- What personally identifiable information ESAC collects;
- What personally identifiable information third parties collect through the website.
- How ESAC uses the information;
- With whom ESAC may share user information;
- What choices are available to users regarding collection, use and distribution of the information;
- What measures ESAC takes to protect the information under its control; and
- How users can correct any inaccuracies in the information.
If you have questions or concerns regarding this statement, please contact ESAC by sending an e-mail to info@ESACmail.org.
YOUR INFORMATION AND HOW WE MAKE USE OF IT
Visiting the ESAC Site:
The ESAC site collects two kinds of information: (i) information that identifies you or your company (collectively, “Personally Identifiable Information”); and (ii) information that does not identify any person or company (such as browser type, operating system type, access time and page views) (collectively, “Non-Personally Identifiable Information”). As a general policy, only Non-Personally Identifiable Information is automatically collected from your visit to the ESAC site.
Information Collected During the Application and Accreditation Process:
If you choose to apply for accreditation, you will be asked to provide us with certain specific information about yourself and/or your company currently collected offline. This information will include (i) contact information such as your name, phone number, fax number, mailing/e-mail address, and your company’s name, phone number, fax number, mailing/e-mail address and primary contact person (collectively, “Contact Information”); and (ii) information about your company’s policies, procedures, operations and staff as they pertain to the financial, ethical and operational standards required for accreditation (collectively, “Business Information”). During the application process and initial accreditation process, we will only share your Contact Information and Business Information with the ESAC staff and service providers that are involved in verifying your company’s compliance with the accreditation requirements. None of these individuals will be employed by or own a financial interest in any other company in the same or similar business as your company, and all of these individuals will have executed a non-disclosure confidentiality agreement with respect to information provided to them by ESAC. Your Contact Information and Business Information will only be shared with Independent Directors on the ESAC Board of Directors if it is determined by ESAC staff and service providers that, in their opinion, your company is in compliance with the requirements for accreditation. These Directors also will have executed a non-disclosure confidentiality agreement similar to the agreement executed by ESAC staff. You will be invited to be present or to send a representative when your application is discussed by the ESAC Independent Directors. You also have the right to request the recusal of any Director that you believe has a conflict of interest with you or your company. ESAC will not share your Business Information with any Director that has been recused at your request. If the ESAC Independent Directors approve your company for accreditation, ESAC will make a press release and update the ESAC site identifying by company name, address, phone number and website address the fact that your company is now accredited, but no other Contact Information or Business Information will be released to the public without your express written permission. ESAC will also make available your company’s Contact Information and Business Information to any state and federal regulator to whom you have authorized access to such information on the ESAC site as part of your request to take advantage of ESAC’s alternative registration/licensing compliance program as approved by that state or federal agency. It will be your responsibility to notify ESAC of your desire to cancel any such access to this confidential information.
The Internet service provider that hosts our website will have a site administrator with the ability to access all such information as part of website maintenance, but this company and its programmers have signed a non-disclosure agreement with us. We will maintain your Contact Information and Business Information in our secure and protected information databases as long as you maintain the accreditation. If you or we terminate your accreditation application or your accreditation status for any reason, we will deactivate this information unless you submit a written request that we retain this information pending future accreditation actions.
If you wish to take advantage of a voluntary and free subscription to the ESAC Edge, ESAC’s e-newsletter, your e-mail address will only be used to send newsletter issues to you. If you wish to opt-out of receiving the ESAC Edge, please follow the unsubscribe link within the welcome e-mail or in the footer of each newsletter OR you may e-mail us at info@ESACorp.org to have your e-mail address removed.
We do not resell, trade or rent any of your personally identifiable information to anyone.
Non-Personally Identifiable Information:
We may aggregate Non-Personally Identifiable Information to create statistical data, which will be used to help analyze site traffic and improve our services. We may also use such aggregated information to describe ESAC’s website services to potential partners or other third parties. At no point, however, will the aggregated information identify you, your business or your clients.
We reserve the right to disclose any Personally Identifiable Information or Non-Personally Identifiable Information if required to do so by law or if we believe that such action is necessary in order to (i) conform with the requirements of the law or to comply with legal process served on ESAC; (ii) to protect or defend the legal rights or property of ESAC, the ESAC site, or its users; or (iii) in an emergency to protect the health and safety of ESAC’s website users or the general public.
Technologies such as cookies, beacons, tags and scripts are used by ESAC and our analytics and programming service providers. These technologies are used in analyzing trends, administering the site, tracking users’ movements within the site and gathering demographic information about our user base. We may receive reports based on the use of these technologies by these companies on an individual as well as aggregated basis.
As is true of most websites, we gather certain information automatically and store it in log files. This information includes internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and clickstream data.
We use this information, which does not identify individual users, to analyze trends, to administer the site, to track users’ movements around the site and to gather demographic information about our user base as a whole. We do not link this automatically-collected data to personally identifiable information.
SOCIAL MEDIA WIDGETS
We have security measures in place to protect against the loss, misuse and alteration of the information under our control, both online and offline.
The ESAC site operates secure data networks protected by industry standard firewall and password protection systems. We use a reputable third party company for 128-bit encryption of data being sent via the Internet between the browser and our servers. The servers on which we store your personally identifiable information are kept in a secure environment using industry-standard back-up and security procedures and protections.
All application, accreditation and user information is restricted in our offices. Only employees who need the information to process your accreditation or provide the Services are granted access to personally identifiable information. All employees have been verified as having a history of honesty and trustworthiness and have signed a non-disclosure agreement prohibiting the unauthorized disclosure, use or distribution of any client or user-related information. Furthermore, all employees are kept up-to-date on our security and privacy policies and practices and on the importance of maintaining and working with all client information in a secure and confidential manner.
Access to ESAC’s office is restricted after normal business hours with security cards required for entry into the building and keys required for office access. The building is also equipped with security cameras and a burglar alarm system and has a security guard on the premises after normal business hours and on weekends.
Although we strive to protect our users’ personally identifiable information and privacy, please be advised that we cannot guarantee that the security precautions we take will prevent third parties from illegally obtaining your information. However, our procedures provide you with authentication, confidentiality, and data integrity that meets established industry standards.
Be advised that anyone providing a testimonial will have their name, title and possibly the name of their company displayed for public viewing. If you wish to update or delete your testimonial, you can contact us at info@ESACorp.org.
TRANSFER OF ASSETS
NOTIFICATION OF CHANGES
We will retain your information for as long as needed to provide you services. If you wish to terminate your accreditation or request that we no longer use your information to provide you services contact us at info@ESACmail.org. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
CHANGES TO INFORMATION AND QUESTIONS
Each participating user can access and update their personally identifiable information online. Each participating firm also has one or more designated account administrators that can add or delete users and access and update the information of the participating firm and that of all of its users.