IAG and its affiliates (collectively “IAG”, “We” and “Us”) respect your privacy. This Privacy Statement explains how IAG collects and uses personal data from visitors to its web and mobile sites that link directly to this Privacy Statement (collectively “Sites”).
PERSONAL INFORMATION WE COLLECT
ACTIVELY SUBMITTED DATA
If you call us, send us an email, or fill out a form on one of our Sites, or purchase products or services from us (online or over the phone), we use the information you provide to respond to your request or to otherwise communicate with you or assist you. We may collect data necessary to respond to your request, propose appropriate solutions, and process your order, such as your shipping address, products ordered, payment information, and your contact information. We refer to any of this information as “Order Information”.
PASSIVELY PROVIDED DATA
When you visit our Sites, depending on your opt-in choices, certain information about your computer or mobile device is shared with us, which may include the activities you perform on our Sites, the type of hardware and software you are using, (such as your operating system or browser), information stored in cookies, IP address, access times, the web pages from which you came, the regions from which you navigate the web page, and the web pages you access. We use this information to better understand the interests of the users of our Sites, to improve our Sites, services, and products. We refer to this automatically-collected information as “Device Information”.
We collect Device Information using the following technologies:
- “Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier. For more information about cookies, and how to disable cookies, visit https://www.allaboutcookies.org.
- “Log files” track actions occurring on the Site, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.
- “Web beacons”, “tags”, and “pixels” are electronic files used to record information about how you browse the Site.
HOW DO WE USE YOUR PERSONAL INFORMATION
We use the information that we collect to communicate with you, propose appropriate solutions or options, provide the service or carry out the transactions at your request, provide a personalized experience, screen for potential risk or fraud (in particular, your IP address), process job applications, fulfill requests for information or online resources, and according to the preferences you have shared with us, provide you with information or advertising relating to our products or services, and more generally to improve and optimize our Sites (for example, by generating analytics about how our customers browse and interact with the Sites, and to assess the success of our marketing and advertising campaigns).
SHARING YOUR PERSONAL INFORMATION
We do not sell your personal data.
We may share your personal data with third parties under certain circumstances. We use affiliated and unaffiliated service providers that help us process personal data to deliver services and run our business subject to strict confidentiality agreements. For example, service providers help deliver the following functions:
- Customer Support (Contact data, Inquiry data) to help troubleshoot and support products and services (e.g., Olark)
- E-Commerce Functionality (Contact data, Interactions with website) To facilitate sales and PCI-compliant credit card processing of our products online (e.g., PayTrace Payment Gateway),
- Promotions and Relevant News (Contact data, Cookie data) to provide information and incentives for our products and services (e.g., Salesforce, Pardot, Google Ads, LinkedIn)
- Website performance (Cookie data, Interactions with website) to enable functionality and features while on our websites (e.g., Google Analytics)
- Cookie Opt-In Manager (Cookie data) to provide the ability to choose cookies to be allowed on our websites (e.g., Complianz, OneTrust)
These companies are required to abide by our data protection and security requirements and are not allowed to use personal data they receive from us for any other purpose. The privacy policies of these providers are all available on their sites or maybe requested from IAG. For example, you can read more about how Google uses your Personal Information here: https://www.google.com/intl/en/policies/privacy/.
We may share your Personal Information
- to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive;
- in an emergency, including to protect the safety of our employees or any person;
- in connection with investigating or preventing fraud;
We may share your personal data for purposes of a business deal, or negotiation of a business deal, involving sale or transfer of all or a part of our business or assets. These deals can include any merger, financing, acquisition, divestiture, joint venture or partnership, or bankruptcy transaction or proceeding.
We also freely use and share aggregated and pseudonymous information for performance and analytics purposes that cannot be used to identify you individually.
MARKETING AND ADVERTISING
As described above, we use your Personal Information to provide you with targeted advertisements or marketing communications we believe may be of interest to you. For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at https://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.
You can opt out of targeted advertising by using the links below:
Additionally, you can opt out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal at: https://optout.aboutads.info/.
We do not knowingly collect or maintain information about persons under 13 years of age. If we learn that information about persons under 13 years of age has been collected on or through the Sites, we will take appropriate steps to delete this information. If you are the parent or legal guardian of a child under 13 years of age who has registered for an account or service on our Sites, please contact us using the contact information below to have that child’s account or service terminated and personal information deleted.
We retain personal data for as long as necessary to provide functionality and fulfill the transactions you have requested, or for other legitimate purposes such as complying with our legal obligations, resolving disputes, and enforcing our agreements. Because these needs can vary for different data types, the context of our interactions with you or your use of our Sites, actual retention periods can vary significantly. We will maintain this data for our records unless and until you ask us to delete this information.
We use TLS certificates, encryption, data access limitations, anti-virus software, and firewalls to reduce the risk of unauthorized access to personal data. No data transmission over the Internet or any wireless network is entirely secure. Be mindful of security risks when you transmit personal data to us and when you post information in our public forums.
DO NOT TRACK
In order to provide the current website experience, we do not respond to “Do Not Track” signals.
If you are a European resident, you have the right to access personal information we hold about you and to ask that your personal information be corrected, updated, or deleted. If you would like to exercise this right, please contact us through the contact information below.
Additionally, if you are a European resident we note that we are processing your information in order to fulfill contracts we might have with you (for example if you make an order through the Site), or otherwise to pursue our legitimate business interests listed above. Additionally, please note that your information will be transferred outside of Europe, including to Canada and the United States.
YOUR RIGHTS TO CONTROLLING AND ACCESSING YOUR INFORMATION
You may request that we update or delete/deactivate certain information pertaining to you.
If we cannot remove some personal information, we will let you know why. If you have subscribed to marketing emails, you may stop the delivery by following the unsubscribe instructions contained in the email received or at the email preferences page on our Site: Email Communication Preferences (iag.biz) or the unsubscribe page, Email Communication Preferences (iag.biz) both of which are located in the footer of the Site.
You also have the right to request how your data is processed and with whom we share it.
Additionally, if you believe certain information that IAG processes about you is inaccurate, you have the right to have this information corrected.
YOUR RIGHTS TO MANAGING COOKIES
For more information about cookies, and how to disable cookies, visit https://www.allaboutcookies.org.
SPECIAL RIGHTS AND INFORMATION FOR CALIFORNIA RESIDENTS
Under the California Consumer Privacy Act of 2018 (“CCPA”), California residents have certain rights around IAG’s collection, use, and sharing of their personal information. IAG does not sell your personal information and will not do so in the future without providing you with notice and an opportunity to opt-out of such sale as required by law. Similarly, we do not offer financial incentives to California residents associated with our collection, use, or disclosure of your personal information.
IAG collects various categories of personal information when you visit our Sites, including identifiers, commercial information, internet or other electronic network or device activity information, geolocation data, and professional information. A more detailed description of the information we collect and how we use it, the categories of third parties with whom we share personal information, and what information may be shared under different circumstances is contained in the policy above.
If you are a resident of California, you have the right to request to know what personal information has been collected about you, and to access that information. You also have the right to request deletion of your personal information, though exceptions under the CCPA may allow IAG to retain and use certain personal information notwithstanding your deletion request. You can learn more about how to submit a data rights request through contact details located within this policy. You may also send your request by email to us at the addresses below. We will not discriminate against you for exercising your rights under the CCPA. An agent may submit a request on your behalf, but you must verify that your agent is authorized to do so.
Separate from the CCPA, California’s Shine the Light law gives California residents the right to ask companies what personal information they share with third parties for those third parties’ direct marketing purposes. We do not disclose your personal information to third parties for the purpose of directly marketing their goods or services to you unless you request such disclosure. If you have any questions regarding this policy, or would like to change your preferences, you may contact us at the address listed in this policy.
SPECIAL RIGHTS AND INFORMATION FOR EU, UK AND SWISS USERS
From May 25, 2018, the processing of personal data of individuals in the European Union is subject to the EU General Data Protection Regulation (“GDPR”). This section provides information relating to EU users’ rights and IAG’s obligations under the GDPR. Personal data processed through the use of our Sites is managed by IAG, 715-700 Dorval Dr Oakville, ON L6H 3V3 Canada.
IAG processes personal data relating to EU customers on one or more of the lawful bases specified in the GDPR.
- The processing is necessary for entering into or performing a contract with you.
We need to process personal data relating to you in order to activate and register products, ensure products and services you use are working as they should, maintain and improve products, answer to questions and requests from you, and provide customer support.
- The processing is necessary for IAG’s legitimate interests. We process usage data to support website functionality, detect and prevent fraud; to protect and defend the rights or property of other customers or third parties, or our own rights and interests. We consider your rights and freedoms when doing so and de-identify personal data to the largest extent practicable. We may also process your personal data to meet regulatory requirements, and to respond to lawful requests, court orders, and legal processes.
- The processing is necessary to meet IAG’s legal obligations. We may need to process your personal data to comply with relevant EU or Member State laws.
- Consent. IAG processes some personal data based on consent. We often do this for our direct marketing communications. You can unsubscribe at any time by following the instructions here http://www2.iag.biz/unsubscribe/u/464.
If you are an IAG customer within the EU, you have the rights described below with respect to IAG’s processing of your personal data.
Right of access and explanation: You have the right to receive an explanation of what data IAG has about you and how it uses this data. You have the right to receive a copy of the personal data IAG has about you.
Right of rectification: If you believe certain information that IAG processes about you is inaccurate or incomplete, you have the right to have this information corrected.
Right to erasure: You have the right to request to have your data permanently deleted by IAG.
Right to object: You have the right to object to IAG’s processing of your personal data based on legitimate interests on grounds relating to your particular situation. IAG may continue to process your personal data notwithstanding the objection to the extent permitted under GDPR. You also have the right to object to IAG’s processing of your personal data for direct marketing purposes.
Right to restriction of processing: You have the right to request that IAG restrict the processing of your personal data in certain situations where you feel the processing is inappropriate.
Right to portability: You have the right to request portability of personal data that you have actively or passively provided to us (which does not include data derived or inferred from collected data), where the processing of such personal data is based on consent or a contract with you and is carried out by automated means.
Right to complain to the supervisory authority: You also have the right to file a complaint regarding IAG’s processing of your personal data with the Data Protection Commission, the Irish Supervisory Authority. Their contact information is Data Protection Commission, 21 Fitzwilliam Square, Dublin 2
D02 RD28, Ireland, Phone: +353 57 8684800, +353 (0)761 104 800.
Right to withdraw consent: Where processing is based on consent, you have a right to withdraw consent at any time. Use of our Sites and our products as described in IAG’s Privacy Statement is voluntary.
To invoke any of these rights, please contact us via phone, email, or postal mail by using the contact information below.
We will only transfer your personal data from the European Economic Area (EEA) to countries outside the EEA, on the basis of appropriate safeguards. When IAG transfers data internationally we rely on
- Adequacy Decisions as adopted by European Commission on the basis of Article 45 of Regulation (EU) 2016/679 (GDPR), or
- Standard Contractual Clauses issued by the European Commission (2010/87/EU, 2001/497/EC or 2004/915/EC).
If you have questions, comments, or would like to make a request regarding your data or our Statement, past Statements, and data practices, please contact us at https://www.iag.biz/about-iag/contact-us/ or through the following methods:
Phone: +1 905-842-0123
Postal Mail: IAG Privacy Officer, 111-1201 N Market St Wilmington, DE 19801 or 715-700 Dorval Dr Oakville, ON L6H 3V3 Canada
We will endeavor to respond to your request to review the information we have on file for you within 30 days from receiving such request.
If you are not satisfied with our response, you can refer your privacy complaint or dispute to the relevant state or national data protection authority in your jurisdiction.
We may update this privacy statement from time to time in order to reflect, for example, changes to our practices or for other operational, legal or regulatory reasons.