SilkRoad Technology, Inc. (“SilkRoad”) is committed to protecting your privacy. This privacy policy applies to www.SilkRoad.com and the SilkRoad software-as-a-service (SAAS) applications and related services which are hosted and operated by SilkRoad and provided to its customers. This privacy policy describes how SilkRoad collects and uses the personal information you provide on our web site at www.SilkRoad.com and our SAAS applications and related services. It also describes the choices available to you regarding our use of your personal information and how you can exercise your privacy rights with regard to this information.
Personal Information Collection, Use, and Sharing
When you register with www.SilkRoad.com website or use the services made available to the public on the www.SilkRoad.com website, personal information is needed such as your name, company name, and email address. SilkRoad uses and shares personal information for purposes such as processing and fulfilling your request, billing, service improvement, research, marketing, communicating with you and other general purposes. With regard to use of SilkRoad SAAS solutions purchased by our customers, see the section below entitled Data Collected Through SilkRoad Purchased Solutions.
SilkRoad will not sell, rent, exchange or share personal information with any third parties without permission or except as described in this privacy policy. SilkRoad will share personal information with government authorities and others in order to respond to investigations, court orders, legal process, or to investigate, prevent or take action regarding illegal activities, suspected fraud, or situations involving potential threats to the physical safety of any person, violations of SilkRoad’s terms of service, or as otherwise required by law. If SilkRoad is involved in a merger, acquisition, or sale of all or substantially all of its assets, you will be notified via email and/or a prominent notice on our web site of any such change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.
SilkRoad may also anonymize and aggregate data collected and use and disclose it for general purposes.
Data Security
The security of your personal information is important to us. We follow generally accepted standards to protect the personal information submitted to us, both during transmission and when we store and process it in our data center. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee its absolute security and do not take responsibility for any third-party actions when we have endeavored to follow generally accepted standards. In addition, we do not take responsibility for your systems, the Internet itself or any third-party networks or services used to transmit data which are outside the firewall of the data center we use to process and store your personal data. If you have any questions about the security on our web site or our services, please contact us.
Email Marketing Choices
You may choose to stop receiving our marketing emails by following the unsubscribe instructions included in these emails or you can contact us. If you purchase a service, you can still opt out of marketing related emails however you cannot opt out of service related announcements.
If your personal information changes, you may correct, update, amend, delete/remove or deactivate it by contacting us by email or postal mail at the contact information listed below. We will respond to your request within 30 days. Note that different rules apply to personal information processed or stored in our purchased solutions. (See section below entitled Data Collected Through SilkRoad Purchased Solutions).
Data Storage
We will retain your personal information for as long as your account is active or as needed to provide you services and for archival and marketing purposes. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. Note that different rules apply to personal information stored in our purchased solutions. (See section below entitled Data Collected Through SilkRoad Purchased Solutions).
Cookies
SilkRoad uses a technology called “cookies” to store session information. A cookie is a small amount of data, which often includes an anonymous unique identifier, which is sent to your browser from a web site’s computers and stored on your computer’s hard drive. We use both session ID cookies and persistent cookies. A session ID cookie expires when you close your browser. We use Session Cookies to track your Login status. This cookie is only ever transmitted over HTTPS. A persistent cookie remains on your hard drive for an extended period of time. We use Persistent Cookies to determine from where you were referred you to our site, as well as the last user ID that you logged in as. SilkRoad may set and access SilkRoad cookies on your computer. Cookies are required to use certain services provided on the SilkRoad website. You can remove persistent cookies by following directions provided in your Internet browser’s “help” directory. If you reject cookies, you may still use our site, but your ability to use some areas of our site will be limited.
The use of cookies by our partners and affiliates is not covered by our privacy policy. We do not have access or control over these cookies. Our partners and affiliates use session ID and persistent cookies to better gauge our customers’ interest in our products and their products.
As is true of most web sites, we gather certain information automatically and store it in log files. This information includes internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and clickstream data.
We use this information, which does not identify individual users, to analyze trends, to administer the site, to track users’ movements around the site and to gather demographic information about our user base as a whole. We also gather, parse, and retain data related to the provision of our web site and related services for internal and service related purposes.
We do link automatically-collected data to personally identifiable information. IP addresses are tied to personally identifiable information to better gauge our customers’ needs and provide specific information to best serve them.
Third Party Advertising
We may partner with a third-party ad network to manage our advertising on other sites. Our ad network partner would use cookies and web beacons to collect non-personally identifiable information about your activities on this and other web sites to provide you targeted advertising based upon your interests. If you wish to not have this information used for the purpose of serving you targeted ads, you may opt-out by contacting us. We may use Google AdSense to publish ads on this site. When you view or click on an ad a cookie will be set to help better provide advertisements that may be of interest to you on this and other web sites. You may opt-out of the use of this cookie by visiting Google’s Advertising and Privacy page: www.google.com/privacy_ads.html.
Blogs and Community Forums
Our web site may offer publicly accessible blogs or community forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. We may display personal testimonials of satisfied customers on our site in addition to other endorsements. With your consent we may post your testimonial along with your name. If you wish to update or delete your testimonial, please contact us.
Social Media Features
Our web site may include social media features, such as the Facebook ‘Like’ button, and widgets, such as the ‘Share This’ button or interactive mini-programs that run on our site. These features may collect your IP address, which page you are visiting on our site, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on our web site. Your interactions with these features are governed by the privacy policy of the company providing it.
Other Web Sites
Our web site includes links to other web sites whose privacy practices may differ from those of SilkRoad. If you submit personal information to any of those sites, your information is governed by their privacy policies. We encourage you to carefully read the privacy policy of any web site you visit.
Updates to the Privacy Policy
SilkRoad may update this Privacy Policy and we may notify registered users of significant changes in the way we treat any personal information by sending a notice to the primary email address specified in your SilkRoad account or by placing a notice on our web site or within our solutions. However, we nevertheless reserve the right to amend our privacy practices and policy from time to time without prior notice. We encourage you to periodically review this page for the latest information on our privacy practices.
Data Collected Through SilkRoad Purchased Solutions
SilkRoad is in the business of providing SAAS solutions and associated services and in connection with providing such offerings to its customers. SilkRoad collects information (including personal information) under the direction of its customers about their business activities, employees, contractors, affiliates and applicants (“Customer Data”). SilkRoad has no direct relationship with the individuals whose personal data it processes and stores for SilkRoad customers and SilkRoad will process, store and retain Customer Data as per our agreement with our applicable customer (including transferring the Customer Data to the applicable customer). Therefore, if you are an employee/contractor/applicant of one of our customers and would no longer like to be involved with one of our customers that use our solutions or otherwise have issues related to your data that is included in Customer Data (such as to correct, amend, or delete such data), please contact the customer that you interact with directly. For the purposes of the EU-US Privacy Shield, the Swiss Privacy Shield and other global privacy laws, SilkRoad acts as a processor/instruction taker which accesses and processes Customer Data on behalf of its customers, which are the controller/owner of such data.
Service Providers and Sub-Processors
SilkRoad may transfer personal information to companies that help us provide our services. Transfers to subsequent third parties are covered by the provisions in this Policy regarding notice and choice and the service agreements with our customers.
Data Retention
SilkRoad will retain personal information from our web site and that we process on behalf of our customers for as long as needed to provide services to our customers. SilkRoad will also retain and use this personal information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
Children’s Privacy
SilkRoad does not knowingly collect, maintain, or use personal information from children under 13 years of age, and no part of our web site is directed to children under the age of 13. If you learn that your child has provided us with personal information without your consent, you may alert us at privacy@SilkRoad.com. We will take steps to delete it if we learn we have collected it.
International Users
With respect to non-US users, by using our web site or services, in most cases you will transfer data to the United States. To the extent permitted by law, by choosing to visit our web site or otherwise provide information to us, you are agreeing to the transfer of your personal information to the United States and processing in accordance with this Privacy Policy.
EU-U.S. and Switzerland-U.S. Privacy Shield
SilkRoad complies with the EU-U.S. Privacy Shield Framework and the Swiss Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of customer personal data from European Union member countries (“EU Personal Data”) and Switzerland (“Swiss Personal Data”) (collectively, “European Personal Data”). SilkRoad certifies that, with respect to European Personal Data, SilkRoad adheres to the Privacy Shield Principles of notice, choice, accountability for onward transfer, security, data integrity and purpose limitation, access, and recourse, enforcement, and liability. With respect to onward transfers, where SilkRoad transfers the European Personal Data to third parties acting as agents/subprocessors, SilkRoad implements appropriate contractual protections for such data, and generally remains responsible for such data under Privacy Shield except in limited circumstances that are beyond SilkRoad’s control. SilkRoad has agreed to cooperate with the European Union data protection authority panel (the “EU DPA”) and comply with the advice given by such authorities with regard to human resources data transferred from the EU in the context of the employment relationship. SilkRoad has agreed to cooperate with the Swiss federal data protection authority panel (the “Swiss DPA”). and comply with the advice given by such authorities with regard to human resources data transferred from the Switzerland in the context of the employment relationship The EU DPA serves as an independent dispute resolution body to address complaints and provide appropriate recourse free of charge to the EU individuals. The Swiss DPA serves as an independent dispute resolution body to address complaints and provide appropriate recourse free of charge to the Swiss individuals. SilkRoad is subject to the investigatory and enforcement powers of the Federal Trade Commission, and under certain conditions, individuals may have the ability under Privacy Shield to invoke binding arbitration in disputes. SilkRoad may be required to disclose information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. To learn more about the Privacy Shield program, and to view SilkRoad’s certification, please visit www.privacyshield.gov/list.
Exercising your rights relating to your personal information
To exercise your rights with regard to personal information collected and stored by SilkRoad in connection with your use of the services made available to the public by SilkRoad on the www.SilkRoad.com website, SilkRoad is the “controller” with regard to the processing of your personal information and you should contact us directly in connection with the exercise of your rights under applicable privacy laws. We try to respond to all legitimate requests within one month and will contact you if we need additional information from you in order to honor your request. Occasionally it may take us longer than a month, taking into account the complexity and number of requests we receive.
To exercise your rights with regard to personal information collected and stored by SilkRoad in connection with the use of SilkRoad SAAS solutions purchased by one of our customers, please inquire with the applicable customer directly. Since SilkRoad serves as a “processor” and such customer is the “controller” SilkRoad may only make changes to a customer’s data upon instruction from that customer. If you make your request directly to us, please provide to us the name of the SilkRoad customer who is the controller for your personal data, and we will refer your request to that customer.
Description of your rights relating to your personal information
You have certain rights relating to your personal information under the local data protection laws that apply to you. Depending on the applicable laws and, in particular, if you are located in the European Economic Area or otherwise covered under the EU General Data Protection Regulation (GDPR), these rights may include the following, subject to the requirements and limitations of those laws:
- To access your personal information held by us (right to access);
- To rectify inaccurate personal information and, taking into account the purpose of processing the personal information, ensure it is complete (right to rectification);
- To erase/delete your personal information, to the extent permitted by applicable data protection laws (right to erasure; right to be forgotten);
- To restrict our processing of your personal information, to the extent permitted by law (right to restriction of processing);
- To transfer your personal information to another controller, to the extent possible (right to data portability);
- To object to any processing of your personal information carried out on the basis of our legitimate interests (right to object). Where we process your personal information for direct marketing purposes or share it with third parties for their own direct marketing purposes, you can exercise your right to object at any time to such processing without having to provide any specific reason for such objection; and
- To the extent we base the collection, processing and sharing of your personal information on your consent, to withdraw your consent at any time, without affecting the lawfulness of the processing based on such consent before its withdrawal.
If you are a resident of California, under the age of 18 and have registered for an account with us, you may ask us to remove content or information that you have posted to our websites. Please note that your request does not ensure complete or comprehensive removal of the content or information, because, for example, some of your content may have been reposted by another visitor to our websites.
Contact Us
For questions related to this Privacy Policy, contact Privacy@SilkRoad.com or at:
SilkRoad Technology, Inc.
100 South Wacker Drive, Suite 425,
Chicago, IL 60606
USA
Effective date: December 2018