PRIVACY NOTICE AND POLICY
1. Introduction
This, Privacy Notice and Policy (“Privacy Policy”) explains and documents how we at Deer Isle Group, LLC (“DI Group”) treat the information you share with us when you evaluate our business, use our Services, or otherwise interact on our website. For the purposes of this privacy Policy, references to “you” and “your” refer to Users of our website. Capitalized terms used but not defined in this Privacy policy shall have the meanings ascribed to them in either of: a) our Terms of Service; or b) applicable law, rule or regulation.
By browsing our Site, using our Services, providing Registration Data, posting User Content, or in any way interacting with DI Group through electronic means, you are acknowledging that you have read this Privacy Policy, and understand your rights, our rights, and our mutual obligations. If you have any questions about anything contained in this Privacy Policy, or do not understand any of our privacy related practices, you are advised to immediately email us with your question/concern at privacy@deeerislegroup.com and to discontinue your use of the Site until such time as your questions and concerns have been addressed to your satisfaction.
In any electronic communication from us to you, we will always provide you with the means to “opt-out” of any further such communications (such election to opt-out on your part may render DI Group unable to provide you with Services) and in the event you elect not to opt-out, you will be deemed to have read, and understood this Privacy Policy.
Primarily, DI Group collects and processes non-personally identifiable information (“Other Information”) related to your business or your investment preferences. Included within Other Information is information which may otherwise be confidential or proprietary, and while DI Group will not disclose your Other Information without your consent, DI Group’s obligations with respect to your Other Information is also governed by any Separate Agreement into which. In some case, particularly when you provide DI Group with Registration Data, you may be providing DI Group with personally identifiable information (“PII”). This Privacy Policy, as well as any Privacy Notices which may be found on any Deer Isle Entity website specifically governs our acceptance, use and retention of PII, as well as your rights to access, modify and delete your PII.
In general, you can visit the Site without revealing any personal information. DI Group does keep track of the domains from which people visit us, with such information coming through our use of “cookies”. Your use of the Site constitutes acknowledgment and understanding of our Cookie Policy.
2. Personal Information That May Be Collected
(a) Identifying Information. In order to access designated subscriber services and /or restricted areas within the Site, DI Group will request that you provide certain personal identifying information, which may include: name, postal address, email address, telephone number, facsimile number, and other information which may be unique to you, all of which, for purposes of this Privacy Policy is PII.
(b) Telephonic Monitoring. In order to provide the Services, it may become necessary for you to telephone DI Group, or for DI Group to telephone you. DI Group reserves the right to monitor, and in some cases record such calls for staff training, quality assurance purposes, or archival recordkeeping (“Recordings”). While some information contained within the Recordings may include PIII, those parts of this Privacy Policy which relate to your ability to access, modify and delete PII do not apply to any PII which may be incidentally collected by DI Group during the Recordings. Notwithstanding the forgoing, DI Group will treat the Recordings as confidential and will not, unless required to by law, disclose the Recordings, or any PII contained within the Recordings to any third-party.
(c) Information from Children. DI Group does not provide services or information for use by children, and will not collect or post information from a child under the age of 16 without the involvement of a parent or guardian.
(d) Chat Rooms, Forums and Bulletin Boards. If you participate in any DI Group chat room, data room, discussion forum, post messages to any DI Group bulletin board, or comment on any DI Group blog or other posting (collectively “Public Spaces”), you should be aware that the information you disclose and share will be broadly available to other persons, both inside of and/or outside DI Group, who have access to those Public Spaces. Any PII you disclose in Public Spaces is not protected by DI Group’s undertakings pursuant to this Privacy Policy.
(e) Links to Other Web Sites. The Site may contain links to other web sites. DI Group is not responsible for the privacy practices or the content of those other web sites, or for any PII you may disclose to such web sites.
3. Uses Made of the Information
(a) Limited Uses Identified. Without your prior consent, DI Group will not use your PII for any purpose other than that for which it is submitted. DI Group uses PII to reply to inquiries, handle complaints, provide operational notices and in program record-keeping.
(b) Marketing Uses. Unless you mark an “x” on the opt-out option box herein provided, DI Group reserves the right to provide you with information about DI Group’s Site and Services, and related information in which you have indicated an interest.
(c) Stored Information Uses. DI Group stores and retains PII, with the storage being maintained by a contracted third party. The data constituting PII is encrypted at rest, and accessible only in conformity with guidelines established by DI Group and its custodian. This PII is stored and retained in order to permit DI Group to provide the Services and to provide you with support and the information you have requested from DI Group.
(d) Online Advertising. Some companies that help DI Group deliver interactive on-line advertising, such as banner ads, may collect and use information about DI Group’s Site users to help DI Group better understand the types of advertising or promotions that are most appealing to DI Group’s Site users. After it is collected the information is aggregated so it is not identifiable to a specific individual.
4. Disclosure of the Information
(a) Within Corporate Organization. DI Group may share your PII within the DI Group corporate organization, and with Deer Isle Entities, and may transfer PII to countries in the world where DI Group offers Services.
(b) Mergers and Acquisitions. Circumstances may arise where for business reasons, DI Group decides to sell, buy, merge or otherwise reorganize its businesses in the United States or some other country. Such a transaction may involve the disclosure of PII to prospective or actual purchasers, and/or receiving such information from sellers. It is DI Group’s practice to seek appropriate protection for information in these types of transactions.
(c) Agents. DI Group employs or engages other companies and individuals to perform business functions on behalf of DI Group. These persons are provided with PII required to perform their functions, but are prohibited by contract from using the information for other purposes. These persons engage in a variety of functions which include, but are not limited to, delivering packages, removing repetitive information from user lists, analyzing data, providing marketing assistance, and providing user services.
(d) Marketing Analysis by Third Parties. DI Group reserves the right to disclose to third parties PII for marketing analysis; however, other than PII disclosed as a consequence of DI Group providing the Services, any information disclosed will be in the form of aggregate data that does not describe or identify an individual user.
(e) Disclosure to Governmental Authorities. Under certain circumstances, personal information may be subject to disclosure pursuant to a judicial or other government subpoenas, warrants or orders.
(a) No Tracking of Personal Information. DI Group’s Site(s) are not set up to track, collect or distribute personal information not entered by visitors. Through website access logs DI Group does collect clickstream data and HTTP protocol elements, which generate certain kinds of non-identifying site usage data, such as the number of hits and visits to the Site. This information is used for internal purposes by technical support staff for research and development, user analysis and business decision making, all of which provides better services to the public. The statistics garnered, which contain no PII and cannot be used to gather such information, may also be provided to third parties.
(b) Use of Cookies. DI Group, or its third-party vendors, collects non-identifiable and personal information through the use of various technologies, including “cookies”. A cookie is an alphanumeric identifier that a website can transfer to a user’s hard drive through the user’s browser. The cookie is then stored on user’s computer as an anonymous tag that identifies the user’s computer, but not the user. Cookies may be sent by DI Group or its third-party vendors. You can set your browser to notify you before a cookie is received, giving you an opportunity to decide whether to accept the cookie. You may also set its browser to turn off cookies; however, some Web sites may not then work properly.
(c) Use of Web Beacon Technologies. DI Group may also use web beacon or other technologies to better tailor the Site to provide better customer service. If these technologies are in use, when a visitor accesses these pages of the Site, a non-identifiable notice of that visit is generated which may be processed by DI Group or by its affiliates. Web beacons usually work in conjunction with cookies. If you do not want cookie information to be associated with your visits to these pages, you can set your browser to turn off cookies; however, web beacon and other technologies will still detect visits to these pages, but the notices they generate cannot be associated with other non-identifiable cookie information and are disregarded.
(d) Collection of Non-Identifiable Information. DI Group may collect non-identifiable information from user visits to the DI Group Site in order to provide better customer service. Examples of such collecting include: traffic analysis, such as tracking of the domains from which users visit, or tracking numbers of visitors; measuring visitor activity on the DI Group Site; system administration; user analysis; and business decision making. Such information is sometimes known as “clickstream data.” DI Group or its contractors may use this data to analyze trends and statistics.
(e) Collection of Personal Information. DI Group collects PII when you enter Registration Data. DI Group may extract some PII in a non-identifiable format and combine it with other non-identifiable information, such as clickstream data. This information is used and analyzed only at an aggregate level (not at an individual level) to help DI Group understand trends and patterns. This information is not reviewed at an individual level.
6. Information Security
(a) Commitment to Online Security. DI Group employs physical, electronic and managerial procedures to safeguard the security and integrity of personal information. PII is accessible only by staff designated to access it. All DI Group agents and contractors with access to personal information on the DI Group Site are also bound to adhere to DI Group security standards.
(b) No Liability for Acts of Third Parties. DI Group will exercise all reasonable efforts to safeguard the confidentiality of PII. However, transmissions protected by industry standard security technology and implemented by human beings cannot be made absolutely secure. Consequently, DI Group shall not be liable for unauthorized disclosure of PII due to no fault of DI Group including, but not limited to, errors in transmission and unauthorized acts of DI Group staff and/or third parties.
7. Privacy Policy Changes and Opt-Out Rights
(a) Changes to Privacy Policy. This Privacy Policy was last updated on December 3, 2018. DI Group reserves the right to change or update this Privacy Policy at any time. A notice of such change will be posted on the Site for thirty (30) days prior to the implementation of such change.
(b) Opt-Out Right. You have the right at any time to cease permitting PII to be collected, used or disclosed by DI Group and/or by any third parties with whom DI Group has shared and/or transferred such personal information. Right of cancellation may be exercised by contacting DI Group via email at privacy@deerislegroup.com, telephone at [(212) 488-0555], or postal mail at 2 West 46th Street, Suite 402, New York, New York 10036. After processing the cancellation, DI Group will delete your PII from its data base.
8. Access Rights to Data and GDPR Compliance
(a) Information Maintained by DI Group. Upon your request, DI Group will provide a reasonable description of your PII that DI Group maintains. DI Group can be contacted by email at privacy@deerisle.com, telephone at [(212) 488-0555], or postal mail at 2 West 46th Street, Suite 402, New York, New York 10036.
(b) Users Located in the EEA. Users located in the European Economic Area are afforded certain protections under Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, or “GDPR”). Under the GDPR, you are entitled to submit a Subject Access Request (“SAR”) to DI Group. A SAR is a request which we are obligated to comply with, at no cost or penalty to you, which permits you to:
Review and audit your PII;
Be informed about the uses of your PII, including the names of any sub-processors we employ to assist us;
Correct any of your PII;
Erase any of your PII (a minimum amount of your PII is necessary for DI Group to provide its Services, so while you are permitted to erase all of your PII it may render DI Group unable to provide you with Services); and
Request that we restrict the processing of any of your PII, with the understanding of potential loss of functionality as described above;
You can submit an SAR by sending your request to privacy@deerislegroup.com with the word “SAR” in the subject line, and we will ensure that we respond to your request within 30 days. DI Group is not permitted to charge you in order to comply with any SAR, nor will DI Group penalize you in any way for submitting an SAR.
Pursuant to the GDPR the basis for our collection, processing and retention of your Personal Information is your consent, which you have the right to revoke at any time by emailing us at privacy@deerislegroup.com with the words “Revoke GDPR Consent” in the subject line, along with an explanation of the portion, which may be all, of your PII for which you are revoking your consent to retention or processing.
The General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live, or where any alleged infringement of data protection laws occurred.
(c) California Residents. Under California Civil Code Section 1798.83, California residents who have an established business relationship with DI Group may choose to opt out of our sharing your PII with third parties for direct marketing purposes. If you are a California resident and (1) you wish to opt out; or (2) you wish to request certain information regarding our disclosure of your PII to third parties for the direct marketing purposes, please send an email to privacy@deerislegroup.com with “CA Privacy Policy Opt Out” in the subject line or write to us at:
Deer Isle Group, LLC
2 West 46th Street, Suite 402
New York, New York 10036
Attention: Privacy Policy
9. Accountability
(a) Questions, Problems and Complaints. If you have a question about this policy statement, or a complaint about DI Group compliance with this Privacy Policy, you may contact DI Group by email privacy@deerislegroup.com.
(b) Do You Need Extra Help? If you would like this Privacy Policy in another format (for example: audio, large print, braille) please contact us at privacy@deerislegroup.com.