The BMC Group VDR LLC , a Delaware Limited Liability Company, d/b/a BMC Group SmartRoom (“BMC Group SmartRoom”, “we”) licenses and operates BMC Group SmartRoom. BMC Group SmartRoom is committed to protecting the privacy online on its BMC Group SmartRoom™ Internet sites including www.bmcgroup.com, and www.smartroom.com, of persons who arrange for BMC Group SmartRoom to provide them with an e-business platform (“SmartRoom Managers”), and the users of such e-business platforms (“Users”). Our objective is to provide a safe and trusted platform for e-business. We have prepared this Privacy and Security Policy to help you understand how BMC Group SmartRoom will collect, use and disseminate information. This Privacy and Security Policy may change periodically, so please check back from time to time. Any questions or comments about this Privacy and Security Policy should be directed to BMC Group Customer Support.
BMC Group SmartRoom participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework. BMC Group SmartRoom is committed to subjecting all personal data received from European Union (EU) member countries and Switzerland, in reliance on the Privacy Shield Framework, to the Framework’s applicable Principles. To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce’s www.privacyshield.gov/list.
BMC Group SmartRoom is compliant with the European Union’s General Data Protection Regulation (GDPR) and has extended those protections to all of our customers.
BMC Group SmartRoom is responsible for the processing of personal data it receives, under the Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. BMC Group SmartRoom complies with the Privacy Shield Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to the Privacy Shield Framework, BMC Group SmartRoom is subject to the regulatory enforcement powers of the Federal Trade Commission. In certain situations, BMC Group SmartRoom may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
Under certain conditions, more fully described on the www.privacyshield.gov/welcome, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.
PRIVACY FOR BMC Group SmartRoom™ PLATFORM USERS
BMC Group SmartRoom collects information under the direction of its Clients, and has no direct relationship with the individuals whose personal data it processes. If you are a customer of one of our Clients and would no longer like to be contacted by one of our Clients that use our service, please contact the Client that you interact with directly. We may transfer personal information to companies that help us provide our service. Transfers to subsequent third parties are covered by the service agreements with our Clients.
BMC Group SmartRoom acknowledges that you have the right to access your personal information. BMC Group SmartRoom has no direct relationship with the individuals whose personal data it processes on behalf of its Clients. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data should direct his query to the BMC Group SmartRoom’s Client (the data controller). If requested to remove data we will respond within a reasonable time frame.
We will retain personal data we process on behalf of our Clients for as long as needed to provide services to our Client.
BMC Group SmartRoom will retain this personal information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
This policy describes and explains:
The types of non-public information collected and how BMC Group SmartRoom will use such information;
- The parties with whom such information may be shared
- The security measures in place to safeguard non-public information
- Acceptance of the terms
- Contacting us
- Collected Information
BMC Group SmartRoom collects non-public information in different ways, including, without limitation, when a SmartRoom Manager or User registers on the BMC Group SmartRoom site, completes online surveys, performs an act on an e-business platform, or notifies BMC Group SmartRoom of any problems or complaints. The information that BMC Group SmartRoom collects may include, without limitation, contact information (name, email address, zip code), unique identifiers and financial information.
Generally, BMC Group SmartRoom will use non-public information as follows:
- We will use contact information to deliver information to SmartRoom Managers regarding deal status and information related to the uses of the SmartRoom Manager’s deal areas by Users.
- We will use unique identifiers to verify SmartRoom Manager and User identity, for use in our database, and in connection with confirmations of transactions through BMC Group SmartRoom.
- We will use contact information to route messages.
- We may use profile data to tailor the SmartRoom Manager and User experience at our site. This data will allow us to deliver services that we think may be useful to SmartRoom Managers and Users.
- We may perform statistical analyses of behaviors and characteristics of our SmartRoom Managers and Users in order to measure interest in and use of the various areas of the BMC Group SmartRoom site. We may share this statistical information with our content providers.
- BMC Group SmartRoom reserves the right to contact SmartRoom Managers and Users regarding access status, changes to any site access or license agreements and any other matters relevant to the services offered to SmartRoom Manager and Users and/or the information collected from SmartRoom Managers and Users.
- Any non-public information that SmartRoom Managers or Users disclose to us will be used by BMC Group SmartRoom in accordance with this Privacy and Security Policy, as amended from time to time.
Information from a User’s or SmartRoom Manager’s computer.
In addition to the collection of information described above, the BMC Group SmartRoom site recognizes certain information about a visitor’s computer, such as the browser, operating system, Internet protocol (“IP”) address and home server from which the visitor accesses the Internet. We may keep track of the domains from which people visit our site. [IP addresses may be used to help identify Users and SmartRoom Managers,] gather broad demographic data, identify trends and statistics, help diagnose problems with our server and administer the BMC Group SmartRoom site. We may use IP address information when compiling and reporting aggregate information to companies doing business with us. We may link IP addresses to any non-public individually identifiable information when we feel it is necessary to enforce compliance with our terms of service or to protect our service, site, SmartRoom Managers, Users, visitors or others, we will use IP addresses to identify a visitor.
Cookies and other tracking technologies.
The BMC Group SmartRoom site may contain links to other Web sites. We are not responsible for the privacy practices or the content of these other sites. Customers should check the privacy policies of these other Web sites when providing non-public information.
Disclosure of Information
The SmartRoom Manager has access to all information related to its deal, including actions taken by Users, User names and other contact information, messages transmitted by Users, and changes made by Users during the course of a deal. Users should not take any action or transmit any data via secure messaging that they do not wish to share with the SmartRoom Manager.
BMC Group SmartRoom may, from time to time, share aggregate statistical information with other persons or entities, such as content or service providers to help us with our business activities such as [webhosting, shipping your order or offering customer newsletter service]. These companies are authorized to use your personal information only as necessary to provide these services on the BMC Group SmartRoom site. BMC Group SmartRoom may also share information with successors or potential successors in interest to BMC Group SmartRoom or the BMC Group SmartRoom site. We will require such parties to comply with this Privacy and Security Policy, as amended from time to time. We reserve the right to distribute such information to such third parties at any time. If you do not want us to share your personal information with these companies, you may contact us at: firstname.lastname@example.org
In addition to the situations described above, BMC Group SmartRoom may disclose SmartRoom Manager and/or User information in special instances when we have reason to believe disclosure is necessary to identify, contact or bring legal action against someone who may be causing injury to or interfering with BMC Group SmartRoom’s rights or property or the rights or property of any other person. We may disclose SmartRoom Manager and/or User information when subpoenaed, for government investigations and when we otherwise believe in good faith that the law requires such disclosure.
BMC Group SmartRoom cannot and does not ensure or warrant the security of any information a SmartRoom Manager or User transmits to BMC Group SmartRoom via the Internet or that is transmitted from BMC Group SmartRoom to a SmartRoom Manager or User via the Internet. Each SmartRoom Manager and User transmits information to BMC Group SmartRoom via the Internet at that SmartRoom Manager’s or User’s own risk. However, information transmitted on the BMC Group SmartRoom Web site is encrypted with 128-bit SSL (secure socket layer) encryption. In addition, the BMC Group SmartRoom site has security measures in place to protect the loss, misuse, and alteration of the information under its control as set forth below. If you have any questions about the security of your personal information, you can contact us at email@example.com.
In the event a data breach occurs, BMC Group Smartroom will notify the affected contacts and appropriate regulatory bodies (European Union only per GDPR) within 72 hours of becoming aware of the issue.
SmartRoom Manager has exclusive control over who can access its restricted deal areas, except for access by BMC Group SmartRoom’s technical support personnel. These BMC Group SmartRoom team members are prohibited from accessing a restricted deal area unless asked by the SmartRoom Manager and are required to respect the confidentiality of information thereon.
All users of the SmartRoom platform are solely responsible for protecting the security of their passwords, including those passwords SmartRoom Managers share with Users. We require that SmartRoom Managers and Users not disclose passwords to anyone without a need to know and that SmartRoom Managers and Users take all reasonable steps to protect the integrity of their passwords.
A fundamental attribute of the BMC Group SmartRoom collaborative platform is its paramount focus on security. BMC Group SmartRoom is committed to providing its clients with security mechanisms for safeguarding the confidentiality of their data as well as the reliability of BMC Group SmartRoom. BMC Group SmartRoom provides a series of controls, independent checks, redundant systems and state of the art technology, as follows:
Data and Systems Integrity and Confidentiality:
BMC Group SmartRoom has security measures and policies at several levels within the data exchange process, including:
- Web site access protected by user identification with ID and password login
- SmartRoom Manager controls access to its restricted deal areas
- User authentication by ID files issued by BMC Group SmartRoom
- Server authentication via cross-certified ID file
- Digital authentication of data transmitted on 128-bit Secure Socket Layer (SSL) encrypted communications system
- Restricted access to servers strictly enforced
- Communications with server are monitored and protected by various firewalls
- Physical facilities are monitored by physical and video surveillance
- Facilities are behind locked doors with privileged access tightly controlled
- Manned security and alarm systems
- Smoke detectors and quick response fire extinguishing mechanisms
- All BMC Group SmartRoom employees and its agents are bound by written confidentiality agreements.
BMC Group SmartRoom has several levels of security to provide reliable service to its clients.
- Server is periodically tested by our internal security team
- Server has multiple connections to the Internet to provide continuous availability to users
- Data center facilities are both temperature and humidity controlled
- Redundant systems in place to provide high availability and geographic redundancy
- Data backup and storage on different facilities performed on a daily basis.
BMC Group SmartRoom takes website security very seriously. We implement security measures to help protect the site and transaction data from unauthorized access. BMC Group SmartRoom continuously updates and improves our security processes and procedures to provide the highest level of security and peace of mind to our customers.
We display personal testimonials of satisfied customers on our site in addition to other endorsements. With your input and consent we may post your testimonial along with your name. If you wish to update or delete your testimonial, you can contact us at firstname.lastname@example.org
Our website offers publicly accessible blogs or community forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. To request removal of your personal information from our blog or community forum, contact us at email@example.com. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why.
Access and Choice
Upon request BMC Group SmartRoom will provide you with information about whether we hold any of your personal information. If you wish to request access, or deletion of your personal information please contact us at firstname.lastname@example.org. We will respond to your request within a reasonable time frame
How to Access & Control Your Personal Data
You have the following data protection rights:
- You can request access, correction, updates or deletion of your personal information.
- You can object to processing of your personal information, ask us to restrict processing of your personal information or request portability of your personal information.
- If we have collected and process your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.
- You have the right to complain to a data protection authority about our collection and use of your personal information.
- Please contact us at email@example.com if you have any questions or concerns.
Social Media Widgets
Our website includes Social Media Features, such as the Facebook Like button, and Widgets, such as the Share this button or interactive mini-programs that run on our website. These Features may collect your Internet protocol address, which page you are visiting on our website, and may set a cookie to enable the feature to function properly. Social Media Features and Widgets are either hosted by a third party or hosted directly on our website. Your interactions with these Features are governed by the privacy statement of the company providing it.
Effect and Amendment of this Privacy and Security Policy.
If you do not agree with this policy or any of its terms, you should not use the BMC Group SmartRoom site. This Privacy and Security Policy in and of itself is not intended to and does not create any contractual or other legal rights in or on behalf of any party. BMC Group SmartRoom reserves the right to amend this policy at any time. Notice of the amended policy will be given by posting on the BMC Group SmartRoom login page access. In case of material changes, we will notify you or our Client by email (sent to the email address specified in your account) to the current Privacy and Security Policy indicating the date of its latest amendment.