Collection and Use of Your Personal Information
We offer our Customers a combination of innovative technology and services to provide leading-edge, proven Web applications and implementation strategies to drive EHS compliance and performance excellence. In connection with the delivery of such technology and services, Customers may use Gensuite applications to collect personally identifiable information about their employees to meet the regulatory requirements for maintaining employee injury and/or illness records. Such personally identifiable information may include an employee’s name, e-mail address, home or work address, telephone number, employee badge number, date of birth and social security number. This information is provided to Gensuite on a voluntary basis and will not be reviewed, shared or distributed by Gensuite without the consent of the Customer except to troubleshoot a user request or resolve a user identified issue. Each Customer is responsible for maintaining the privacy of their user accounts and passwords.
In addition, potential Gensuite Customers may voluntarily provide personally identifiable information when submitting an inquiry request via the “Contact Us” page such as name, e-mail address and telephone number. This information will only be used for the purposes of following up on the Gensuite inquiry and will not be used for any other purposes without the consent of the prospective Customer.
As is true of most websites, we gather certain information automatically and store it in log files. This information includes internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and clickstream data. We use this information, which does not identify individual users, to analyze trends, to administer the site, to track users’ movements around the site and to gather demographic information about our user base as a whole. We do not link this automatically-collected data to personally identifiable information.
Links to Other Sites
We use “cookies” to help personalize your online experience. A cookie is a small text file that is stored on a user’s computer for record-keeping purposes. We may link the information we store in cookies to your personal information in order to provide a faster and more pleasant online experience.
We use both session ID cookies and persistent cookies. We use session cookies to make it easier for you to navigate our site. A session ID cookie expires when you close your browser. A persistent cookie remains on your hard drive for an extended period of time. You can remove persistent cookies by following directions provided in your Internet browser’s “help” file.
Persistent cookies enable us to enhance the experience of users on our site. You have the ability to accept or reject cookies. Most web browsers automatically accept them, but you can usually modify your browser settings to reject cookies, if you prefer. If you reject cookies, you may still use our site, but your ability to use some areas of our website will be limited.
Security of Your Personal Information
The security of your personal information is important to us. All personal information we collect is transmitted using secure socket layer technology (SSL) and encrypted using an MD5 hash.
We follow generally accepted industry standards to protect the personal information submitted to us, both during transmission and once we receive it. No method of transmission over the Internet, or method of electronic storage, is 100% secure, however. Therefore, while we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.
If you have any questions about security on our website, you can send an email to us at the address listed below.
In the event our company goes through a business transition, such as a merger, acquisition by another company, or sale of all or a portion of its assets, your personally identifiable information will likely be among the assets transferred. You will be notified by a prominent notice on our website for 30 days of any such change in ownership or control of your personal information. You consent to the transfer of your personally identifiable information to any such successor entity unless you notify us via email to the contrary.
If we ever were to engage in any onward transfers of your data with third parties for a purpose other than which it was originally collected or subsequently authorized, we would provide you with an opt-choice to limit the use and disclosure of your personal data.
We also may be required to disclose an individual’s personal information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements. In cases of onward transfer to third parties of data of EU individuals received pursuant to the EU-US Privacy Shield, Gensuite is potentially liable.
Accessing & Updating Your Personal Information
Personally Identifiable Information housed within the Gensuite applications is the property of the Gensuite Customer. Through the applications permissions model, each Customer has the ability to determine who has access to view and update the personally identifiable information they have chosen to collect within the Gensuite applications. It is the responsibility of the Customer to determine and communicate what personally identifiable information is being collected and who has access to view and update this information. This information is not reviewed, shared or distributed by Gensuite without the consent of the Customer to troubleshoot a user request or resolve a user identified issue.
Gensuite acknowledges that EU individuals have the right to access the personal information that we maintain about them. An EU individual who seeks access, or who seeks to correct, amend, or delete inaccurate data, should direct his/her query to Leah Ball (as noted below). If requested to remove data, we will respond within a reasonable timeframe.
Gensuite is subject to investigatory and enforcement powers of the Federal Trade Commission (FTC).
Self Regulatory Frameworks
Leah Ball, Senior HR Manager
Gensuite has further committed to refer unresolved privacy complaints under the EU-US Privacy Shield Principles to BBB EU PRIVACY SHIELD, a non-profit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers for more information and to file a complaint.
Please note that if your complaint is not resolved through these channels, under limited circumstances, a binding arbitration option may be available before a Privacy Shield Panel.
US-Swiss Safe Harbor Framework
Leah Ball, Senior HR Manager
Gensuite has further committed to refer unresolved privacy complaints under the US-Swiss Safe Harbor to an independent dispute resolution mechanism operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/us/safe-harbor-complaints for more information and to file a complaint.
Committed to Keeping You Safe–EU General Data Protection Directive
Gensuite is committed to complying with the EU General Data Protection Directive [2016/679], a comprehensive reform of data protection rules in the EU aimed at improving EU individuals’ data privacy and handling of European data across borders. Gensuite is dedicated to securing the privacy of our global user base; in addition to our current certifications to the EU-U.S. Privacy Shield Framework and the U.S.-Swiss Safe Harbor Framework, we are currently adopting the NIST Cybersecurity framework to anticipate regulation changes, cybersecurity threats, evolving processes and technologies. For more on how Gensuite manages data privacy and our plans to address the EU General Data Protection Directive, please review our complete position paper here.