Effective April 13th, 2020
We added Section 6 to address California Consumer Privacy (CCPA) rights
We rearranged and inserted Section 8 to make it clear how long we retain your information
We updated Section 9 – Data Retention: We removed “or within 90 days” to clarify analytics, reporting and logging data may be kept longer than 90 days to fulfil service agreements.
We added Section 10 to address both European Union and United Kingdom
We added Section 11 to address our Legal Basis of Processing Information
Effective November 2019
Added language to Section 1, Third Party Analytics to clarify we do NOT perform remarketing. “We do NOT use these for remarketing.”
Added language to Section 5, Security to identify key security practice in place. “Practices: We have in place and maintain procedures and practices to ensure data security. These include a Data Governance Team, Security Policy, Privacy Inquiry Policy, Incident Response Plan, Privacy/Security by Design, Vendor Assessments, Security Assessments and regular specific Security Training.”
Please be aware, that despite our efforts, no security measures are perfect or impenetrable. We have implemented best practices to protect both your and our data however we do not warrant or guarantee these measures are perfect.
If we learn of a security breach, we will notify you according to our Incident Response Plan or according to Data Processing/Sharing Agreements in place. Depending on where you live, you may have a legal right to receive a notice of a security breach in writing.
Effective March 2019
To address the withdrawal of the United Kingdom from the European Union (Brexit) we have updated our Framework Compliance to include the United Kingdom. The wording in Bold have been added.
Effective April 2018
Effective September 2017
In connection with a job application or inquiry, we may collect data about you, including your educational background, résumé or curriculum vitae, and other information, including your ethnicity or criminal background information where required or permitted by law. We may use this information throughout Lightspeed Systems for the purpose of employment consideration. We will keep the information for future consideration unless you direct us not to do so.
By providing Lightspeed Systems, Inc. information via our website, Tradeshow, Lightspeed event, Partner event, e-mails, phone calls, chat or support cases, and maintained in our systems, you authorize Lightspeed Systems, Inc. to serve as the Data Controller.
By licensing to use Lightspeed Systems, Inc. services, you authorize Lightspeed Systems, Inc. to serve as the Data Processor for the licensed services.
Further, Lightspeed Systems, Inc. recognizes its potential liability when onward transferring EU individuals’ data received pursuant to the EU-US Privacy Shield. An individual has the ability, under certain conditions, to invoke binding arbitration for complaints regarding Privacy Shield compliance not resolved by any of the other Privacy Shield mechanisms. Please refer to Annex I of the Privacy Shield for additional information.
Adult users of Lightspeed Systems, Inc. Services should contact their educational institution or other organization providing the Service about access requests to be forgotten, electronic copies of data, requests for data deletion, and/or data depersonalization.
Following termination or deactivation of a School account, Lightspeed Systems, Inc. may retain profile information and content for a commercially reasonable time for backup, archival, or audit purposes, but all Student Data associated with the School will be deleted in accordance with Lightspeed Systems, Inc. Data Deletion policy, or in accordance with active DPA, DSA or SLA, or within 90 days.
License holders of Lightspeed Systems, Inc. products may request in writing that the data they provided be returned to them in electronic format. Within a reasonable time Lightspeed Systems, Inc. will return the data provided by the license holder for the products they have licensed.
Individuals who provided information via our websites, Tradeshow, Lightspeed event, Partner event, e-mail or phone call may request in writing that the data they provided be returned to them in electronic format. Within a reasonable time Lightspeed Systems, Inc. will return the data provided.
For Data, we collect from visitors of our websites
Account information and settings: Adult users and visitors of the Lightspeed Systems, Inc. website have a right to access the data collected and used by Lightspeed Systems, Inc. To make requests to access or change account information, be forgotten, electronic copies of data, data deletion, and/or data depersonalization, please contact us via the contact information below. Users and visitors may opt out of receiving future promotional electronic mailings from Lightspeed Systems, Inc. by following the unsubscribe procedures indicated in the mailing.
Children’s data: Lightspeed Systems, Inc. does not knowingly solicit or attempt to collect information from children via its websites. We ask that anyone under the age of 13 not use our websites or submit information to us. Please contact us via the contact information below if you have any questions, concerns, need to access, change, or delete the Personal Information that has been submitted by a child.
User-data retention: Lightspeed Systems, Inc. may retain profile information and content for a commercially reasonable time. We may maintain anonymized or aggregated data, including usage data, for analytics purposes. If you have any questions about data retention or deletion, please contact us via the contact information below.
You also have a right to raise any data protection related concerns with the supervisory data protection authority in your jurisdiction.