Effective date:  4/25/2017

Your privacy is important to Oversight Systems (“Oversight”). This Privacy Policy (this “Policy”) provides information about the data Oversight Systems collects on our website and while providing our auditing and compliance solutions via our software-as-a-service offering, and the ways in which Oversight Systems uses that information.  This Policy also covers our treatment of personal information; this Policy does not apply to the practices of third parties that Oversight Systems does not own or control, or of persons that Oversight Systems does not currently employ or manage.

Privacy Shield

Oversight complies with the EU-U.S. Privacy Shield Framework and the Swiss–U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States, respectively.  Oversight has certified to the Department of Commerce that it adheres to the Privacy Shield Principles.  If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.  To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/. Oversight is responsible for the processing of personal data it receives under the Privacy Shield Framework and subsequently transfers to a third party acting as an agent on its behalf. Oversight complies with the Privacy Shield Principles for all onward transfers of personal information from the EU, including the onward transfer liability provisions. With respect to personal information received or transferred pursuant to the Privacy Shield Framework, Oversight is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission.

Use of Cookies

Oversight Systems uses a first party cookie to track visitor activity on our websites.  If you do not want this site to place a cookie on your browser and track your activity, you may leave the site or you may browse the site using privacy mode in your web browser. To learn how to use privacy mode, refer to the links below depending on the browser you use.

What is Personal Information?

For the purposes of this Policy, personal information is defined as any information that identifies an individual or relates to an identifiable individual, including: name, title, company name, job function, postal address, telephone number, or email address.  Personal information does not include information that cannot be associated with or tracked back to a specific individual or other non-identifying information.

Oversight Systems may collect and use the following kinds of personal information:

  • details provided for the purpose of registering with and using our website, such as your name, email address, mailing address, and/or phone number; and
  • details (including employee names and work email addresses provided by Clients as part of their service subscription) provided for the purpose of providing the services.

How Oversight Systems Uses Your Information

Oversight may use personal information provided by visitors to our website for marketing purposes. We may also use this information to improve the content of our website as well as to provide visitors with a more relevant overall experience with our organization and our website.  As between Oversight and its visitors, each visitor owns and retains all right, title, and interest in and to its data, including personal information.  Oversight will only use and possess the data as provided in this Policy and for purposes of providing the applicable services to our customers.

The parties acknowledge that in relation to any data controlled and owned by a client and processed by Oversight in connection with the provision of the services (“Data”): (a) Oversight is acting solely as a ‘Data Processor’ and has no discretion regarding the purpose(s) for which such Data is processed; and (b) Oversight will only access, use, disclose, retain or otherwise Process such Data in accordance with the provisions of the applicable agreement.  Oversight will provide cooperation and assistance to its clients as may be reasonably required for purposes of compliance with the applicable Data Laws.

How Oversight Systems Shares Your Information

Oversight Systems only uses or shares the personally identifiable information provided to us in ways described in this Policy and only to the extent necessary to provide our services.  If Oversight Systems discloses your personal information to any of our agents or subcontractors for the purposes of marketing or providing our services, the agent or subcontractor is obligated to use that personal information solely for purposes of providing our services to you. 

Oversight Systems may disclose your personal information to the extent that it is required to do so by law, including to meet national security or law enforcement requirements, or in connection with any legal proceedings or prospective legal proceedings, and to establish, exercise or defend its legal rights.

How Oversight Systems Secures Your Data

Oversight has implemented physical, technical, and organizational measures and safeguards with respect to personal information and the processing of the same against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosures or access, and against all other unlawful forms of processing, consistent with this Policy and with the applicable laws. Oversight limits access to Data to its personnel who have a business need to access the Data in the provision of services under the applicable services agreement.  More information can be found in our Data Management and Security Policy available from the Oversight Systems home page under “Security Policy”.

Accessing Your Personal Information

To inquire whether or not Oversight holds or processes your personal information please contact us at privacy@oversightsystems.com.  You have the right to contact us to request information about the personal information we have collected from you and to request the correction, modification or deletion of such personal information. Requests made to Oversight to access, change or delete personal information will be addressed or forwarded to the appropriate client acting as Data Controller within 30 business days. We will retain the personal information we collect from you or that we process on behalf of our clients for as long as needed to provide products or services. We will retain and use your personal information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

Choice / Opt-Out

If you are an employee of one of our Clients using the Oversight Service and you (i) no longer would like to have your personal information used by Oversight or the Client, or (ii) request access to personal information or seek to correct, amend, or delete inaccurate personal information or other data provided to Oversight under the direction of our Clients, please contact that Client directly (e.g., the entity who is the data controller). If the Client requests Oversight remove the personal information or other data, we will respond to the Client request within 30 business days.

If you are a visitor to our website and you (i) no longer would like to have your personal information used by Oversight, or (ii) request access to personal information or seek to correct, amend, or delete inaccurate personal information or other data provided to Oversight, or (iii) no longer wish to receive our Company emails, newsletters or other communications, you may contact us by sending us an email at privacy@oversightsystems.com or unsubscribe at any time by using the unsubscribe link located at the bottom of such communication.

Social Media

Oversight Systems may use Facebook, Twitter, LinkedIn or other social media outlets to market and promote its offerings and services. This Policy covers any communications made with Oversight Systems via social media channels.

Our Commitment to Children’s Privacy

Protecting the privacy of the very young is especially important. For that reason, we do not collect or maintain information at our website from those we actually know are under 13. The nature of our business should not attract those under 18 as clients and no part of our website is structured to attract anyone under 13.

Updating This Notice

We reserve the right to modify this Policy at any time. The website will always reflect the most up-to-date version of this document.

Contact Oversight Systems

If you have any questions, concerns or suggestions regarding this Privacy Notice, or your personal information, please contact us at:

Oversight Systems, Inc.
Attn: Privacy Officer
1165 Northchase Pkwy SE
Suite 400
Atlanta, GA  30067

or

privacy@oversightsystems.com

Oversight Systems has further committed to refer unresolved privacy complaints under the Privacy Shield Principles utilizing JAMS International, an alternative dispute resolution provider headquartered in London with additional locations in Amsterdam, Milan, New York and Rome.  If you do not receive acknowledgement of your inquiry, or if your inquiry has not been satisfactorily addressed, you should contact our U.S.-based third party dispute resolution provider (free of charge) at https://www.jamsadr.com/eu-us-privacy-shield. Under certain conditions, more fully described on the Privacy Shield website https://www.privacyshield.gov, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.