Zywave Website Privacy Statement

This privacy statement has been updated as of September 25th, 2023

Zywave Website Privacy Statement

Last reviewed and updated September 25, 2023

Zywave Inc. and its affiliated companies (“Zywave”) are committed to controlling the collection, use and disclosure of your personal information. This Privacy Statement describes how Zywave may collect and handle your non-personal and personal information in connection with your activities with Zywave. You should read this Privacy Statement before using this website and before engaging Zywave for products or services.

Collection and Use of Personal Information

Zywave collects two types of information about individuals: Personal Information and Non-Personal Information.

Personal information means any information about an identifiable individual. The type of personal information that we collect may include, but is not limited to: (i) your name; (ii) contact details such as address, phone number, fax number, or email address; and (iii) credit and/or billing information if you purchase products from us.

Personal information is collected by Zywave when you give it to Zywave directly. We may also receive your personal information indirectly, for example, from our Customers (provided that our Customers confirm to us that you have consented to the disclosure to Zywave of your personal information) or when you share your information through tradeshows or industry marketing partnerships.

Non-personal information means information that cannot identify you. Anonymous information is automatically collected when you use any of Zywave’s internet services (for example our website and software services), this includes, but is not limited to: IP (Internet Protocol) address; server IP address; server port; domain used to access a Zywave Internet service; referring domain or website; type and version of operating system and web browser; search query (keywords entered into a search engine); the date and time the access occurred; which resources were accessed. We only use non-personal information in aggregate form in order to track and improve the efficiency of Zywave’s Internet services.

“Cookies” are small pieces of information that are stored by your browser on your computer’s hard drive. The use of cookies is an industry standard to provide useful features to our customers. Zywave’s cookies enable Zywave to determine what is most effective about our website, identify ways to improve it and tailor it to make it a more positive and relevant user experience. Your web browser may or may not be set to notify you when you are about to accept a cookie. If you refuse to accept a cookie while on Zywave’s websites, you will not be able to access portions of the site. A list of Zywave’s cookies are available at https://www.zywave.co.uk/cookie-usage/. A list of WCL’s cookies are available at https://webconnectivityltd.com/cookie-policy/.

Purposes of the processing

Zywave collects and uses personal information to provide you with the products and/or services you requested or a Zywave Customer has requested on your behalf from Zywave. The processing is necessary for the performance of a contract or for the purposes of our legitimate interests, such as to take steps at your request prior to entering the contract. We may also use your personal information to contact you in order to provide you with product-related information, including: news; training and support; customized services; product documentation; promotional materials; market research; or product application feedback. We will obtain your consent to do so or rely upon our legitimate interests to contact you in this way. You may at any time withdraw any consent you have provided to direct marketing and this will not affect the lawfulness of any processing prior to its withdrawal.

Disclosure of Personal Information

To enable Zywave to efficiently provide the products and services you have requested or received through a Zywave Customer, Zywave may share your personal information with third parties who are acting on Zywave’s behalf. These third parties may include, but not be limited to, agents, suppliers, vendors, contractors, consultants, customers, or service providers. Such service providers include, but are not limited to, IT and security service providers, payment processors, and data storage providers. Such third parties are only provided with such information as is necessary for the purpose of complying with our contracts for the provision of services. Third party agreements are subject to confidentiality. Zywave will not otherwise disclose your personal information to any person or any organization, and Zywave will never sell your personal information to anyone.

Zywave may, however, sell all of its data, which would include personal data held by Zywave, to an acquiring party as part of any merger or sale of substantially all of Zywave’s assets or stock. Also note that Zywave may, upon request from public authorities, be required to disclose personal information for lawful requests. This includes, but is not limited to, requests to meet national security, law enforcement, court proceedings, and government requests.

If you have questions or concerns about the disclosure of your personal information, or if you believe your information has been improperly disclosed by Zywave, contact our Privacy Officer using the contact details at the end of this Privacy Statement.

Maintenance and Accuracy of Information

Zywave will always strive to ensure that personal information it holds about you is accurate and up-to date. Zywave will hold your personal information for as long as we have an ongoing business relationship and will only use the information collected for the purpose for which it was collected unless we inform you otherwise and have lawful grounds to do so. At the time that our business relationship is terminated, we will maintain copies of your personal information as required by applicable law and in accordance with our data retention procedures. At the end of the retention period, your personal information will be destroyed or anonymized and added to our permanent archive of business statistical information for our use.

Zywave is dedicated to keeping its records up to date. As long as we have a business relationship, we will periodically verify that our records are accurate with you. When you engage us for services, we will request that you provide us with authorization to contact you periodically in this regard. If at any time you feel that our records are inaccurate, or that your information has been used for a purpose other than that intended, please contact our Privacy Officer using the contact details at the end of this policy.

Security

Zywave is committed to the security of your personal information. Zywave has policies and procedures in place to protect the security and privacy of your personal information. Personal information shall be protected in a manner commensurate with its sensitivity and reasonable steps will be taken to prevent it from being stolen, lost, accessed, copied, used or modified without permission.

Confidentiality

When you download, view or send to Zywave documents of a confidential nature, we offer the use of a secure server. The secure server software (SSL) encrypts any information that is sent to you and protects against unauthorized access.

Your Rights

If you are a customer in the EU or the UK you will have certain rights under data protection legislation, including a right to access the information that we collect about you. You may ask us to delete information that we hold about you in certain circumstances. Please be aware that it may not be possible for us to delete all of the information we hold about you where we have an ongoing relationship. You may also ask us to stop or restrict our processing of the information we hold about you, and to transfer your personal information to a third party in certain circumstances.

If you believe that there is an error in the information we have on file about you, you can request that we correct the information as necessary. When you make your request we ask that you please provide us with a copy of the updated, correct information. The Privacy Officer will verify the authenticity of the submitted documents, as well as their validity for our purposes prior to updating our records. If you believe that your rights have been violated you have the right to lodge a complaint with the supervisory authority where you believe that your rights have been violated.

International transfers

Zywave is a global business. Your personal data may be transferred within the Zywave group of companies in order for us to perform features of our services which means that it may be transferred to and stored in any country where Zywave has operations or where Zywave engages third parties, including the United States. Those countries may have data protection rules that are different from those of your country and may not have received a finding of “adequacy” from the EEA under Article 41 of the GDPR and/or Article 45 of the UK GDPR. For international transfers, Zywave will ensure that an adequate level of protection is provided for the information by using one or more of the following approaches:

  • Zywave may transfer personal information to countries that have privacy laws that have been recognized by the country from which the data are transferred as providing similar protections for the data.
  • Zywave may enter into written agreements, such as standard contractual clauses, with recipients that require them to provide the same level of protection for the data.
  • Zywave may rely on other transfer mechanisms approved by authorities in the country from which the data are transferred.

Data Privacy Framework

Zywave complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, as set forth by the U.S. Department of Commerce. Zywave has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. If there is any conflict between the terms in this privacy statement and the EU-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

Principles

Notice
Zywave shall inform an individual of the purpose for which it collects and uses the Personal Information and the types of non-agent third parties to which Zywave discloses or may disclose that Information. Zywave shall provide the individual with the choice and means for limiting the use and disclosure of their Personal Information. Notice will be provided in clear and conspicuous language when individuals are first asked to provide Personal Information to Zywave, or as soon as practicable thereafter, and in any event before Zywave uses or discloses the Information for a purpose other than for which it was originally collected.

Application
Zywave commits to apply the Principles to all EU Personal Information it receives in reliance on the Data Privacy Framework program.

Choice
Zywave will offer individuals the opportunity to choose (opt out) whether their Personal Information is (1) to be disclosed to a non-agent third party or (2) to be used for a purpose other than the purpose for which it was originally collected or subsequently authorised by the individual. If an individual wishes to exercise their choice to opt-out they can contact Zywave at [email protected]. For Sensitive Personal Information, Zywave will give individuals the opportunity to affirmatively or explicitly (opt in) consent to the disclosure of the information to a third party or use for a purpose other than the purpose for which it was originally collected or subsequently authorised by the individual. Sensitive Personal Information means personal information specifying medical or health conditions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership or information about an individual’s sexual life.

Onward Transfers
Prior to disclosing Personal Information to a non-agent third party, Zywave shall apply the notice and choice principles. Zywave shall ensure that any third party acting as an agent for which Personal Information may be disclosed subscribes to the Principles or are subject to law providing the same level of privacy protection as is required by the Principles, or that the third party has agreed in writing to provide a level of privacy protection equal to that required by the relevant principles. Zywave acknowledges that it is liable for ensuring compliance of personal information transferred on to third parties for use within its Product Applications.

Data Security
Zywave shall take reasonable steps to protect the Information from loss, misuse and unauthorised access, disclosure, alteration and destruction. Zywave has put in place appropriate physical, electronic and managerial procedures to safeguard and secure the Information from loss, misuse, unauthorised access or disclosure, alteration or destruction.

Data Integrity
Zywave shall only use Personal Information in a way that is compatible with and relevant for the purpose for which it was collected or authorised by the individual. To the extent necessary for those purposes, Zywave shall take reasonable steps to ensure that Personal Information is accurate, complete, current and reliable for its intended use.

Access
Zywave shall allow an individual access to their Personal Information and allow the individual to correct, amend or delete inaccurate information, except where the burden or expense of providing access would be disproportionate to the risks to the privacy of the individual in the case in question or where the rights of persons other than the individual would be violated, or as otherwise prohibited by law. If an individual wishes to exercise access rights they can contact Zywave at [email protected]

Dispute Resolution
Zywave shall investigate questions and complaints about this Privacy Policy and its contents and is committed to resolve privacy concerns of individuals regarding this policy. Zywave has agreed to participate in the dispute resolution procedures of the panel established by the EU data protection authorities (DPAs) to resolve disputes pursuant to the Principles. After submitting an inquiry to Zywave, a resident of the European Union (EU) may contact the EU DPAs should Zywave not address the inquiry. An EU Resident may contact the EU DPAs panel at [email protected] individual EU DPAs using the information found https://edpb.europa.eu/about-edpb/about-edpb/members_en. A resident of the UK may contact the ICO at https://ico.org.uk/global/contact-us/contact-us-public/. In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, Zywave commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner’s Office (ICO) with regard to unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. In the event it should be required and under certain circumstances, an individual may invoke binding arbitration as indicated in Annex I of the EU-U.S. Data Privacy Framework.

Enforcement
Zywave uses a self-assessment approach to assure compliance with this privacy policy and periodically verifies that the policy is accurate, comprehensive for the information intended to be covered, prominently displayed, completely implemented and accessible and in conformity with the Principles. Zywave is subject to the investigatory and enforcement powers of the Federal Trade Commission and any other applicable U.S. authorized statutory body.

Amendments
This Policy may be amended from time to time consistent with the requirements of the Data Privacy Framework. We will post any revised policy on this website.

Changes to this notice

Zywave’s Privacy Statement is not intended to create any contractual or other legal rights in or on behalf of any party. Zywave reserves the right to change this Privacy Statement at any time by posting revisions on its websites.

Contact Information

If you have questions or concerns about this policy, the security or privacy of your personal information, or if you believe your information has been improperly released, please contact Zywave’s Privacy Officer at:

Zywave, Inc.
Attn: Privacy Officer
10100 Innovation Dr., Ste. 300
Milwaukee, WI 53226

[email protected]

We have appointed IT Governance Europe Limited to act as our EU representative. If you wish to exercise your rights under the EU General Data Protection Regulation (EU GDPR), or have any queries in relation to your rights or general privacy matters, please email our Representative [email protected] ensure to include our company name in any correspondence you send to our Representative.