IMSS Privacy Statement
This Privacy Statement is effective as of 04 May 2020.
At IMSS we recognise the importance of protecting your personal information and are committed to processing it responsibly and in compliance with applicable data protection laws in all countries in which IMSS operates.
This Privacy Statement describes IMSS’s general privacy practices that apply to personal information we collect, use and share about consumers and other individuals within our clients, business partners, supplier and other organisations with which IMSS has or contemplates a business relationship.
Why and how we collect and use your personal information
We may collect your personal information as an individual for various purposes, such as the following:
- Access and use of websites or other online services When entering one of our websites, or using an online service, we will record information necessary to provide you with access, for the operation of the website and for us to comply with security and legal requirements in relation to operating our site, such as passwords, IP address and browser settings. We also collect information about your activities during your visit in order to personalise your website experience, such as recording your preferences and settings, and to collect statistics to help us improve and further develop our websites, products and services.
- Responding to your request for information, order, or supportWhen you contact us (online or offline) in connection with a request for information, to order a product or service, to provide you with support, or to participate in a forum or other social computing tool, we collect information necessary to fulfill your request, to grant you access to the product or service, to provide you with support and to be able to contact you. For instance, we collect your name and contact information, details about your request and your agreement with us and the fulfilment, delivery and invoicing of your order and we may include client satisfaction survey information. We retain such information for administrative purposes, defending our rights, and in connection with our relationship with you.
- Contacting employees of our clients, prospects, partners and suppliersIn our relationship with clients or prospects, partners and suppliers, they also provide us with business contact information (such as name, business contact details, position or title of their employees, contractors, advisors and authorised users) for purposes such as contract management, fulfilment, delivery of products and services, provision of support, invoicing and management of the services or the relationship.
- Visitor informationWe register individuals visiting our sites and locations (name, identification and business contact information) and use camera supervision for reasons of security and safety of persons and belongings, as well as for regulatory purposes.
- MarketingMost information we collect about you comes from our direct interactions with you. When you register for an event we may collect information (online or offline) in relation to the event organisation, and during an event, such as participation in sessions and survey results. We combine the personal information we collect to develop aggregate analysis and business intelligence for conducting our business and for marketing purposes. You can choose to receive information by email, telephone or postal mail about our products and services, or sign-up for subscriptions. When visiting our websites or using our services we may provide you with personalised information. You can always opt-out from receiving personalised communication by sending an e-mail to firstname.lastname@example.org
- Website VisitsWe may also collect information relating to your use of our websites and IBM Cloud services through the use of various technologies. For example, when you visit our websites or access our online services including downloads, we may log certain information that your browser sends us, such as your IP address (including information deriving from your IP address such as your geographic location), browser type, version and language, access time, duration of access, and referring website addresses; we may also collect information about the pages you view within our sites, the time you spent on each site and other actions you take while visiting our website.
- Monitoring or Recording of Calls, Chats and Other InteractionsCertain online transactions may involve you calling us or us calling you. They may also involve online chats. Please be aware that it is IMSS’s general practice to monitor and, in some cases, record such interactions for staff training or quality assurance purposes or to retain evidence of a particular transaction or interaction.
Sharing of Personal Information
Where appropriate, IMSS may also share your personal information with selected partners to help us provide you, or the company you work for, products or services, or to fulfill your requests, or with your consent. When selecting our suppliers and partners, we take into account their data handling processes.
If IMSS decides to sell, buy, merge or otherwise reorganise businesses, such a transaction may involve the disclosure of personal information to prospective or actual purchasers, or the receipt of such information from sellers. It is IMSS’s practice to require appropriate protection for personal information in these types of transactions.
Please be aware that in certain circumstances, personal information may be subject to disclosure to government agencies pursuant to judicial proceeding, court order, or legal process. We may also share your personal information to protect the rights or property of IMSS, our business partners, suppliers or clients, and others when we have reasonable grounds to believe that such rights or property have been or could be affected.
Information Security and Accuracy
We intend to protect your personal information and to maintain its accuracy. IMSS implements reasonable physical, administrative and technical safeguards to help us protect your personal information from unauthorised access, use and disclosure. For example, we encrypt certain sensitive personal information such as credit card information when we transmit such information over the Internet. We also require that our suppliers protect such information from unauthorised access, use and disclosure.
We will not retain personal information longer than necessary to fulfill the purposes for which it is processed, including the security of our processing complying with legal and regulatory obligations (e.g. audit, accounting and statutory retention terms), handling disputes, and for the establishment, exercise or defense of legal claims in the countries where we do business.
You can request to access, update, delete or correct your personal information. You also have the right to object to direct marketing. You may have additional rights pursuant to your local law applicable to the processing. For example, if the processing of your personal information is subject to the EU General Data Protection Regulation (“GDPR”), and your personal information is processed based on legitimate interests, you have the right to object to the processing on grounds relating to your specific situation. Under GDPR you may also have the right to request to have your personal information deleted or restricted and ask for portability of your personal information.