Our Privacy Policy
QuisLex, Inc. and its affiliates (“QuisLex”) are committed to protecting the privacy of their clients, prospective clients, contractors, employees and business partners. This Privacy Policy sets forth the privacy principles QuisLex, Inc., QuisLex New York LLC, Verdant Analytics LLC and any future affiliates of QuisLex follow with respect to Personal Data (as defined below) that QuisLex collects.
|
| |
|
Your California Privacy Rights
The CCPA affords consumers residing in California certain rights with respect to their Personal Data. If you are a California resident, this section applies to you.
In the preceding 12 months, we have collected the following categories of personal information: Human Resources Data, Client Data, Marketing Data and Activity Data, each as detailed above. For details about the precise data points we collect and the sources of such collection, please see the “Types of Information We Collect” section above. We collect personal information for the business and commercial purposes described in the “How does QuisLex use this Information/Sharing with Third Parties“ section above. In the preceding 12 months, we have disclosed the following categories of personal information for business purposes to the following categories of recipients:
Human Resources Data: Affiliates, third-party vendors, clients, attorneys
Client Data: Affiliates, third-party vendors, clients, client representatives and attorneys
Marketing Data: Affiliates, third party-vendors
Activity Data: Affiliates, third-party vendors
Subject to certain limitations, you have the right to (i) request to know more about the categories and specific pieces of personal information we collect, use, and disclose about you, (ii) request deletion of your personal information, (iii) opt out of any sales of your personal information, if we engage in that activity in the future, and (iv) not be discriminated against for exercising these rights. You may make these requests by emailing us at [email protected]. We will not discriminate against you if you exercise your rights under the CCPA.
If we receive your request from an authorized agent, we may ask for evidence that you have provided such agent with a power of attorney or that the agent otherwise has valid written authority to submit requests to exercise rights on your behalf. This may include requiring you to verify your identity. If you are an authorized agent seeking to make a request, please contact us at [email protected].
Rights under GDPR and Similar Legislation
The GDPR affords residents in certain European countries certain rights with respect to their Personal Data. If you are an EU resident or otherwise covered by GDPR, this section applies to you.
As regards EU/Swiss Personal Data, QuisLex is fully committed to implementing the rights for individuals under the GDPR including (i) the right to be informed, (ii) the right of access, (iii) the right to rectification, (iv) the right to erasure, (v) the right to restrict processing, (vi) the right to data portability, and (vii) the right to object. QuisLex does not use EU/Swiss Personal Data in relation to automated decision making and profiling. Any requests by individuals regarding effectuating the foregoing rights with respect to EU/Swiss Personal Data should be directed to [email protected].
We collect Personal Data for the business and commercial purposes described in the “How does QuisLex use this Information/Sharing with Third Parties“ section above. EU/Swiss Personal Data shall be used only for the legitimate business purpose(s) for which QuisLex originally collected the data. In the case of Marketing Data (see above), QuisLex views the use of this information for additional marketing purposes solely by QuisLex and third parties engaged on its behalf as a legitimate business purpose consistent with the intended purpose for collection of the information. All such information is subject to opt-out rights described below.
EU GDPR Representative
Our Data Representative for all data protection enquiries is:
GDPREP.ORG
a: Suite 10357, 5 Fitzwilliam Square, Dublin 2, Ireland, D02 R744
w: www.gdprep.org
e: [email protected]
t: +44 (0) 7810 883333
UK GDPR Representative
Our Data Representative for all data protection enquiries is:
GDPREP.ORG
a: 3rd Floor, 86-90 Paul Street, London, EC2A 4NE
w: www.gdprep.org
e: [email protected]
t: +44 (0) 7810 883333
SWISS DATA Representative
Our Data Representative for all data protection enquiries is:
GDPREP.ORG
Andreaspark, Hagenholzstrasse 56, 7th Floor, Zurich, 805
w: www.gdprep.org
e: [email protected]
t: +44 (0) 7810 883333
Opting Out
You may request to opt out from QuisLex’s use of your Personal Data that you previously provided to QuisLex by sending such request to [email protected]. QuisLex will comply with such requests unless QuisLex has a legitimate business purpose for continuing to use such Personal Data, such as maintaining employment records.
Access, Change or Delete Information
You can also send a request to [email protected] if you want to (i) review your Personal Data that has been collected and stored by QuisLex, (ii) request modification/correction of any Personal Data that is incorrect, or (iii) request removal/inactivation of Personal Data. Any resulting modification/correction or removal/inactivation of your Personal Data will not affect other information that QuisLex maintains or information that QuisLex has provided to third parties in accordance with this Privacy Policy before such update. QuisLex will use reasonable efforts to comply with such requests unless QuisLex has a legitimate business purpose for not doing so.
To protect your privacy and security, QuisLex will take reasonable steps to verify your identity before granting access to your Personal Data. In addition, QuisLex may limit or deny access to Personal Data, including, without limitation where providing such access would be burdensome or expensive or where such information is legally privileged, in each case, unless such actions are prohibited by data privacy laws.
Children
QuisLex’s website(s) is not intended for use by children. QuisLex does not knowingly solicit or collect Personal Data from children under the age of 13. If you are under the age of 18, you must obtain the consent of your parent or guardian to use QuisLex’s website(s). QuisLex encourages parents and guardians to take an active role in their children’s online activities and interests.
Enforcement and Dispute Resolution
QuisLex regularly reviews its compliance with this Privacy Policy.
QuisLex has appointed the following Data Privacy Officer: Megan Silverman
QuisLex’s DPO may be contacted by email at [email protected].
QuisLex commits to resolve complaints about our collection or use of your personal information. Any individuals with inquiries or complaints our Privacy Policy should contact QuisLex at [email protected].
QuisLex commits to cooperate with EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) and comply with the advice given by such authorities with regard to human resources data transferred from the EU and Switzerland in the context of the employment relationship.
Updates
This Privacy Policy may be updated periodically and without prior notice to you to reflect changes in our information practices or relevant laws. We will post a notice on quislex.com to notify you of any substantive changes to the way we collect and use information. We will indicate at the top of the Privacy Policy when it was last updated. Any changes to our Privacy Policy will become effective upon posting of the revised policy on this site. Use of the site, any of our services, and/or providing consent to the updated Privacy Policy following such changes constitutes your acceptance of the revised Privacy Policy.
Security
QuisLex has reasonable and appropriate measures in place to protect against the loss, misuse and unauthorized access, disclosure, alteration, and destruction of Personal Data.
QuisLex is ISO/IEC 27001:2013 certified for Information Security Management Systems, and ISO 9008:2015 certified for Quality Management Systems. QuisLex is audited under the SSAE 16/ISAE 3402 (SOC1 - Type II) and AT 101 (SOC2 - Type II). We employ various physical, administrative, and technical measures to maintain the confidentiality and security of Personal Data and other confidential information, including by (i) educating and training QuisLex Personnel and keeping QuisLex Personnel up-to-date on its security and privacy practices, (ii) keeping such information in its offices and storing such information on its servers in a secure environment, with appropriate security measures, and (iii) only granting access to such information to individuals who need the information to perform a specific, authorized task.
Links
QuisLex’s website(s) contains links to other website(s)s. QuisLex is not responsible for the content or privacy practices of such other website(s)s. Be aware when you leave QuisLex’s website(s) and read the privacy policies of other website(s)s that may collect your Personal Data.