms

The following terms used in this Privacy Statement have defined meanings.

  • Personal information. Any data about an identified or identifiable individual, including data that identifies an individual or that could be used to identify, locate, track, or contact an individual. Personal information includes both directly identifiable information such as a name, identification number or unique job title, and indirectly identifiable information such as date of birth, unique mobile or wearable device identifier, telephone number as well as key-coded data.
  • Third party. Any legal entity, association or person that is not owned by TrustArc, or in which TrustArc does not have a controlling interest.

Privacy Concerns

Site Contact Info
www.trustarc.com
835 Market Street
Suite 800, Box 137
San Francisco, CA 94103-1905


Privacy Tools

Manage Your Ad Preferences
Control the use of behavioral advertising.
Set Preferences »