.svg "EPMware"){kind=small}
Updated: January 1, 2022
EPMware, Inc. (“EPMware,” “we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Notice informs you how we collect, use, secure and share your personal information collected by us when you visit our websites, visit our branded social media pages, visit our offices, receive communication from us, register or attend our events or webinars, or ask questions about our products (collectively, “Websites and Interactions”). If you are a EPMware customer that uses the EPMware platform, please review our Platform Privacy Notice.
This Privacy Notice may change from time to time. If we make a change to this Notice that we believe materially affects how we process your information or reduces your rights, we will provide you with notice. We may also provide additional “just-in-time” disclosures or additional information about the data collection, use and sharing practices of specific Services. These notices may supplement or clarify EPMware’s privacy practices or may provide you with additional choices about how EPMware processes your personal information.
If you do not feel comfortable with any part of this Privacy Notice, please immediately cease using our Websites and do not engage in Interactions with us. Please note that our website may include links to other organizations’ websites whose privacy practices may differ from those of EPMware. If you submit information to any of those sites, your information is governed by their privacy notices. We encourage you to carefully read the privacy notices of any website you visit.
Personal Information We Collect
Except as described in this Privacy Notice, EPMware will not give, sell, rent or loan any of the information you provide us to any third party. Personal information is generally any information that identifies you or makes you identifiable such as your name, IP address or user preferences. We may collect, store and use the following kinds of personal information from you in relation to the Websites and Interactions:
Information You Voluntarily Provide. We will collect personal information when you voluntarily provide it to us (including to our service providers or other parties who collect it on our behalf).
For example, we collect personal information when you request information about our services or products, submit an application for employment, subscribe to marketing communications, or register for a EPMware event or webinar.
We collect information about any transactions carried out between you and us on or in relation to this website, including information relating to any purchases you make of our goods or services, including your first and last name, title, position, employer, and contact information.
We may also collect personal information from you offline, such as when you attend one of our events, or during phone calls with sales representatives. The personal information we collect may include contact information (such as your name, address, telephone number or email address), professional information (such as your job title, department or job role), and contact preferences.
Information We Automatically Collect
Log Data. When you use our Websites, we automatically record information from your device, its software, and your activity using the Websites (“Log Data”). This may include the device’s Internet Protocol (“IP”) address, browser type, the web page visited before you came to our website, information you search for on our website, length of visit and number of page views, locale preferences, identification numbers associated with your devices, your mobile carrier, date and time stamps associated with transactions, and system configuration information.
Location Data. We may collect geolocation and proximity of your device if location services are enabled on your device ((e.g., GPS-based functionality on mobile devices used to access our website), and may use that information to customize the interactions with location-based information and features. If you access our website through a mobile device and you do not want your device to provide us with location-tracking information, you can disable the GPS or other location-tracking functions on your device, provided your device allows you to do this.
Cookies. We use “cookies” to collect information and improve our interactions with you. A cookie is a small data file that we transfer to your device. We may use “persistent cookies” to save your registration ID and login password for future logins to our website, such as, to register for webinars. We may use “session ID cookies” to enable certain features of the Websites, to better understand how your interactions with us and to monitor aggregate usage and web traffic routing on our website.
We may collect personal information about from third party sources. You may choose to register events sponsored by our partners where we will share your information with our marketing partners. To engage in marketing activities, we may collect personal information disclosed by you on message boards, chat features, blogs and other services or platforms to which you are able to post information and materials (including third party services and platforms). We process such information to better understand you, to maintain and improve the accuracy of the information we store about you, and to better promote or optimize our communications with you, including providing information about our services and products.
Why We Collect Your Personal Information
Our primary purpose in collecting personal information is to provide you with a secure, smooth, efficient, and customized experience. In general, we use personal information to create, develop, operate, deliver, and improve our Websites and be able to offer our services and products. We may use your personal information to:
Respond to Requests. We may process your personal information when you contact us, such as with questions, concerns and feedback. We share this information with third parties upon your request, or our service providers or partners to the extent necessary to provide you a response. Without your personal information, we cannot respond to you or ensure your continued use and enjoyment of our Websites and Interactions.
Facilitate and Evaluate Use of the Services. We may use your personal information to provide you with the online services, to facilitate your use of the online services (such as facilitating navigation and the login process, preserving information between sessions and enhancing security), to improve quality, to evaluate page response rates and determine content.
Improve the Accuracy of our Records. We may use the personal information we receive from you or third parties to better understand you and/or maintain and improve the accuracy of the records we hold about you.
Personalize your Experience. We also may use cookies and similar tracking technology to personalize your experience – please see our Cookie Policy for more information. By personalizing our communications, we enable you to more easily use our website because we keep track of your preferences (e.g. your language selection, your time zone, etc.). Without processing your personal information for such purposes, you may not be able to access or personalize part or all of our Websites and Interactions.
Ensure the Security of the Websites and Interactions. We may process your personal information to help monitor, prevent and detect fraud, enhance security, and combat spam or other malware or security risks. combat spam, malware, malicious activities or security risks; improve and enforce our security measures; and to monitor the security of our website.
Marketing: We may use information we obtain from you, your interactions with EPMware and our website, and from third party sources to provide you with marketing and promotional communications, to deliver targeted and relevant advertising and marketing to you, to determine the effectiveness of our marketing and promotional campaigns, to better understand you and your preferences, and to position and promote our services and products. Our marketing will be conducted in accordance with your advertising / marketing preferences and as permitted by applicable law.
Conferences and Events. EPMware and our partners may use your personal information communicate with you about our events or our partner events. After the event, EPMware may contact you about the event and related products and services, and may share information about your attendance with our conference sponsors and partners, where legally permitted to do so. If a partner or conference sponsor directly requests your personal information at their conference booths or presentations, your personal information will be handled in accordance with their privacy practices.
If, in the future, we use your personal information in a way that is not described in this Privacy Notice, we will provide notice.
Information Sharing
We share your personal information only with third parties who have a legitimate purpose for accessing it. We will only share your information in the following circumstances:
Service Providers, Business Partners and Others. We may share your personal information with third parties, such as vendors, consultants, agents and other service providers who work on our behalf. Examples include vendors and service providers who provide assistance with marketing, billing, processing credit card payments, data analysis and insight, technical support and customer service.
Compliance with Laws and Law Enforcement Requests; Protection of Our Rights. We may disclose your personal information to third parties when we have a good faith belief that disclosure is reasonably necessary to: (i) comply with a law, regulation or legal requests including to meet national security or law enforcement requirements; (ii) protect the safety of any person from death or serious bodily injury; (iii) prevent fraud or abuse of EPMware or its user, or (iv) protect EPMware’s property rights.
Business Transfers. If we are involved in a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred as part of that transaction, but we will notify you (for example, via email and/or a prominent notice on our website) of any change in control or use of your personal information, or if either become subject to a different Privacy Notice. We will also notify you of choices you may have regarding the information.
Security
We will take reasonable precautions to prevent the loss, misuse or alteration of your personal information. Data transmission over the Internet is inherently insecure and we cannot guarantee the security of data sent over the Internet.
We will store all the personal information you provide on our secure servers. You are responsible for keeping your passwords confidential. We will not ask you for your passwords.
We have procedures in place to ensure we can react to any possible issue. If you ever find a security issue, or simply have a security related concern, please reach out directly to us. The quickest and most effective way is by sending an email to privacy@EPMware.com.
Transfers of Personal Information
By submitting your personal information via this website or otherwise, your information will be transferred to us in the United States. The United States may have data protection laws that are less protective than the laws of the jurisdiction in which you reside. If you do not want your personal information transferred to or processed or maintained in the United States, you should not use our Websites or should not engage in Interactions with us.
If you are located in the European Economic Area (“EEA”), the United Kingdom or Switzerland, we comply with applicable laws to provide an adequate level of data protection for the transfer of your personal information to the United States. EPMware is certified under the EU-U.S. and the Swiss-U.S. Privacy Shield Framework and adheres to the Privacy Shield Principles. For more information, see Section 10 below.
Where applicable law requires us to ensure that an international data transfer is governed by a data transfer mechanism, we use either one of the following mechanisms: EU Standard Contractual Clauses with a data recipient outside the EEA, or verification of the EU-US and Swiss-US Privacy Shield Framework.
For example, we may transfer your personal information to third parties, as described in the Information Sharing section above, pursuant to the onward transfer principles of the EU-U.S. Privacy Shield. We use these third-parties to perform certain functions offered as part of our products and services, e.g. data center hosting services, a SaaS survey solution, and SaaS IT service management software.
Accessing or Updating Your Personal Information
We depend on you to update and correct personal information to the extent necessary for the purposes for which the information was collected or subsequently authorized by you. You may contact EPMware as indicated below to request that we update or correct relevant personal information that is demonstrated to be inaccurate or incomplete, except where the burden or expense of providing access would be disproportionate to the risks to the privacy of the individual in the case in question or where the rights of persons other than the individual would be violated. We may seek to verify your identity when we receive your privacy rights request to ensure the security of your personal information.
Retention
We may retain and use your personal information as necessary to comply with our legal obligations, or resolve disputes. Consistent with these requirements, we will try to delete your personal information within the time limits imposed by applicable law, if any, upon request 8. Children
Our Websites and Interactions are not directed to persons under 18, and we do not knowingly collect personal information from children under 18. If a parent or guardian becomes aware that his or her child has provided us with personal information without their consent, he or she should contact us at privacy@EPMware.com. If we become aware that a child under 18 has provided us with personal information, we will take steps to delete such information from our files.
Special Notice for California Residents
This section applies only to California residents.
Personal Information Collected. Pursuant to the California Consumer Privacy Act of 2018 (“CCPA”), below is a summary of the personal information categories, as identified and defined by the CCPA (see California Civil Code section 1798.140 (o)), that we collected as a business in the preceding 12 months, the reason we collect your personal information, where we obtain the personal information we collect about you, and the third parties that we share your personal information. For more information about the personal information we collect, please refer to Section 1 above.
Identifiers: We may collect identifiers such as a name, address, unique personal identifier, email, phone number, your device’s IP address, software, and identification numbers associated with your devices.
Commercial information: We may collect commercial information such as records of products or services purchased, obtained, or considered by you.
Internet or other electronic network activity information: We may collect information regarding you browsing history, search history, the web page visited before you came to our website, length of visit and number of page views, locale preferences, your mobile carrier, date and time stamps associated with transactions, and system configuration information.
Geolocation data: To the extent you have configured your device to permit us to collect such information, we may collect information that is sufficient to identify your general location.
Sensory data, such as audio, electronic, visual, or other similar information: We may collect audio recordings when you call us.
Inferences: We may collect information about your preferences, characteristics, behavior and attitudes.
We may also collect professional or employment-related information or education information, but only to the extent voluntarily provided to us by you or made available by a third party. We do not collect the following categories of information identified in the CCPA’s definition of personal information in relation to our Websites and Interactions described in this Privacy Notice: protected classifications or biometric information.
In relation to the personal information described above, we collect such information for the purposes described in Section 2 above, entitled Why We Collect Your Personal Information, and such information is shared with the parties identified in Section 3 above, entitled Information Sharing.
California Residents Rights. Under the CCPA, California residents have the following rights (“Rights”) listed below. Your right to know and right to deletion are not absolute and are subject to certain exceptions. For instance, we cannot disclose specific pieces of personal information if the disclosure would create a substantial, articulable, and unreasonable risk to the security of the personal information, your account with us or the security of the business’s systems of networks.
Right to Know. You have the right to know the personal information we collect, use, disclose, and sell, if applicable, about you during the preceding 12 months. You have the right to request in writing from us a copy of the categories of personal information we have collected about you, the categories of sources from which we collected that information, why we collected that information about you, the categories of third parties with whom we shared your personal information, the categories of personal information that the business disclosed about you for a business purpose, and the specific pieces of personal information we have collected about you. Please note that we are only required to respond twice per calendar year to your right to know.
Right to Deletion. You have the right to request that we delete any personal information we have collected from you or maintain about you. However, we are not required to comply with such requests if it is necessary for us or our partners to maintain the personal information in order to:
complete the transaction for which the personal information was collected;
detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity;
debug to identify and repair errors that impair existing intended functionality;
exercise free speech, ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided for by law;
comply with the California Electronic Communications Privacy Act;
engage in public or peer-reviewed scientific, historical, or statistical research in the public interest;
comply with a legal obligation; or
use personal information internally in a lawful manner that is compatible with the context in which a California resident provided the information and is reasonably aligned with the expectations of the resident based on the resident’s relationship with the business.
Right to Opt-Out of the Sale of Your Personal Information. If a business sells your personal information you have the right to opt-out of having your personal information sold. We do not sell any of your personal information.
Right to Non-Discrimination. We will not discriminate against those who exercise their rights. Specifically, if you exercise your rights, we will not deny you goods or services, charge you different prices or rates for goods or services or provide you a different level or quality of goods or services.
(c) Asserting Your Rights. You may exercise your right to know or your right to deletion by either emailing us at privacy@EPMware.com. To verify your identity, we may ask you to verify personal information we already have on file for you. If we cannot verify your identity from the information we have on file, we may request additional information from you, which will only be used for the purposes of verifying your identity, and for security or fraud-prevention purposes. In some instances, we may seek for you to identify at least three pieces of your personal maintained by the business and submit a signed declaration under penalty of perjury that you are a California consumer whose personal information is the subject of the request. We will delete any new personal information collected for the purposes of verification as soon as practical after processing your request, subject to the CCPA’s retention requirements.
You may designate an authorized agent to make a request to know or a request to delete. We will respond to your authorized agent’s request if they submit proof that they are registered with the California Secretary of State to be able to act on your behalf, or submit evidence you have provided them with power of attorney pursuant to Probate Code section 4000 to 4465. We may deny requests from authorized agents who do not submit proof that they have been authorized by you to act on their behalf.
(d) Third Party Direct Marketing. If you are a California resident, you have the right to request information from us regarding whether we share certain categories of your personal information with third parties for the third parties’ direct marketing purposes. California law provides that you have the right to submit a request to us at our designated address and receive the following information: (a) the categories of information we disclosed to third parties for the third parties’ direct marketing purposes during the preceding calendar year; and (b) the names and addresses of third parties that received such information, or if the nature of their business cannot be determined from the name, then examples of the products or services marketed. To the extent we participate in such sharing, you are entitled to receive a copy of this information in a standardized format and the information will not be specific to you individually. You may make such a request by emailing privacy@EPMware.com.
(e) Do Not Track Disclosure. EPMware does not have a mechanism in place for responding to browser “do not track” signals or other similar mechanisms used to limit collection of information for use in online behavioral advertising.
Special Notice for Individuals in the EEA, UK and Switzerland
This section only applies to interactions with individuals who are in the European Economic Area, United Kingdom or Switzerland (collectively, the “Designated Countries”) at the time of data collection.
Role. EPMware is a data controller with regard to any personal information collected from users of the Service. Any third parties that handle your personal information in accordance with our instructions are our service providers and are “data processors.” You are a “user.” Users are individuals providing personal information to us via the Websites and Interactions.
Marketing. We will only contact individuals located in the Designated Countries by electronic means (including email or SMS) based on our legitimate interests, as permitted by applicable law, or the individual’s consent. If you do not want us to use your personal information in this way please go to the email settings for your account to opt out, click an unsubscribe link in your emails, or contact us at privacy@EPMware.com. You can object to direct marketing at any time and free of charge.
Additional Privacy Rights. We provide you with the rights described below. We may limit these privacy rights requests (i) where denial of access is required or authorized by law, (ii) when granting access would have a negative impact on others’ privacy, (iii) to protect our rights and properties, or (iv) where the request is frivolous or burdensome. If you would like to exercise your rights under applicable law, please contact us at privacy@EPMware.com. We may seek to verify your identity when we receive your privacy rights request to ensure the security of your personal information.
Right to withdraw consent. For any consent-based processing of your personal information, you have the right to withdraw your consent. A withdrawal of consent will not affect the lawfulness of our processing or the processing of any third parties based on consent before your withdrawal.
Right of access/right of portability. You may have the right to access the personal information that we hold about you, and in some limited circumstances, have the personal information provided to you so that you can provide that personal information to another controller.
Right to rectification. You may request to correct any of your personal information in our files.
Right to erasure. In certain circumstances, you may have a right to the erasure of your personal information that we hold on you.
Right to restriction. You have the right to request that we restrict our processing of your personal information in certain circumstances.
Right to object to processing. You have the right to object to our processing of your personal information at any time and as permitted by applicable law if we process your personal information on the legal bases of: consent; contract; or legitimate interests. We may continue to process your personal information if it is necessary for the defense of legal claims, or for any other exceptions permitted by applicable law.
Notification to third parties. When we fulfill your individual rights requests for correction, erasure or restriction of processing, we will notify third parties also handling the relevant personal information unless this proves impossible or involves disproportionate effort.
Right to Lodge Complaint. In compliance with the Privacy Shield Principles, we commit to resolve complaints about our collection or use of your personal information. EU or Swiss individuals with inquiries or complaints regarding this privacy policy should first contact us at: privacy@EPMware.com. EPMware has further committed to refer unresolved privacy complaints under the EU-U.S. and Swiss Privacy Shield Principles to an independent dispute resolution mechanism operated by JAMS. If you do not receive timely acknowledgment of your complaint or if your complaint is not satisfactorily addressed, please visit https://www.jamsadr.com/eu-us-privacy-shield to file a complaint or obtain more information. You also have the right to lodge a complaint with the supervisory authority of your habitual residence, place of work or place of alleged infringement, if you consider that the processing of your personal information infringes applicable law.
International Transfers – the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks. EPMware complies with the EU-U.S. and the Swiss-U.S. Privacy Shield Frameworks as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union, the United Kingdom and Switzerland to the United States. EPMware has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. EPMware adheres to the Privacy Shield Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. Please click here to view our Privacy Shield Policy. The Federal Trade Commission has jurisdiction over EPMware’s compliance with the Privacy Shield.
If there is any conflict between the terms in this Notice and the Privacy Shield Principles, the Privacy Shield Principles shall govern. In the context of an onward transfer, EPMware has responsibility for the processing of personal information it receives under the Privacy Shield and subsequently transfers to a third party acting as an agent on its behalf. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/.
If you are a European, United Kingdom or Swiss data subject with an unresolved complaint or dispute arising under the requirements of the Privacy Shield Framework, we agree to refer your complaint under the Framework to an independent dispute resolution mechanism. EPMware has committed to refer unresolved privacy complaints under the EU-U.S. and Swiss Privacy Shield Principles to an independent dispute resolution mechanism operated by JAMS. If you do not receive timely acknowledgment of your complaint or if your complaint is not satisfactorily addressed, please visit https://www.jamsadr.com/eu-us-privacy-shield to file a complaint or obtain more information.
Please note that if your complaint is not resolved through these channels, under limited circumstances, a binding arbitration option may be available before a Privacy Shield Panel.
Legal Bases for Processing Personal Data. Our legal bases for collecting and using the personal information described above will depend on the type of personal information collected, the specific context in which we collect it and the purposes for which it is used. Whenever we require your consent for the processing of your personal information such processing will be based on Article 6(1) lit. (a) GDPR. If the processing of your personal information is necessary for the performance of a contract between you and GT or for taking any pre-contractual steps upon your request, such processing will be based on Article 6(1) lit. (b) GDPR. If this data is not processed, EPMware will not be able to execute the contract with you. Where the processing is necessary for us to comply with a legal obligation, we will process your information on basis of Article 6(1) lit. (c) GDPR, for example for complying with obligations under anti-money laundering laws. Where the processing is necessary for the purposes of EPMware’s or another party’s legitimate interests, such processing will be made in accordance with Article 6(1) lit. (f) GDPR.
Contacting Us
To exercise your rights, or if you have any questions about this Notice or our treatment of your personal information, please send us an email at privacy@EPMware.com
Master Data Management and Data Governance Data Sheet
Download