Last Updated: April 3, 2020
Reciprocity is committed to protecting your privacy. Our most important asset is you and your trust and we want you to have confidence in the way we use your Personal Information.
In this Privacy Notice, “us”, “we” and “our” refers to Reciprocity, Inc. and our affiliates listed on this page (collectively “Reciprocity”). “Personal Information” means any information relating to an identified or identifiable individual. Please read the following carefully to understand our views and practices regarding your Personal Information and how we will treat it.
This Privacy Notice provides Information about:
Reciprocity is a computer software company. Our Governance, Risk, and Compliance (GRC) software helps our customers to more effectively manage different business risks.
This Privacy Notice describes how we collect, use, disclose and otherwise process Personal Information about you when:
Outside of customer account information, this Privacy Notice does not apply to processing by our customers of Personal Information when they use Reciprocity Services. Where Reciprocity host customer Personal Information within the Reciprocity Services we do so in our capacity as a processor on the customer’s behalf. Our customer is the controller in respect of Personal Information they process when using Reciprocity Services.
By visiting and using our Site and engaging with us, you acknowledge that you have read and understood this Privacy Notice.
You may provide us with the following categories of Personal Information about you:
We may ask you to provide certain Contact and Professional information when you register for events, request a demo, download white papers or literature, or seek more information.
We may also collect any other Personal Information that you choose to provide to us. For example, Communications and Marketing information if you decide to contact us with a request, or Professional information where you contact us to apply for a job with Reciprocity.
We may collect via automated means the following categories of Personal Information about you or that relate to your use of our Site:
We use information held about you in the following ways:
We will use this information to:
We will use this information in our legitimate interests:
If you are located in Europe, we rely on one or more of the following grounds when processing your Personal Information:
Where permitted in our legitimate interest or with your prior consent where required by law, we will use your personal data for marketing analysis and to provide you with promotional update communications by email or by telephone about our Services.
You can object to further marketing at any time by selecting the “unsubscribe” link at the end of all our marketing and promotional update communications to you, or contact us directly. See Your Rights and Choices below
We may share your Personal Information with:
The servers used to process your Personal Information collected from this Site are in the USA, however we collect data from wherever visitors to our Site or customers are situated. The information that we collect may therefore be transferred to the USA from any other country in which you may be located.
Where we transfer Personal Information, we will take all steps reasonably necessary to ensure that it is protected by appropriate safeguards. This includes:
We may transfer your personal information outside Europe:
Reciprocity, Inc. participates in and complies with the EU-U.S. and Swiss-U.S. Privacy Shield, as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data transferred from the UK, Switzerland, and European Union to the United States.
In compliance with the Privacy Shield Principles, Reciprocity Inc. commits to resolve complaints about our collection or use of your personal data. European Union individuals with inquiries or complaints regarding our Privacy Shield policy should first contact us at firstname.lastname@example.org.
Reciprocity Inc. has further committed to refer unresolved Privacy Shield complaints to an alternative dispute resolution provider. If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://www.jamsadr.com/eu-us-privacy-shield.
If your complaint is not satisfactorily resolved by either Reciprocity Inc. or the third-party resolution service, you may, under certain conditions, pursue binding arbitration through the Privacy Shield Panel here.
Reciprocity Inc. may provide personal data to third parties who perform services on our behalf. Third parties who receive such information must maintain compliance with our Privacy Shield obligations.
We are responsible and remain liable for the processing of personal data we receive, under the Privacy Shield Framework, including if we subsequently transfer to a third party acting as an agent on its behalf. We comply with the Privacy Shield Principles for all onward transfers of personal data from the UK, Switzerland, and European Union, including the onward transfer liability provisions. In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Reciprocity Inc. is subject to the investigation and enforcement actions of the Federal Trade Commission. Reciprocity Inc. may be required to share your personal data, including the disclosure of UK, Switzerland, and European Union personal data, to public authorities and law enforcement agencies in response to lawful requests, including requests to meet national security and law enforcement requirements.
We are committed to ensuring that your Personal Information is adequately protected. In order to prevent unauthorized access to or disclosure of your Personal Information, we have implemented appropriate administrative, physical and technical controls to safeguard our systems, applications and information, as well as robust standard operating procedures in the event of a security incident. We also maintain procedural safeguards to further restrict access to your Personal Information to employees who need it to perform their tasks or people working on our behalf and under confidentiality agreements.
We take measures to delete your Personal Information or keep it in a form that does not permit identifying you when this information is no longer necessary for the purposes for which we process it, unless we are required by law to keep this information for a longer period.
When determining the retention period, we take into account various criteria, such as the type of products and services requested by or provided to you, the nature and length of our relationship with you, possible re-enrolment with our products or services, the impact on the services we provide to you if we delete some information from or about you, mandatory retention periods provided by law and the statute of limitations.
If you opt-out from us sending you promotional updates and marketing, or object to any other processing of your Personal Information, we may keep a record of your objection for the legitimate purpose of ensuring that we can continue to respect your wishes and not contact you further, during the term of your objection.
You have options and choices over how we use your personal information. You may have the right under applicable laws to ask for details of the personal information we hold about you, or to amend, limit or delete your personal information. You may also have the right to object to further processing under certain circumstances.
We also respect the rights you may have under applicable laws to receive that information in a commonly used electronic format (or ask for this information to be provided in that format to a third party where feasible).
If you are in Europe, you have the right under certain circumstances:
This Privacy Notice covers the privacy practices of Reciprocity and it does not cover the privacy practices of third parties on their websites and other features. Reciprocity is not responsible for the privacy notices and/or practices of third-parties.
Reciprocity’s Site may provide links that can take you to other websites, which may include partner websites. You should review the privacy and other policies that govern the websites you visit, since those websites are not bound by Reciprocity’s Privacy Notice, and Reciprocity has no control over the content of those Websites, nor the usage of information they gather.
Any changes we make to our privacy notice will be posted on this page https://reciprocitylabs.com/privacy and, in relation to substantive changes, will be notified to you by e-mail.
You may also write to us at:
Attn: Privacy Officer
755 Sansome Street
San Francisco, CA 94111
Our EU Representation:
Attn: Privacy Officer
Celovška cesta 25