VES Environmental Services, Inc. (“VES”)
Our Privacy Philosophy
You own your data.
VES will not do any of the following without your permission:
- Access your computers
- Access your system
- Share your files with third parties
- Anonymity: protecting the identity and privacy of customers
- Rights of natural persons using VES services and software
- Use of VES and customer data
- Protecting VES’s system and software
- Contact information for privacy issues
Cookies: VES’s websites, services, and software uses “Cookies” to track your activities and preferences. This allows VES to make the websites, services, and software more responsive to your needs. VES does that by using Cookies to process user requests, improving functionality for users, and improve web content (making the web design and content are relevant to you). A web-page server places a Cookie or data file on your hard disk. Programs cannot be run nor can viruses be delivered using the Cookies. You can accept or deny these Cookies here: _________. Browsers can be configured to accept all cookies, reject all cookies, or notify you when a cookie is set. If you have questions about how to do that, consult the “Help” menu of the browser you are using. Certain web pages on our site cannot be used if you reject all cookies.
Security: VES will take reasonable efforts to secure the data you provide—including information that identifies natural persons—from unauthorized access. Reasonable efforts include encrypting all passwords in the VES database and sending traffic between VES controlled systems over encrypted channels. But it is impossible to guarantee that every communication or transmission over the internet is secure. Thus, despite VES’s reasonable efforts, it cannot guarantee the safety of this personal information. By using VES’s system, service, or website you agree that VES will not be held liable for any unauthorized access. If your information is compromised because of a security breach, VES will notify you in accord with applicable law.
Anonymity: VES anonymizes data to the extent that it does not interfere with the services VES provides to you, any obligation VES has under law, or developing or improving VES’s products and services:
- Anonymize means removing information that would allow anyone to identify you or your business as the source of data.
- VES will ask you to expressly opt in before participating in any benchmarking or similar activity that requires data that is not anonymous.
- VES, its Affiliates, and contractors will not provide data to others that can identify you or your business without your express permission or unless required by law; for example, you may authorize VES to share non-anonymized data with another vendor for the purpose of facilitating services you receive from that vendor.
Use of Information: Subject to the Anonymity provision above, VES and its Affiliates use your information in the following ways: Your information is used to provide and improve the services or products offered, licensed, or provided to you by VES. VES will also use your information for internal business purposes. VES also shares your information with Affiliates or third parties, when VES is making the disclosure to provide you with or to improve the products or services offered, licensed, or provided by VES. VES may also use the information you provide to produce data for other commercial purposes in anonymized form, including by aggregating it with other data. VES may also provide or disclose your information, if that disclosure is required by law; if VES is required to do so, to seek remedies for a breach of any end-user agreement or contract; if the data is transferred as part of a sale of VES or a portion of its business; and if VES believes disclosure is necessary to protect its rights or the personal safety of others. VES may also disclose your information to appropriate authorities and financial institutions.
Links Outside VES: VES’s website, services, and software might provide links to third-party sites. Third parties may also link to VES’s website, services, and software. VES does not make any representations about the privacy policies or content of third-party sites. VES is not responsible or liable for any third-party policies, acts, or omissions.
Personal Data: To the greatest extent possible, VES does not keep or process the personal data of natural persons, except for the purpose of identifying authorized users, providing customer service, customer sales, and product development. Any information of this kind is only shared with VES employees and vendors for customer service, product development, customer sales, and verification purposes.
Additional Rights Regarding Personal Data under GDPR: The following notices and disclosures apply to all natural persons who provide personal data to VES, i.e., data subjects, who are covered by the EU General Data Protection Regulation (Regulation EU 2016/679):
- Length of Data Use: Personal data of a data subject is maintained while the data subject or the data subject’s employer is a customer of VES, and for a reasonable time afterwards to make it easier for VES to serve the data subject or his or her employer if either re-subscribe to VES’s services and to contact them about subscription renewal and new products and services.
- Right to Access and Rectification: A data subject has the right to demand access to and the rectification or erasure of personal data or restriction of processing concerning the data subject or to object to processing as well as the right to data portability.
- Right to Lodge Complaint: A data subject also has the right to lodge a complaint with a supervisory authority regarding VES’s processing of his or her personal data.
- Providing Personal Data to Data Subject: VES can provide to a data subject—upon request—remote access to a secure system that provides that natural person with direct access to his or her personal data. This type of request will not be fulfilled in way that may adversely affect the rights or freedoms of others, including trade secrets or intellectual property, and, in particular, the copyrights, protecting VES’s software. Depending on the amount of data that falls within this type of request, VES may request that, before the information is delivered, the data subject specify the information or processing activities to which his or her request relates.
- Data Transfer outside the EU: VES transfers your information, including personal information of natural persons, outside the European Union to the United States because the transfer is necessary for the performance of the services contract between you and VES or the implementation of pre-contractual measures taken at your request. Not all states in the United States have data-protection and privacy laws as comprehensive as the European Union. If European Union data-protection and privacy laws apply to you, then VES will maintain measures to protect your personal information identifying natural persons in a manner commiserate with the protections required under European Union law. The EU has not determined that the United States has adequate legal safeguards outside of certain self-certification programs that VES currently does not participate in.
California Consumers Only: This additional provision applies only to California consumers.
(1) The categories of personal information it has collected about that consumer.
VES collects name, address, password, and employer information.
(2) The categories of sources from which the personal information is collected.
VES gets personal information from You, Your employer, and from Your computer and interaction and use of the VES website, services, and software.
(3) The business or commercial purpose for collecting or selling personal information.
VES does not sell personal information. VES uses personal information to identify authorized users, provide customer service, track use of VES software and services, follow up with communications for new software and services and renewals, and coordinate provision of software and services with Value Added Resellers, third-party developers, and VES vendors.
(4) The categories of third parties with whom the business shares personal information.
As stated above, VES shares personal information with third-party developers and VES vendors that help VES provide, develop, troubleshoot, or modify software or services.
(c) A business that sells consumers’ personal information, or that discloses consumers’ personal information for a business purpose, shall disclose, pursuant to subparagraph (C) of paragraph (5) of subdivision (a) of Section 1798.130:
(1) The category or categories of consumers’ personal information it has sold, or if the business has not sold consumers’ personal information, it shall disclose that fact.
VES does not sell consumers’ personal information.
(2) The category or categories of consumers’ personal information it has disclosed for a business purpose, or if the business has not disclosed the consumers’ personal information for a business purpose, it shall disclose that fact.
As explained above, VES discloses consumers’ personal information only to vendors for customer service, product development, troubleshooting, customer sales, and verification purposes.
A consumer has the right to request that VES delete any personal information about the consumer which VES has collected from the consumer. VES is not required to comply with a consumer’s request to delete the consumer’s personal information if it is necessary for VES to maintain the consumer’s personal information in order to:
(1) Complete the transaction for which the personal information was collected, provide a good or service requested by the consumer, or reasonably anticipated within the context of VES’s ongoing business relationship with the consumer, or otherwise perform a contract between VES and the consumer.
(2) Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute those responsible for that activity.
(3) Debug to identify and repair errors that impair existing intended functionality.
(4) Exercise free speech, ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided for by law.
(5) Comply with the California Electronic Communications Privacy Act pursuant to Chapter 3.6 (commencing with Section 1546) of Title 12 of Part 2 of the Penal Code.
(6) Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the businesses’ deletion of the information is likely to render impossible or seriously impair the achievement of such research, if the consumer has provided informed consent.
(7) To enable solely internal uses that are reasonably aligned with the expectations of the consumer based on the consumer’s relationship with VES.
(8) Comply with a legal obligation.
(9) Otherwise use the consumer’s personal information, internally, in a lawful manner that is compatible with the context in which the consumer provided the information.
(A) Identifiers such as a real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers.
(B) Any categories of personal information described in subdivision (e) of Section 1798.80.
(C) Characteristics of protected classifications under California or federal law.
(D) Commercial information, including records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
(E) Biometric information.
(F) Internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding a consumer’s interaction with an Internet Web site, application, or advertisement.
(G) Geolocation data.
(H) Audio, electronic, visual, thermal, olfactory, or similar information.
(I) Professional or employment-related information.
(J) Education information, defined as information that is not publicly available personally identifiable information as defined in the Family Educational Rights and Privacy Act (20 U.S.C. section 1232g, 34 C.F.R. Part 99).
(K) Inferences drawn from any of the information identified in this subdivision to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
(2) “Personal information” does not include publicly available information. For these purposes, “publicly available” means information that is lawfully made available from federal, state, or local government records, if any conditions associated with such information. “Publicly available” does not mean biometric information collected by a business about a consumer without the consumer’s knowledge. Information is not “publicly available” if that data is used for a purpose that is not compatible with the purpose for which the data is maintained and made available in the government records or for which it is publicly maintained. “Publicly available” does not include consumer information that is deidentified or aggregate consumer information.