QDiligence, LLC Online Privacy Policy

 

Your privacy and protecting the information provided about you is important to us.

QDiligence, LLC (“QDiligence”) provides online questionnaire services (“Service(s)”) to corporate clients (“Client(s)”). Part of the Services are provided via a secure, password protected web application (“Application”) according to the terms of a written agreement between QDiligence and a Client (“Subscription Agreement”). This Online Privacy Policy explains how we collect, share, use, and protect information when you visit www.qdiligence.com (the “Website”) or use the Application.


What Information Is Collected

IP Addresses and Web Logging

While browsing the Website or using the Application, we automatically collect your Internet Protocol (IP) address, browser type, and the date and time that you accessed the Website or Application along with other industry standard web log file information. This information is not tied to any individual unless the user has authenticated with the Application. If an authenticated user is using or accessing the Application, we also capture proprietary application log information which may additionally include device name and model and operating system identification.

Application Data Submitted By Client Users

Each Client determines which individuals (“Client Users”) are permitted to access the Application as well as their level of access. Client Users may or may not be employees of the Client’s organization. Client Users may submit data (“Data”) into the Application while using the Service and may also cause the Application to process such Data. Clients and Client Users determine what, if any, Personal Information is submitted to the Application and are solely responsible for the contents of Data provided.

How Information Is Used

Automatically Collected Information

Information we automatically collect may only used to personalize your experience, improve the Website and/or the Application, and to provide our Services.

Application Data Submitted By Client Users

Data submitted or otherwise provided by Clients and Client Users is contractually owned by the applicable Client and is only used by QDiligence to provide our Services.

Data Retention

We retain Data for as long as is required to provide the Services and as needed to comply with our legal obligations, resolve disputes, and enforce our agreements.

Onward Transfer of Data/Personal Information

QDiligence will transfer Data/Personal Information only as is permitted by a Client in the applicable Subscription Agreement. QDiligence does not transfer onward any Data/Personal Information in human-readable (i.e., unencrypted) form, with the exception of the Application making Data/Personal Information available to Client Users in the course of their authorized use of the Services. QDiligence stores Data/Personal Information at a service provider whose facilities house the Data and the Application. Such Data/Personal Information are encrypted in transit and at rest so the service provider has no access to any Data/Personal Information. The service provider does not have or otherwise control the encryption keys to either the in-transit or at-rest Data/Personal Information. All secure hosting and emergency backup hosting facilities are located within the United States.

QDiligence may disclose Data/Personal Information if it exists within information required to be disclosed by legal process or otherwise required by law. To the extent that the information is designated confidential or otherwise protected in a Subscription Agreement, QDiligence will follow any applicable provisions regarding Client notification and pursuit of a protective order set forth in the applicable Client Agreement. QDiligence reserves the right to transfer Data/Personal Information in the event of a sale or transfer of QDiligence business or assets. Should such a sale or transfer occur, the transferee would be obligated to protect Data/Personal Information according to the terms in all applicable Subscription Agreements.

Cookies and Tracking

Cookies are small files that a site or its service provider transfers to a computer hard drive through your Web browser (if you allow) that enables the sites or service providers systems to recognize your browser and capture and remember certain information.

  • In the Website we use Google Analytics cookies to compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future. Google cookies contain no personally identifiable information. More information can be found here http://www.google.com/analytics/learn/privacy.html. We do not use Google Analytics or any other third party cookies within the Application.
  • In the Application we use session cookies after you have authenticated to allow you to move through the site without reauthenticating. These cookies contain no personally identifiable information and are removed when you close your web browser or if you logout from the Application.
  • We do not use persistent cookies.
  • We do not use any other tracking mechanisms (beacons, tags, scripts, etc.) on the Website or the Application.

Links to Other Sites

We may include or offer third party products or services on the Website. Clients may also submit or provide Data that contains links to third party sites within the Application for the benefit of their Client Users. These third party sites have separate and independent privacy policies and have no responsibility or liability for the content or activities of these linked sites.

Security

QDiligence maintains reasonable administrative, technical and physical safeguards to protect Data/Personal Information from loss, misuse and unauthorized access, disclosure, alteration and destruction. All Data/Personal Information submitted to the Application is encrypted during transmission of that information using secure socket layer technology (SSL)/transport layer security technology (TLS), is encrypted while at rest in storage and double encrypted within remote system backups. General security information can be found at QDiligence.com/Security and further information is provided, on a confidential basis, in the applicable Subscription Agreement to provide Clients greater detail regarding QDiligence security measures.

EU-U.S. Privacy Shield Framework / Swiss-U.S. Privacy Shield Framework

 

QDiligence complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union and Switzerland to the United States, respectively. QDiligence has certified that it adheres to the Privacy Shield Principles. If there is any conflict between the policies in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/.

Notice

QDiligence does not have a direct relationship with individuals whose Personal Information is included in Data. Clients, as Data Controllers, are responsible under applicable law for providing the required notice to individuals. The form of such notice is determined by the data protection law applicable to the relevant Client.

QDiligence does not use Personal Information or Data for any purpose other than the fulfillment of QDiligence obligations to its Clients under the applicable Subscription Agreement.

Choice

Clients are responsible for providing choice to individuals as to whether their Personal Information included in Data may be disclosed to QDiligence or used for a purpose that is incompatible with the purpose(s) for which the information was originally collected or subsequently authorized by the individual.

Accountability for Onward Transfer of Data/Personal Information

QDiligence will transfer Data/Personal Information only as is permitted by a Client in the applicable Subscription Agreement. QDiligence does not transfer onward any Data/Personal Information in human-readable (i.e., unencrypted) form, with the exception of the Application making Data/Personal Information available to Client Users in the course of their authorized use of the Services. QDiligence stores Data/Personal Information at a service provider whose facilities host the Data and the Application. Such Data/Personal Information are encrypted in transit and at rest so the service provider has no access to any Data/Personal Information. The service provider does not have or otherwise control the encryption keys to either the in-transit or at-rest Data/Personal Information. All secure hosting and emergency backup hosting facilities are located within the United States. QDiligence may be required to disclose Data/Personal Information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements. In cases of onward transfer to third parties of data of EU and Swiss individuals received pursuant to the EU-U.S. and Swiss-U.S. Privacy Shields, QDiligence is potentially liable.

To the extent that the information is designated confidential or otherwise protected in a Subscription Agreement, QDiligence will follow any applicable provisions regarding Client notification and pursuit of a protective order set forth in the applicable Client Agreement. QDiligence reserves the right to transfer Data/Personal Information in the event of a sale or transfer of QDiligence business or assets. Should such a sale or transfer occur, the transferee would be obligated to protect Data/Personal Information according to the terms in all applicable Subscription Agreements.

Access to Personal Information

Clients are responsible, pursuant to applicable law, for providing Client Users with reasonable access to their Personal Information and/or Data and allowing Client Users to correct, amend and delete their information, as required by applicable law. Client Users have the right to access, correct and delete their Personal Information/Data. To exercise these rights, Client Users should contact the appropriate Client that transferred their Personal Information to QDiligence. QDiligence will cooperate fully with its Clients in responding to any such request. In the event a request is made directly to QDiligence, QDiligence will notify the applicable Client for appropriate resolution and will respond within a reasonable period of time.

QDiligence may not respond to repetitious or vexatious requests for access.

Security

QDiligence maintains reasonable administrative, technical and physical safeguards to protect Data/Personal Information from loss, misuse and unauthorized access, disclosure, alteration and destruction. All Data/Personal Information submitted to the Application is encrypted during transmission of that information using secure socket layer technology (SSL)/transport layer security technology (TLS), is encrypted while at rest in storage and double encrypted within remote system backups. General security information can be found at QDiligence.com/Security and further information is provided, on a confidential basis, in the applicable Subscription Agreement to provide Clients greater detail regarding QDiligence security measures.

Data Integrity

Clients are responsible, pursuant to their contractual relationships with QDiligence, for taking reasonable steps to ensure that the Personal Information and/or Data is reliable for its intended use, accurate, complete, and current.

Enforcement

QDiligence reviews its compliance with this Policy and its Privacy Policy at least once a year in order to verify that the assertions made in them are true and that the practices which these Policies contains are implemented correctly. During such review, QDiligence will examine whether these Policies are accurate, comprehensive, prominently displayed, completely implemented, and accessible. Further, QDiligence will review whether these Policies conform to the EU-U.S. and Swiss-U.S. Privacy Shield Principles; individuals are informed of any arrangements for pursuing complaints; it has in place procedures for training employees in implementing these Policies, and disciplining them for failure to follow them; and it has internal procedures for conducting objective reviews of compliance.

QDiligence will investigate any breach of this Policy and its Privacy Policy that has been reported to QDiligence.

QDiligence is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).

Dispute Resolution

In compliance with the EU-U.S. and Swiss-U.S. Privacy Shield Principles, QDiligence commits to resolve complaints about your privacy and our collection or use of your personal information. European Union and Swiss individuals with inquiries or complaints regarding this privacy policy should first contact QDiligence at:

Chief Information Security Officer
QDiligence LLC
1600 Golf Road, Suite 1200
Rolling Meadows, IL 60008

or by contacting us through our website www.QDiligence.com.

QDiligence has further committed to refer unresolved privacy complaints under the EU-U.S. and Swiss-U.S. Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information and to file a complaint.

Please note that if your complaint is not resolved through these channels, under limited circumstances, a binding arbitration option may be available before a Privacy Shield Panel.

 

Childrens Online Privacy Protection Act Compliance

We are in compliance with the requirements of COPPA (Childrens Online Privacy Protection Act), we do not collect any information from anyone under 13 years of age. Our website, products and services are all directed to people who are at least 13 years old or older.

Your Consent

By using the site, you agree to this Privacy Policy.

How To Contact Us

Please address any questions or concerns regarding this Policy or QDiligence practices concerning Personal Information and/or Data by contacting us through our website: www.QDiligence.com or by writing to: Chief Information Security Officer, QDiligence LLC, 1600 Golf Road, Suite 1200, Rolling Meadows, IL 60008.

Notification of Changes

Any material changes to QDiligence Privacy Policy will be posted here and other places QDiligence deems appropriate, such as the Website or Application.

 

This Privacy Policy was last revised on April 12, 2017.