This website uses cookies to store information on your computer. Some of these cookies are used for visitor analysis, others are essential to making our site function properly and improve the user experience. By using this site, you consent to the placement of these cookies. Click Accept to consent and dismiss this message or Deny to leave this website. Read our Privacy Statement for more.
Print Page   |   Contact Us   |   Sign In   |   Join Now
Privacy Statement

Protection of Your Privacy

May 2018

 

We at Strategic and Competitive Intelligence Professionals (SCIP), are committed to protecting your privacy. This Privacy Policy applies to all owned and operated SCIP websites and subscription services. This Privacy Policy governs our data collection, processing, and usage practices. It also describes your choices regarding use, access, and correction of your personal data. By using the Websites or the Subscription Service, you consent to the data practices described in this Privacy Policy. If you do not agree with the data practices described in this Privacy Policy, you should not use the Websites or the Membership Subscription Service.

Controller and Processor

SCIP is the controller and processor and responsible for your personal data (collectively referred to as, “we”, “us” or “our” in this Privacy Policy).

We have appointed a data protection officer (DPO) who is responsible for overseeing questions in relation to this Privacy Policy. If you have any questions about this Privacy Policy, including any requests to exercise your legal rights, please contact us via our customer contact page and state that your query is for the attention of the DPO.

Contact Details

Our full details are:

Full name of legal entity: Frost & Sullivan Institute DBA  Strategic and Competitive Intelligence Professionals (SCIP)

Our tax ID Number is: 20-3391011 

You can also contact us through our customer contact page.

You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (https://ico.org.uk). In the UK, please read: https://ico.org.uk/for-the-public/raising-concerns/ for details of how to do this. We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.

Important Information

Changes to this Privacy Policy

We may update this Privacy Policy from time to time by posting a new version online. You should check this page occasionally to review any changes. If we make any material changes, we will notify you by posting the revised Privacy Policy on our Websites. Your continued use of the Websites, Membership Subscription Service, and/or continued provision of Personal data to us will be subject to the terms of the then-current Privacy Policy.  

Information We Collect About You

When You Visit our Websites

You are free to explore the Websites without providing any Personal data about yourself. When you visit the Websites or register for services, we request that you provide Personal data about yourself, and we collect Navigational Information.

If You Fail to Provide Personal Data

Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you. (for example, where you do not provide your personal data in relation to a consulting/membership engagement). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.

"Personal data"

This refers to any information that you voluntarily submit to us, that identifies you personally, including contact information, such as your name, e-mail address, company name, address, phone number, and other information about yourself or your business. Personal data can also include information about any transactions, both free and paid, that you enter into on the Websites, and information about you that is available on the internet, such as from Facebook, LinkedIn, Twitter and Google, or publicly available information that we acquire from service providers.

"Navigational Information"

This refers to information about your computer and your visits to this website such as your IP address, geographical location, browser type, referral source, length of visit and pages viewed. Please see the "Navigation Information" section below.

Payment Information

We collect and process payment information from you when you subscribe to events and/or the Membership Subscription Service, including credit cards numbers and billing information, using third-party PCI-compliant service providers. Except for this, we do not collect Sensitive Information from you.

Information About Children

The Websites are not intended for or targeted at children under 18, and we do not knowingly or intentionally collect information about children under 18. If you believe that we have collected information about a child under 18, please contact us, so that we may delete the information.

How We Use Information We Collect

Compliance with Our Privacy Policy

We use the information we collect only in compliance with this Privacy Policy. Customers who subscribe or purchase Services and/or products are obligated through our agreements with them to comply with this Privacy Policy.

We Never Sell Personal data

We will never sell your Personal data to any third party.

Use of Personal data

In addition to the uses identified elsewhere in this Privacy Policy, we may use your Personal data to (a) improve your browsing experience by personalizing the Websites and to improve the Service; (b) send information to you which we think may be of interest to you by post, email, or other means; (c) send you marketing communications relating to our business or the businesses of carefully-selected third parties which we think may be of interest to you, and (d) provide other companies with statistical information about our users -- but this information will not be used to identify any individual user. We may, from time to time, contact you on behalf of external business partners about a particular offering that may be of interest to you. In those cases, we do not transfer your unique Personal data to the third party. Also, we may share data with trusted partners to contact you based on your request to receive such communications, help us perform statistical analysis, or provide customer support. Such third parties are prohibited from using your Personal data except for these purposes, and they are required to maintain the confidentiality of your information. If you do not want us to share your personal data with these companies, contact us.

Use of Navigational Information

We use Navigational Information to operate and improve the Websites. We may also use Navigational Information alone or in combination with Personal data to provide you with personalized information about SCIP.

Customer Testimonials and Comments

We post customer testimonials and comments on our Websites, which may contain Personal data. We obtain each customer's consent via email and product evaluations before posting the customer's name and testimonial.

Use of Credit Card Information

If you give us credit card information, we use it solely to check your financial qualifications and collect payment from you. We use a third-party service provider to manage credit card processing. This service provider is not permitted to store, retain, or use information you provide except for the sole purpose of credit card processing on our behalf.

Service Providers

We employ other companies and people to provide services to visitors to our Websites, our customers, and users of our services, we may need to share your information with them to provide information, products or services to you. Examples may include analyzing data, providing marketing assistance, processing credit card payments, supplementing the information you provide us in order to provide you with better service, and providing customer service. In all cases where we share your information with such agents, we explicitly require the agent to acknowledge and adhere to our privacy and customer data handling policies.

Social Media Features

Our Websites may include Social Media Features, such as the Facebook Like button and Widgets, such as the Share This button or interactive mini-programs that run on our sites. These features may collect your IP address, which page you are visiting on our sites, and may set a cookie to enable the feature to function properly. Social Media Features and Widgets are either hosted by a third party or hosted directly on our Websites. This Privacy Policy does not apply to these features. Your interactions with these features are governed by the privacy policy and other policies of the companies providing them.

External Websites

Our Websites provide links to other websites. We do not control, and are not responsible for, the content or practices of these other websites. Our provision of such links does not constitute our endorsement of these other websites, their content, their owners, or their practices. This Privacy Policy does not apply to these other websites, which are subject to any privacy and other policies they may have.

Public Forums

We offer publicly accessible message boards, blogs, and community forums. Please keep in mind that if you directly disclose any information through our public message boards, blogs, or forums, this information may be collected and used by others. We will correct or delete any information you have posted on the Websites if you so request, as described in "Opting Out and Unsubscribing" below.

How We Are Prepared For GDPR

SCIP already has a consistent level of data protection and security across our organisation. Read our GDPR Compliance Statement at, https://www.scip.org/page/GDPRCompliance 

Our preparation includes: -

Information Audit - carrying out a company-wide information audit to identify and assess what personal information we hold, where it comes from, how and why it is processed, where it is stored, and if and to whom it is disclosed.
Policies & Procedures - implementing new data protection policies and procedures to meet the requirements and standards of the GDPR and any relevant data protection laws, including:
Data Protection – our main policy and procedure document for data protection has been overhauled to meet the standards and requirements of the GDPR. Accountability and governance measures are in place to ensure that we understand and adequately disseminate and evidence our obligations and responsibilities; with a dedicated focus on privacy by design and the rights of individuals.
Data Retention & Erasure – we are in the process of updating our retention policy and schedule to ensure that we meet the ‘data minimisation’ and ‘storage limitation’ principles and that personal information is stored, archived and destroyed compliantly and ethically. We are actively working towards putting dedicated erasure procedures in place to meet the new ‘Right to Erasure’ obligation and are aware of when this and other data subject’s rights apply; along with any exemptions, response timeframes and notification responsibilities.
Data Breaches – our breach procedures ensure that we have safeguards and measures in place to identify, assess, investigate and report any personal data breach within 72 hours of becoming aware of the breach. Our procedures are robust and have been disseminated to all employees, making them aware of the reporting lines and steps to follow.
International Data Transfers & Third-Party Disclosures – where Frost & Sullivan stores or transfers personal information outside the EU, we are actively working towards having procedures and safeguarding measures in place to secure, encrypt and maintain the integrity of the data. Our procedures will include a continual review of the countries with sufficient adequacy decisions, as well as provisions for Binding Corporate Rules; standard data protection clauses or approved codes of conduct for those countries without. We will be carrying out strict due diligence checks with all recipients of personal data to assess and verify that they have appropriate safeguards in place to protect the information, ensure enforceable data subject rights and have effective legal remedies for data subjects where applicable.
Data Subject Access Request (DSAR) – we are actively revising our DSAR procedures to accommodate the revised 30-day timeframe for providing the requested information. Our new procedures will detail how to verify the data subject, what steps to take for processing an access request, what exemptions apply and a suite of response templates to ensure that communications with data subjects are compliant, consistent and adequate.
Legal Basis for Processing - we are reviewing all processing activities to identify the legal basis for processing and ensuring that each basis is appropriate for the activity it relates to. Where applicable, we also maintain records of our processing activities, ensuring that our obligations under Article 30 of the GDPR and Schedule 1 of the Data Protection Bill are met.
Privacy Notice/Policy – we are revisingour Privacy Notice(s) to comply with the GDPR, ensuring that all individuals whose personal information we process have been informed of why we need it, how it is used, what their rights are, who the information is disclosed to and what safeguarding measures are in place to protect their information.
Obtaining Consent – we have revisedour consent mechanisms for obtaining personal data, ensuring that individuals understand what they are providing, why and how we use it and giving clear, defined ways to consent to us processing their information. We have developed stringent processes for recording consent, making sure that we can evidence an affirmative opt-in, along with time and date records; and an easy to see and access way to withdraw consent at any time.
Direct Marketing – we have revisedthe wording and processes for direct marketing, including clear opt-in mechanisms for marketing subscriptions; a clear notice and method for opting out and providing unsubscribe features on all subsequent marketing materials.
Data Protection Impact Assessments (DPIA) – where we process personal information that is considered high risk, involves large scale processing or includes special category/criminal conviction data; we have developed stringent procedures and assessment templates for carrying out impact assessments that comply fully with the GDPR’s Article 35 requirements. We have implemented documentation processes that record each assessment, allow us to rate the risk posed by the processing activity and implement mitigating measures to reduce the risk posed to the data subject(s).
Processor Agreements – where we use any third-party to process personal information on our behalf, we are in the process of drafting compliant Processor Agreements and due diligence procedures for ensuring that they (as well as we), meet and understand their/our GDPR obligations. These measures include initial and ongoing reviews of the service provided, the necessity of the processing activity, the technical and organisational measures in place and compliance with the GDPR.
Special Categories Data - where we obtain and process any special category information, we do so in complete compliance with the Article 9 requirements and have high-level encryptions and protections on all such data. Special category data is only processed where necessary and is only processed where we have first identified the appropriate Article 9(2) basis or the Data Protection Bill Schedule 1 condition. Where we rely on consent for processing, this is explicit and is verified by a signature, with the right to modify or remove consent being clearly signposted.
Corporate Events

If we (or our assets) are acquired by another company, whether by merger, acquisition, bankruptcy or otherwise, that company would receive all information gathered by SCIP on the Websites. In this event, you will be notified via email and/or a prominent notice on our website, of any change in ownership, uses of your Personal data, and choices you may have regarding your Personal data.

Compelled Disclosure

We reserve the right to use or disclose your Personal data if required by law or if we reasonably believe that use or disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or comply with a law, court order, or legal process.

Marketing

We may use your Identity, Contact, Technical, Usage and Profile Data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you. We only use the data you provide to us directly for this purpose along with the Aggregated Data provided to us by our analytics partners and we do not track what other websites you may visit after visiting our site, though in common with most websites, we may register the site which referred you to our site (e.g. a search engine).

We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising.

We generally only send electronic marketing - such as email marketing - to people who have previously bought similar products from us and this is in our legitimate interests. We will always offer a way out of receiving this marketing when you first purchase our products and in every marketing communication afterwards. We may on occasion send out postal marketing for the purpose of growing our sales which is in our legitimate interests and in this scenario we will rely on you to let us know if you do not want to receive this by opting out of marketing (see Opting out below).

Where you have not previously bought from us but have registered your details with us (for example by signing up for a newsletter), we will only send you marketing communications if you opted into receiving marketing at the time and so given us your express consent (which you may withdraw at any time – see Opting out below).

Navigational Information

Cookies

SCIP uses cookies or similar technologies to analyze trends, administer the website, track users’ movements around the website, and to gather demographic information about our user base as a whole.

We use "cookies" to help you personalize your online experience. A cookie is a text file that is placed on your hard disk by a Web server. Cookies are not used to run programs or deliver viruses to your computer. Cookies are uniquely assigned to you, and can only be read by a Web server in the domain that issued the cookie to you. One of the primary purposes of cookies is to provide a convenience feature to save you time. The use of a cookie is to tell the Web server that you have returned to a specific page. For example, if you personalize pages on our Websites, or register for services, a cookie helps us to recall your specific information on subsequent visits. When you return to the same Website, the information you previously provided can be retrieved, so you can efficiently use the customized features.

You can accept or decline cookies. Most Web browsers automatically allow cookies, but you can usually modify your browser setting to decline cookies if you prefer. If you choose to reject cookies, you may not be able to fully experience the interactive features of SCIP Services or Websites you visit. SCIP keeps track of the Websites and pages you visit within SCIP, to determine what portion of the SCIP Website(s) is the most popular or most used. This data is used to deliver customized content and promotions within SCIP Website(s) to customers whose behavior indicates that they are interested in a particular subject area.

Log Files

We may collect demographic information, such as your ZIP code, age, gender, preferences, interests, and favorites using log files that are not associated with your name or other personal data. There is also information about your computer hardware and software that is automatically collected by us. This information can include your IP address, browser type, domain names, internet service provider (ISP), the files viewed on our site (e.g., HTML pages, graphics, etc.), operating system, clickstream data, access times and referring website addresses. This information is used by SCIP for the operation of our services, to maintain quality, and to provide general statistics regarding use of SCIP Website(s). For these purposes, we do link this automatically-collected data to Personal data such as name, email address, address, and phone number.

Opting Out and Unsubscribing

Your Legal Rights - Reviewing, Correcting and Removing Your Personal Data

In addition to the policies and procedures mentioned above that ensure individuals can enforce their data protection rights, we provide easy to access information upon request and via our Privacy Policy of an individual’s right to access any personal data that Frost & Sullivan processes about them and to request information about:

What personal data we hold about them
The purposes of the processing
The categories of personal data concerned
The recipients to whom the personal data has/will be disclosed
How long we intend to store your personal data for
If we did not collect the data directly from them, information about the source
The right to have incomplete or inaccurate data about them corrected or completed and the process for requesting this
The right to receive your personal data in a structured, commonly used machine-language and the right to transmit those data to another controller
The right to request erasure of personal data (where applicable) or to restrict processing in accordance with data protection laws, as well as to object to any direct marketing from us and to be informed about any automated decision-making that we use
The right to lodge a complaint or seek judicial remedy and who to contact in such instances
No Fee Usually Required

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

What We May Need From You

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

Data Retention

How Long Will You Store My Personal Data For?

We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. For example, details of your orders will be kept for as long as we need to retain that data to comply with our legal and regulatory requirements.

In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.

Time Limit to Respond

We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

To exercise any of these rights, contact us marking your query for the attention of the DPO.

Data Security

SCIP takes the privacy and security of individuals and their personal information very seriously and take every reasonable measure and precaution to protect and secure the personal data that we process.

Security of your Personal data

We use a variety of security technologies and procedures to help protect your Personal data from unauthorized access, use or disclosure. We secure the Personal data you provide on computer servers in a controlled, secure environment, protected from unauthorized access, use or disclosure. When sensitive Personal data (such as a credit card number and/or geo-location data) is collected on our Websites and/or transmitted to other websites, it is protected through the use of encryption, such as the Secure Socket Layer (SSL) protocol.

We have robust information security policies and procedures in place to protect personal information from unauthorised access, alteration, disclosure or destruction and have several layers of security measures, including:

Cyber Essential accreditation.
Latest generation firewalls with latest patches at each location.
Secure VPNs between regional & global locations.
MPLS network connecting the major European offices.
Strict access management controls to all areas on the file servers.
Market leading threat detection with the latest patches on all servers & workstations.
Workstation & removable media encryption.
Market leading appliance web security & control protection.
Mobile device management on all company owned hand-held devices.
Regular vulnerability and penetration testing.
Clustered mail servers on separate sites for DR purposes.
Full network fail-over resilience.
IT infrastructure located in air-conditioned rooms behind security locked doors.
GFS backup rotation system with media stored either in fire proof safes or off-site.
Secure data destruction once IT equipment reaches end of life.
Anti-Spam Policy

Our Acceptable Use Policy, applies to us and our customers and, among other things, prohibits us from sending unsolicited commercial email in violation of applicable laws, and requires the inclusion in every email sent using the Subscription Service of an "opt-out" mechanism and other required information. We require all of our customers to agree to adhere to the Acceptable Use Policy at all times, and any violations of the Acceptable Use Policy by a customer can result in immediate suspension or termination of the Subscription Service.

To Unsubscribe From Our Communications

You may unsubscribe from our marketing communications by clicking on the "unsubscribe" link located on the bottom of our e-mails. Customers cannot opt out of receiving transactional emails related to their account with us.

We are committed to protecting your right to privacy as a user of SCIP.org

If you log into scip.org, we collect personal data in order to register you as a user, including your name, e-mail address, phone number, and address. Your personal data will be kept confidential and will be used for our research, marketing, and strategic client analysis objectives, although, this information will be used for our internal business purposes only. SCIP does host and market additional sites to promote white papers, webinars and more for paying partners which will require a unique registration. For these gated sites, contact information is shared with the paying sponsor.

We will not trade, sell, or in any way divulge your contact information to anyone outside of SCIP. We shall send you information about our various products and services or other products and services that we feel may be of interest to you. If you do not wish to receive any unsolicited mail from us, unsubscribe instructions are contained in each of the emails.

For more information about SCIP and our regulations or services, feel free to contact us.

E-mail: info@scip.org Telephone: +1.703.739.0696

Mailing address:

Strategic and Competitive Intelligence Professionals (SCIP)
7550 IH 10 West, Suite 400 San Antonio, TX 78229 USA

Membership Software Powered by YourMembership  ::  Legal