Effective date: May 24, 2018
This policy applies to the Company’s employees, contractors and officers.
The Company has a contract with all Data Processors that it uses in compliance with Article 28 & Article 29 of the GDPR, and ensures that all Data Processors are compliant with Data Protection Legislation.
The policy does not apply to third party services. Where third party services are used, and the third party is not a Data Processor, no Relevant Data (as defined below) is shared with them, or the Relevant Data has been anonymized such that the GDPR does not apply. Information collected by third parties is governed by their privacy practices. We encourage you to learn about the privacy practices of those third parties.
In addition, a separate agreement governs delivery, access and use of the Products (the “User Agreement”).
This policy applies to Relevant Data received and processed only.
Capitalized terms used in this Policy and not otherwise defined shall have the meanings provided below:
Relevant Data - Personal Data and Special Categories of Data are the Relevant Data covered by this policy and as defined in the Data Protection Legislation.
Personal Data - any information relating to an identified or identifiable natural person.
Special Categories of Data - Personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data and data concerning health or a person’s sex life or sexual orientation.
Processing/Processed - any operation on personal data, whether automated or not.
Information We Collect and Receive
When you interact with our Sites and Products, we collect Information that, alone or in combination with other data, could be used to identify you (Personal Data). Some of the Information we collect is stored in a manner that cannot be linked back to you (Non-Personal Data).
Certain data about the devices you use to connect with First Light Solutions and your use of the Sites and/or Products are automatically logged in our systems, including:
- Location information. This is the geographic area where you use your computer and mobile devices (as indicated by an Internet Protocol [IP] address or similar identifier) when interacting with our Sites and/or Products.
- Log data. As with most websites and technology services delivered over the internet, our servers automatically collect data when you access or use our Sites and/or Products and record it in log files. This log data may include the IP address, browser type and settings, the date and time of use, information about browser configuration, language preferences, and cookie data.
- Products and Sites Specific Data. This is information about the First Light Solutions Sites and/or Products you use and how you use them. We may also obtain data from our third-party partners and service providers to analyze how users use our Sites and/or Products. For example, we will know how many users access a specific page on the Site and which links they clicked on. We use this aggregated information to better understand and optimize the Site.
- Device information. These are data from your computer or mobile device, such as the type of hardware and software you are using (for example, your operating system and browser type), as well as unique device identifiers for devices that are using First Light Solutions Products.
What are cookies and how are they used?
Third Party Data
First Light Solutions may receive data about Site visitors, marketing campaigns and other matters related to our business from affiliates and subsidiaries, our partners or others that we use to make our own information better or more useful. This data may be combined with Other Information we collect and might include aggregate level data, such as which IP addresses correspond to zip codes or countries. Or it might be more specific: for example, how well an online marketing or email campaign performed.
Additional Information Provided to First Light Solutions
We receive Other Information when submitted to our Sites or if you participate in a focus group, contest, activity or event, apply for a job, request support, interact with our social media accounts or otherwise communicate with First Light Solutions.
Collection Information from Children
First Light Solutions does not knowingly collect personal information from children under the age of 13. If we determine we have collected personal information from a child younger than 13 years of age, we will take reasonable measures to remove that information from our systems. If you are under the age of 13, please do not submit any personal information through the Site and/or Products. We encourage parents and legal guardians to monitor their children’s Internet usage and to help enforce this Policy by instructing their children never to provide personal information through the Sites and/or Products without their permission.
Using Your Information by First Light Solutions
We use, process, and store your information as necessary to perform our contract with you and for our legitimate business interests, in operating our Sites, Products, Services, and business including:
- to help us administer our Sites and/or Products, authenticate users for security purposes, provide personalized user features and access, process transactions, conduct research, develop new features, and improve the features, algorithms, and usability of our Sites and/or Products;
- As required by applicable law, legal process or regulation.
- to calculate aggregate statistics on the number of unique devices using our Sites and/or Products;
- to send emails and other communications. We may send you service, technical and other administrative emails, messages and other types of communications. We may also contact you to inform you about changes in our Products, our Products offerings, and important Products-related notices, such as security and fraud notices. These communications are considered part of the Products and you may not opt out of them. In addition, we sometimes send emails about new product features, promotional communications or other news about First Light Solutions. We will only send you marketing information if you consent to us;
- for billing, account management and other administrative matters. First Light Solutions may need to contact you for invoicing, account management and similar reasons and we use account data to administer accounts and keep track of billing and payments.
- to investigate and help prevent security issues, fraud and abuse.
If information is aggregated or de-identified so it is no longer reasonably associated with an identified or identifiable natural person, First Light Solutions may use it for any business purpose.
How We Share And Disclose Information
We only disclose Personal Data to third parties when:
- We use service providers who assist us in meeting business operations needs, including hosting, delivering, and improving our Products. We also use service providers for specific services and functions, including email communication, customer support services, and analytics. These service providers may only access, process, or store Personal Data pursuant to our instructions and to perform their duties to us.
- We have your explicit consent to share your Personal Data (if required).
- We believe it is necessary to investigate potential violations of the Terms of Products, to enforce those Terms of Products, or where we believe it is necessary to investigate, prevent, or take action regarding illegal activities, suspected fraud, or potential threats against persons, property, or the systems on which we operate our Site and/or Products.
- We determine that the access, preservation, or disclosure of your Personal Data is required by law to protect the rights, property, or personal safety of First Light Solutions and users of our Site and/or Products, or to respond to lawful requests by public authorities, including national security or law enforcement requests.
- We may disclose Non-Personal Data publicly and to third parties – for example, in public reports about word usage, to partners under agreement with us, or as part of progress reports we may provide to users.
First Light Solutions does not share your Personal Data with third parties for the purpose of enabling them to deliver their advertisements to you.
First Light Solutions does not sell or rent your Personal Data.
Third Parties’ Applications and Products
Some third-party applications and services that work with us may ask for permission to access your information. Those applications will provide you with notice and request your consent in order to obtain such access or information. Please consider your selection of such applications and services, and your permissions, carefully.
Some third parties’ embedded content or plugins on our Sites and/or Products, such as Facebook “Like” buttons, may allow their operators to learn that you have visited the Sites, and they may combine this knowledge with other data they have collected about your visits to other websites or online services that can identify you.
Data collected by third parties through these apps and plugins is subject to each parties’ own policies. We encourage you to read those policies and understand how other companies use your data.
E-mailing by First Light Solutions
From time to time, we may want to contact you with information about product announcements, software updates, and special offers. We also may want to contact you with information about products and services from our business partners.
We only send marketing communications to users with your prior consent.
All First Light Solutions account holders will continue to receive transactional messages related to our Products, even if you unsubscribe from promotional emails.
Data storage, transfer, retention, and deletion
Data Storage and Transfers
Information submitted to First Light Solutions will be transferred to, processed, and stored in the United States. When you use the Products on your computing device, user content you save will be stored locally on that device and synced with our servers. If you post or transfer any Information to or through our Sites and/or Products, you are agreeing to such information, including Personal Data and user content, being hosted and accessed in the United States.
Duration of Information Storage
You can remove your Personal Data from First Light Solutions at any time by emailing us with the respective request: firstname.lastname@example.org. However, we may keep some of your Personal Data for as long as reasonably necessary for our legitimate business interests, including fraud detection and prevention and to comply with our legal obligations including tax, legal reporting, and auditing obligations.
When you give us personal information, we take steps to make sure that it’s treated securely.
Non-sensitive details (your email address etc.) are sent normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we make our best effort to ensure its security on our systems.
We use industry-standard encryption to protect your data in transit. This is commonly referred to as transport layer security (“TLS”) or secure socket layer (“SSL”) technology.
Once we receive your data, we protect it on our servers using a combination of technical, physical, and logical security safeguards. The security of the data stored locally in any of our Products installed on your computing device requires that you make use of the security features of your device. We recommend that you take the appropriate steps to secure all computing devices that you use in connection with our Site and Products.
The Company takes the security of your data very seriously and works to protect your data from loss, misuse and unauthorized access or disclosure.
All staff and officers who handle Relevant Data are aware of this policy and have been given training in how to correctly collect, process, store and delete data. The Company holds a log of when staff training was undertaken and updates it on an annual basis.
All breaches will be reported to the relevant supervisory authority within 72 hours, unless the data was anonymized or encrypted or if it has a particularly high risk.
Breaches of this policy by staff, contractors, officers of the Company will be dealt with under the Company’s grievance and disciplinary policy and may lead to a disciplinary sanction.
If First Light Solutions learns of a security system breach, we may attempt to notify you and provide information on protective steps, if available, through the email address that you have provided to us or by posting a notice on the Site. Depending on where you live, you may have a legal right to receive such notices in writing.
First Light Solutions uses, processes, and stores Personal Data, as necessary to perform our contract with you, and based on our legitimate interests in order to provide the Products and Services. We rely on your consent to process Personal Data to send promotional emails and to place cookies on your devices. In some cases, First Light Solutions may process Personal Data pursuant to legal obligation or to protect your vital interests or those of another person.
Individuals located in the European Economic Area (EEA) have certain rights in respect to their personal information, including the right to access, correct, or delete Personal Data we process through your use of the Sites, Software, and/or Products. If you’re a user based in the EEA, you can:
- Have your Personal Data corrected or deleted. You may ask us to correct information you think is inaccurate or completely delete all information that we hold about you by emailing: email@example.com.
- Access your Personal Data report by submitting a request at firstname.lastname@example.org. This report will include the Personal Data we have about you, provided to you in a structured, commonly used, and portable format.
- Object to us processing your Personal Data. It is your right to lodge an objection to the processing of your personal data by emailing: email@example.com if you feel the “ground relating to your particular situation” apply. The only reasons we will be able to deny your request is if we can show compelling legitimate grounds for the processing, which override your interest, rights and freedoms, or the processing is for the establishment, exercise or defence of a legal claims.
- You can ask us to stop using your Personal Data, including when we use your Personal Data to send you marketing emails. We only send marketing communications to users located in the EEA with your prior consent, and you may withdraw your consent at any time by clicking the “unsubscribe” link found within First Light Solutions emails and changing your contact preferences. Please note you will continue to receive transactional messages related to our Products, even if you unsubscribe from marketing emails.
- Complain to a regulator. If you’re based in the EEA and think that we haven’t complied with data protection laws, you have a right to lodge a complaint with your local supervisory authority.
Data Protection Officer
To communicate with our Data Protection Officer, please email firstname.lastname@example.org.
We may need to update this Policy to keep pace with changes in our Sites, Products, and Services, our business, and laws applicable to us and you. We will, however, always maintain our commitment to respect your privacy. We will notify you of any material changes that impact your rights under this Policy by email (to your most recently provided email address) or post any other revisions to this Policy, along with their effective date, in an easy-to-find area of the Sites, so we recommend that you periodically check back here to stay informed of any changes. Please note that your continued use of First Light Solutions after any change means that you agree with, and consent to be bound by, the new Policy. If you disagree with any changes in this Policy and do not wish your information to be subject to it, you will need to stop using the Sites and/or Products.