Effective: December 13, 2023
This Policy does not apply to information we collect about employees, job applicants, and independent contractors.
For purposes of this Policy, “Personal Information” means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with an individual, or particular consumer or household. It does not include de-identified or aggregate information, or public information lawfully available from governmental records.
Personal Information We Collect and Have Collected in the Past 12 Months – Sources and Categories
In the 12 months preceding the date of this Policy, we may have collected your Personal Information when you visited our Sites, requested information about our products or services, provided us with your information at a conference or other event, clicked through links on our Sites to watch or listen to archived events or presentations, or when you voluntarily provided information to us through our web portal, email or phone number. We also collect Personal Information when we purchase potential marketing leads from third parties. We will continue to collect Personal Information from the same sources.
The categories of Personal Information we may have collected from these sources during the 12 months preceding the date of this Policy, and will continue to collect, include the following:
- Personal identifiers: Name, physical or postal address, email address, telephone numbers, company name, account name and password, IP address or other unique identifier.
- Financial information: Credit and debit card information.
- Commercial information: Records of products and services purchased or considered, consuming histories or tendencies.
- Professional information: Job title, role, employer, employment history.
- Internet or other electronic activity information: Device and browser type, operating system, access times, domain name, your browsing and search history on our Sites (i.e., the actions taken in connection with the Site) and amount of time spent on the Sites, the website from which you arrived at our website, and information regarding your interaction with our Sites and our advertisements.
- Inferences drawn from any of the Personal Information identified above.
If you do not want to disclose your Personal Information to us, please do not submit it. However, if you withhold requested information, we may not be able to accept or progress your submission of interest, fulfil your request or respond to your communications more generally. We also may collect additional categories of Personal Information on behalf of our customers, for whom we act as a service provider.
Purposes for Collection of Personal Information
We may use the Personal Information you give us to carry out the following purposes:
|Lawful Basis (where relevant)
|To contact you and to respond to your requests and enquiries when you contact us.
|We have a legitimate interest to respond to your requests and enquiries for ongoing business administration.
|To provide goods or services to you, including to facilitate your participation in virtual or in-person meetings.
To manage and maintain our relationships with you and for ongoing customer service.
To enforce or defend our rights, ourselves, or through third parties to whom we delegate such responsibilities.
|To manage and perform our contract with you.
We have a legitimate interest to properly manage and administer our relationship with you and to ensure that we are effective and efficient as we can be.
|To contact you to tell you about products and services offered by us as well as other promotions which we believe may interest you unless you advise us that you do not wish to receive marketing or market research communications from us.
|If applicable law requires that we receive your consent before we send you certain types of marketing communications, we will only send you those types of communications after receiving your consent.
If you wish to stop receiving marketing or market research communications from us you can unsubscribe via the link at the bottom of the relevant marketing email or contact us using the contact details below.
We have a legitimate interest to carry out direct marketing.
|For tailored advertising on third party sites either because of the website you are viewing, or based on your interests, which we have inferred from your information.
|With your consent, if required by applicable law.
If you no longer wish to see tailored advertising, you can amend your cookie preferences (see Cookies section below).
|To personalize your visit to the Site, to monitor or improve the Sites and to assist you while you use the Sites.
|We have a legitimate interest to properly manage and administer our relationship with you and to ensure that we are effective and efficient as we can be.
|To improve the operation of the Sites by helping us understand who uses the Sites.
|We have a legitimate interest to properly manage and administer our relationship with you and to ensure that we are effective and efficient as we can be.
|For business administration, including statistical analysis.
|We have a legitimate interest to properly manage and administer our relationship with you and to ensure that we are effective and efficient.
|To share data with policy, law enforcement, tax authorities or other government and fraud prevention agencies where we have a legal obligation, including screening transactions, reporting suspicious activity and complying with production or court orders.
To investigate and resolve complaints and manage regulatory matters, investigations and litigation.
To monitor electronic communications for investigation and fraud prevention purposes, crime detection and prevention and investigation.
To comply with any of our applicable legal or regulatory obligations. For example, if you are a business customer, we need to process your information to verify your identity and undertake necessary due diligence checks.
|We have a legitimate interest to manage our business including for legal, personnel, administrative and management purposes and for the prevention and detection of crime provided our interests are not overridden by your interests.
To comply with our legal or regulatory obligations.
Please note that where you are located in the European Economic Area (“EEA”), the UK or Switzerland, you have a right to object to processing of your Personal Information where that processing is carried out for our legitimate interest.
Consequences of Not Providing your Personal Information
Where we require your Personal Information to comply with our legal or contractual requirements, failure to provide this information means we may not be able to process your order and/or provide services to you. We will tell you when we ask for your Personal Information whether it is a statutory or contractual requirement to give us the Personal Information and the consequences of not providing such Personal Information.
Disclosure of Personal Information For Business Purposes in the Past 12 Months
The following chart describes the categories of Personal Information that we disclosed to third parties for a business purpose in the 12 months prior to the date of this Policy:
|Categories of Consumers’ Personal Information
|Categories of Third Parties with Which We Shared Personal Information for a Business Purpose
|Personal identifiers: Name, physical or postal address, email address, telephone numbers, company name, account name and password, IP address or other unique identifier.
|Service providers that provide customer relationship management (CRM) services; delivery and fulfillment services (e.g., postal couriers and carriers), assist us in operating, analyzing, and displaying content on our website; provide analytics information; advertise or market our products; provide website hosting, webcast and teleconference services; provide legal and accounting services.
|Financial information: Credit and debit card information.
|Internet or other electronic network activity information: Device and browser type, your browsing and search history on our Sites, and information regarding your interaction with our Sites and our advertisements.
|Service providers that provide data security services and cloud-based data storage; host our Sites and assist with other IT-related functions including podcast delivery; provide website hosting, webcast and teleconference services; advertise and market our products; and provide analytics information.
|Inferences drawn from any of the Personal Information identified above.
|Service providers that provide data analytics support.
Additional Information About How We May Share Personal Information
We may also share your Personal Information: (i) to third parties (including regulators and courts) to comply with legal or regulatory obligations or in response to valid legal requests, including to the extent required by law, regulation, subpoena, court order, or similar legal, judicial, administrative or governmental process or procedure; (ii) when we believe in good faith that disclosure is legally required or otherwise necessary to protect our rights and property or the rights, property or safety of others, including to law enforcement agencies, and judicial and regulatory authorities; (iii) to help detect and protect against fraud or data, technical or security vulnerabilities; or (iv) in the event of a sale, merger, reorganization of our entity or other restructuring.
We do not and, in the 12 months preceding the data of this Policy, have not, sold Personal Information, including the Personal Information of minors under 16 years of age.
International Transfers Outside of the EEA, the UK or Switzerland
When you are based in the EEA, the UK or Switzerland, Personal Information collected from you, including via the Site, may be transferred to certain recipients located outside the EEA, the UK or Switzerland (e.g., the United States), which do not provide a similar or adequate level of data protection to that provided by countries in the EEA, the UK or Switzerland. We will ensure that any transfers of Personal Information outside of the EEA, the UK or Switzerland are carried out in accordance with relevant data protection laws.
Accountability for Onward Transfers
ALOM may transfer Personal Information for the purposes described in this Policy to a third party acting as a data controller or as an agent. If we intend to disclose Personal Information to a third party acting as a data controller or as an agent we will comply with, and protect, Personal Information as provided in the Accountability for Onward Transfer DPF Principles.
We remain responsible for the processing of Personal Information received under the DPF Principles and subsequently transferred to a third party acting as an agent if the agent processes such Personal Information in a manner inconsistent with the DPF Principles, unless we prove that we are not responsible for the event giving rise to the damage.
Redress, Enforcement, and Liability
In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, ALOM commits to resolve DPF Principles-related complaints about our collection and use of your personal information. As noted below, in certain circumstances, you may invoke binding arbitration proceedings with ALOM. EEA, UK, and Swiss individuals with inquiries or complaints regarding this Policy should first contact ALOM at:
Email: [email protected]
Mail: Office of the CPO
ALOM, 48105 Warm Springs Blvd., Fremont, CA 94539
Phone: 1-800-500-9991 (toll-free)
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, ALOM commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF to ICDR-AAA DPF IRM Service, an alternative dispute resolution provider based in the United States that is able to conduct a binding arbitration proceeding between yourself and ALOM. If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit https://go.adr.org/dpf_irm.html for more information or to file a complaint. The services of ICDR-AAA DPF IRM Service are provided at no cost to you.
The Federal Trade Commission has jurisdiction over ALOM’s compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF).
Cookies and Other Tracking Technologies
Cookies are small, sometimes encrypted text files that are stored on computer hard drives by websites that you visit. They are used to help users navigate websites efficiently as well as to provide information to the owner of the websites. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, please visit www.allaboutcookies.org. This website will also explain how you can delete cookies which are already stored on your device. However, without these identifier files you may not have access to many features that may make your browsing of our Sites smoother, and some of our services may not function properly.
Where you have requested it, we may contact you by email to provide information regarding events, products, services and content that may be of interest to you, unless you advise us that you do not wish to receive marketing communications from us. If applicable law requires that we receive your consent before we send you certain types of marketing communications, we will only send you those types of communications after receiving your consent. If you wish to stop receiving marketing communications from us, or would like to stop processing your Personal Information in any other way, please email [email protected] or send a letter to ALOM, Chief Privacy Officer, 48105 Warm Springs Blvd., Fremont, CA 94539, USA, indicating the email address or name and postal address for which marketing communications should be discontinued. It is helpful to include information about the last mailing/contact received, including a brief description of the mailer or contact you received so that we can attribute it to the appropriate customer. There is no charge to opt out.
European, UK and Swiss Privacy Rights
Where you are located in the EEA, the UK or Switzerland, you may have certain data privacy rights which may be subject to limitations and/or restrictions. These rights include the right to:
- request access to Personal Information we hold about you;
- the correction of your Personal Information when incorrect, out-of-date or incomplete;
- request that we erase your Personal Information;
- opt-out of any marketing communications that we may send you and to object to us using/holding your Personal Information;
- request that we restrict the processing of your Personal Information (i.e., we would need to secure and retain the data for your benefit but not otherwise use it);
- withdraw your consent at any time; and
- the portability of your Personal Information (i.e., ask for a copy of your Personal Information to be provided to you, or a third party in a digital format).
We will respond to your request in writing or orally if requested, as soon as practicable and in any event not more than within one month after receipt of your request. In exceptional cases, we may extend this period by two months and provide you with reasons. We may request proof of identification to verify your request.
You also have the right to lodge a complaint about the processing of your Personal Information with your local data protection authority. For more details in relation to your rights including how to exercise them, please feel free to contact [email protected].
California Privacy Rights
If you are a California resident, you may have separate rights regarding your Personal Information, in accordance with California law.
California Consumer Privacy Act
The California Consumer Privacy Act (CCPA) gives California residents rights described below with respect to their Personal Information.
Your Right To Request Disclosure of Information We Collect and Share About You
We are committed to ensuring that you know what Personal Information we collect. To that end, you can ask us for any or all of following types of information regarding the Personal Information we have collected about you in the 12 months prior to our receipt of your request:
- Specific pieces of Personal Information we have collected about you;
- Categories of Personal Information we have collected about you;
- Categories of sources from which such Personal Information was collected;
- Categories of Personal Information that the business sold or disclosed for a business purpose about the consumer;
- Categories of third parties to whom the Personal Information was sold or disclosed for a business purpose; and
- The business or commercial purpose for collecting or selling your Personal Information.
Your Right To Request Deletion of Personal Information We Have Collected About You
Upon your request, we will delete the Personal Information we have collected about you, except for situations where the CCPA authorizes us to retain specific information, including when it is necessary for us to provide you with a good or service that you requested; perform a contract we entered into with you; maintain the functionality or security of our systems; or comply with or exercise rights provided by the law. The law also permits us to retain specific information for our exclusively internal use, but only in ways that are compatible with the context in which you provided the information to us or that are reasonably aligned with your expectations based on your relationship with us. We will act on your deletion request within the timeframes set forth below.
Exercising Your Rights and How We Will Respond
To exercise any of the rights above, or to ask a question, please send an e-mail to [email protected], contact us at 1-800-500-9991, or use the contact details set out at the end of this Policy. To request a deletion you may also use the Contact Us form by choosing Personal Information Removal in the I am interested in chooser and submitting the form.
For requests for access or deletion, we will first acknowledge receipt of your request within 10 business days of receipt of your request. We provide a substantive response to your request as soon as we can, generally within 45 days from when we receive your request, although we may be allowed to take longer to process your request under certain circumstances. If we expect your request is going to take us longer than normal to fulfill, we will let you know.
For requests to stop the sale of your Personal Information, we will comply no later than 15 business days after receipt of your request.
We usually act on requests and provide information free of charge, but we may charge a reasonable fee to cover our administrative costs of providing the information in certain situations. In some cases, the law may allow us to refuse to act on certain requests. When this is the case, we will endeavor to provide you with an explanation as to why.
Our Commitment to Honouring Your Rights
If you exercise any of the rights explained in this Policy, we will continue to treat you fairly. If you exercise your rights under this Policy, you will not be denied or charged different prices or rates for goods or services, or provided a different level or quality of goods or services than others.
Verification of Identity – Access or Deletion Requests
We will ask you for identifying information and attempt to match it to information that we maintain about you.
If we are unable to verify your identity with the degree of certainty required, we will not be able to respond to your request. We will notify you to explain the basis of the denial.
Ensuring Veracity of Opt-Out Requests
If we have a good-faith, reasonable belief that a request to opt-out of the sale of Personal Information is fraudulent, we may deny the request. Should this occur, we will inform you and explain why we believe the request is fraudulent.
You may designate an agent to submit requests on your behalf. The agent must be a natural person or a business entity that is registered with the California Secretary of State.
If you would like to designate an agent to act on your behalf, you and the agent will be required to provide us with proof of the agent’s identity and proof that you gave the agent signed permission to submit a request on your behalf. Additionally, you will be required to verify your identity by providing us with certain Personal Information as described above or provide us with written confirmation that you have authorized the agent to act on your behalf.
Please note that this subsection does not apply when an agent is authorized to act on your behalf pursuant to a valid power of attorney. Any such requests will be processed in accordance with California law pertaining to powers of attorney.
Requests for Household Information
There may be some types of Personal Information that can be associated with a household (a group of people living together in a single dwelling). Requests for access or deletion of household Personal Information must be made by each member of the household. We will verify the identity of each member of the household using the verification criteria explained above and will also verify that each household member is currently a member of the household.
California Shine the Light
California Civil Code Section 1798.83, also known as the “Shine the Light” law, permits California residents to annually request, free of charge, information about certain categories of Personal Information a business has disclosed to third parties for direct marketing purposes in the preceding calendar year. For information, please contact us by sending an e-mail to [email protected], or by calling our toll-free telephone number at 1-800-500-9991.
California Do Not Track
Some browsers have a “do not track” feature that lets you tell websites that you do not want to have your online activities tracked. We do not track website visitors over time and across third party websites. At this time, our Sites do not respond to browsers’ do not track signals.
Nevada Privacy Rights
Nevada law gives residents of Nevada the right to opt out of the sale of their Personal Information. We do not sell the Personal Information of Nevada residents.
Personal Information of Minors
Our products and services are not directed to minors under the age of 13. We do not knowingly sell the Personal Information of minors under the age of 16.
Third Party Websites
Our Sites may contain links to other third-party websites, which may have privacy policies that differ from our own. We are not responsible for the activities and practices that take place on these websites. Accordingly, we recommend that you review the privacy policies posted on any website that you may access through our Sites.
How We Keep Your Personal Information Secure
We implement and maintain reasonable security measures appropriate to the nature of the Personal Information that we collect, use, retain, transfer or otherwise process. Those measures include administrative, physical and technical safeguards to protect the security, confidentiality and integrity of Personal Information. However, data security incidents and breaches can occur due to a variety of factors that cannot reasonably be prevented; therefore, our safeguards may not always be adequate to prevent all breaches of security.
Retention of Personal Information
The Company retains your Personal Information for as long as it needs for a legitimate business purpose. The criteria used to determine the retention periods include: (i) how long the Personal Information is needed to provide our products and services; (ii) the type of Personal Information collected; and (iii) whether we are subject to a legal, contractual or similar obligation to retain the data (e.g., mandatory data retention laws, government orders to preserve data relevant to an investigation, or data that must be retained for the purposes of litigation or disputes).
Changes to This Policy
We will review and update this Policy periodically. We will notify you of material changes to it by posting on our Sites notification that the Policy has been updated and by updating the date of the Policy.
We are committed to ensuring that our communications are accessible to people with disabilities. To make accessibility-related requests or report barriers, please contact us at [email protected] or 1-800-500-9991.
If there are any questions regarding this Policy or if you wish to exercise any of your privacy rights, or request a copy of this Policy in another format you may contact us by sending an e-mail to [email protected], a letter to Office of the CPO, ALOM, 48105 Warm Springs Blvd, Fremont, CA 94539, by calling our toll-free telephone number at 1-800-500-9991, or by visiting our website at https://www.alom.local/contact-us.