Last updated: February 22, 2019
Cesium GS is owned and operated by Analytical Graphics, Inc. (“AGI”).
Why are you reading this?
- Types of Information We Collect and Why
- How We Use the Information
- How We Share the Information
- Security and Data Integrity
- Retention Period
- Children Under 13
- International Transfer of Information
- EU-US Privacy Shield and Swiss-US Privacy Shield
- Permitted Purposes for Processing Information
- Data Breaches
- Your Rights (EU)
- Other International Users
- California Users
- Contact Information
1. Types of Information We Collect and Why
“Personal information” means information that allows someone to identify or contact you. “Non-personal information” means information that does not directly identify you. We collect both types of information about you.
We do not collect any more personal information than is reasonably necessary to enable your participation in the activities we offer.
Account Registration: To enable using certain features of cesium.com or Cesium ion, we may request personal information such as your name, mailing address, email address, IP address, the name of your organization, telephone number, account number, account password, account preferences and billing information.
Feedback/ Support: If you contact Cesium via email or phone, we collect your name, email address, and any additional information that you may provide during that communication.
Email Interconnectivity: If you receive an email from us, we may use certain tools to capture information related to when you open the email or click on any links or banners it contains.
Directly from You: If you register for an event (webinar, training class, conference, expo, etc.) hosted by or in attendance by Cesium, or sign up for a contest (sweepstake, challenge, giveaway, etc.), we may request your name, mailing address, email address, telephone number, job title, the name of your organization, your areas of interest, your dietary restrictions (if food is provided), and your T-shirt size. Scanning your badge at an event will provide Cesium with the same or similar information herein. If you visit our offices, we may require you to register as a visitor and to provide your name, the name of your organization, your address, and proof of citizenship (including passport information); in addition, sometimes we may need to take a photograph of you. Where applicable law permits, our offices’ cameras capture images for security purposes and for crime prevention.
Payment Information: Payment might be required for certain services. We may ask you to provide your name, address, email and credit card information. No payment instrument numbers will be stored within our systems. We use a reputable PCI-certified third party payment provider to process your payments. Your sensitive information is encrypted and transmitted securely via HTTPS.
Job Applicant: If you apply for a job with Cesium, we collect information about you that includes the following: contact details, employment status, employment history, educational history, security clearance status, Curriculum Vitae, photographs, background check (including criminal history details), information that we obtain from employment screening agencies or staffing agencies and information that you provide to us (or that we may have obtained from public websites or social media) in connection with employment opportunities.
Cesium ion and Related Software: When operating Cesium ion from an internet-connected device, you may optionally choose to enable access to hosted data. In that case, for security, marketing and product research purposes, additional personal information may be collected and are as follows: your IP address, browser and device information may be analyzed in the aggregate to determine collective user characteristics, to understand user traffic patterns, sales information and behavior on Cesium.com.
Note that in addition to the information that we collect from you directly, we may receive information about you from other sources, including third parties, business partners, affiliates or publicly available sources. Your personal information may be retained in residual back-up files that are a function of our network’s back-up systems.
2. How We Use the Information
In addition to creating an account tailored to you, your personal information, sometimes combined with non-personal information, may be used to operate and maintain our service, as well as to monitor and protect the security and integrity of our service. When you contact us, we may keep a record of your communication to help solve any issues and provide technical support, or answer your inquiry regarding our products and services. We may use the email address you provide us to notify you of improvements, changes and new features. If you sign up for our newsletter, we would send you our newsletter. We also post customer testimonials and comments on our websites which may contain personal information. We obtain each customer’s consent via email prior to posting this information. You can opt-out of receiving these materials by following the steps contained in the correspondence you would receive from AGI or by contacting us.
We use anonymous information for system administration, auditing the use of cesium.com, and statistical marketing purposes.
3. How We Share the Information
Affiliates and Acquisitions: We may share your personal information with corporate affiliates (e.g., sister companies, parent company, joint ventures, or agents that help us run our business). If Cesium.com or AGI becomes involved in a merger, acquisition, reorganization, or any form of sale or transfer of some or all of its assets, we may share your personal information with the acquiring party.
Disclosures Without Your Consent: We may share your personal information if we determine that it may be needed or requested to satisfy any applicable governmental law, regulation, investigation by public authorities, or proceeding. We may also share your personal information if we have a good faith belief that the disclosure is necessary to prevent or respond to fraud, defend cesium.com, or protect the rights, property, and safety of AGI, our customers, users, and the public.
External Websites and Social Media: Please note that cesium.com may contain links to independent websites, products, or services, including social media features and widgets, which are hosted by third parties and are governed by their privacy practices. If you visit these sites, it is your responsibility to protect your privacy by reviewing the other parties’ privacy policies.
Suppliers and Service Providers: We may share your personal information with suppliers and service providers to enable such parties to perform functions on our behalf and, under our instructions, carry out the purposes identified in this policy. This includes, but is not limited to, our IT service providers, our financial systems, our customer relationship management databases, our human resource databases, financial institutions (to carry out credit card transactions), thirdparty consultants who provide us with support with respect to business analytics and marketing campaigns, and the providers of external venues where we host conferences and events.
Public Forums: We offer community forums that are publicly accessible by others who may use the personal information that you have provided. By submitting your comments and support questions to our forum, you understand that the information you choose to provide becomes public. We request your consent before publishing blogs you may have written or success stories containing your personal information. It is up to you to decide whether you want to make your personal information publicly available through these means; AGI is not responsible for the use, by others, of the information that is publicly available.
Disclosures With Your Consent: We may share your personal information in any other way for which we obtain your consent.
4. Security and Data Integrity
We take reasonable measures to protect your information from loss, misuse, unauthorized access, alteration, disclosure, or destruction. In particular:
We support encrypted communications through TLS.
We regularly review our information collection, storage and processing practices, including physical security measures, to guard against unauthorized access to systems.
We actively monitor network activity where possible.
While we try to prevent unauthorized third-party access to personally identifiable information, we cannot completely ensure or warrant the security of the information you transmit, and you agree that you do so at your own risk. In the event that we are required by law to inform you of any breach of personal information, we will do so according to the laws and regulations that apply to us.
We rely on you to update and correct your personal information. Some of our websites allow you to modify your account profile. If you want to access the information that is collected about you or believe that any of the information needs updating, correcting, amending, or deleting, please sign in to your profile to edit it at any time or contact us at email@example.com. You may also contact us at the aforementioned address to access the personal information that may not be accessible from your account. We will correct our records upon verification of the requested change. We may decline to process requests that are frivolous, jeopardize the privacy of others, are impractical, or when allowed by law.
5. Retention Period
Typically, we retain your personal information for the period necessary to fulfill the purposes outlined in this policy unless longer retention is required or permitted by law. We may also decide to delete your data if we believe that it is incomplete, inaccurate, or if we no longer need it. When we delete your personal information, it will be removed from our active database but it may remain in archives where it is not practical or possible to delete it. Furthermore, we may keep your information as needed to comply with our legal obligations, resolve disputes, and/or enforce any agreements.
If you elected to receive marketing communications from us, we retain information about your marketing preferences for a reasonable duration from the date that you last expressed interest in our content, products, or services. We retain information derived from cookies and other tracking technologies for a reasonable duration from the date that such information was created.
6. Children Under 13
Cesium.com does not knowingly collect personal information from children under the age of 13. If it comes to our attention that you are under 13, we will terminate your account and delete all data that you have shared with us.
7. International Transfer of Information
Your personal information is processed in the United States and other countries, where we have offices and resellers, where privacy laws may be less stringent than the laws in your country and where the government courts or law enforcement may be able to access your information. By submitting your personal information to us, you agree to the transfer, storage, and processing of your information. With respect to transfers originating from the European Economic Area (“EEA”) to the US, we participate in and have certified our compliance with the EU-US Privacy Shield. With respect to transfers originating from the EEA to other countries, we implemented standard contractual clauses approved by the European Commission and other appropriate solutions as required and permitted by Art. 46 and 49 of the GDPR.
8. EU-US Privacy Shield and Swiss-US Privacy Shield
You have the right to limit the use or disclosure of your personal information by writing to us by mail or email, at the addresses provided below, and requesting the limitation or disclosure of your personal information. In accordance with the Data Integrity and Purpose Limitation Principle of the EU-U.S. Privacy Shield, AGI will take reasonable steps to ensure that personal information is relevant to its intended use, accurate, complete, and current.
AGI is also subject to the investigatory and enforcement powers of the US Federal Trade Commission (FTC). If you are unable to resolve the matter directly with AGI, after a good faith effort to address it, you may refer a complaint to JAMS, at no cost to you, and we will work with them to resolve your concern. In cases where your complaint has still not been resolved by other means, the Privacy Shield Framework provides the right to invoke binding arbitration as a last resort, as described in Annex I to the Privacy Shield Principles.
If your information is shared onwards on the basis of a contract, that contract will provide the same level of protection as the one guaranteed by the Principles.
AGI complies with the Recourse, Enforcement and Liability Principle through a self-assessment system that includes internal procedures for training our employees about AGI’s privacy policies, disciplining misconduct and reviewing our compliance periodically.
AGI is required to disclose personal information in response to lawful requests by public authorities, including to meet national security, law enforcement, or other public interest requirements.
To learn more about the Privacy Shield program, and to view AGI’s certification, please visit https://www.privacyshield.gov/. If you have an inquiry regarding our privacy practices in relation to our Privacy Shield certification, we encourage you to contact us at firstname.lastname@example.org.
9. Permitted Purposes for Processing Information
We process your personal information for a variety of permitted purposes, including:
Contractual Reasons: Where it is necessary to perform our contract with you or to begin contract negotiation; whether for our products or services, for employment engagement or application, to become your customer, or to perform a contract we may have with you.
Legal Obligation: Where it is necessary for compliance with legal obligations; whether it is to carry out denied party screening, due diligence, to perform a pre-hiring check, to comply with export control laws, anti-bribery laws, corruption laws.
Legitimate Business Interest: Where the processing is in our legitimate interests and not overridden by your data protection interests; whether to ensure compliance with our internal policies, security and business continuity, to improve business processes, training and webinars, advertising, marketing and public relations, to organize corporate events, conferences, or to protect, manage, and improve our websites and other services.
Consent: Where you provide us your consent; whether it is to deal with your inquiries or requests to obtain more information about our company, to the extent required by laws consent for advertising, marketing, and public relations purposes.
10. Data Breaches
If a data breach that is likely to result in a high risk of adversely affecting your rights and freedoms occurs, we will inform you of this without undue delay, or within the period specified under GDPR. Where legally permitted, this notification will be made via email, post, or telephone.
11. Your Rights (EU)
If you are in the EU, you have the right, in specific circumstances, to:
Access to your personal information;
Rectify inaccurate or incomplete information or request it to be erased;
Ask us to move, copy, or transfer your personal information back to you or another;
Object to the processing of your personal information for marketing purposes;
Withdraw consent if we are processing your personal information solely on the basis of consent;
Ensure that any significant decisions affecting you are not made purely by automated means based on an online profile and you have the opportunity to challenge the decision;
Complain to a supervisory authority about our privacy practices.
For further details about your privacy rights under GDPR, please visit this website.
12. Other International Users
13. California Users
While at this time we do not share any of your personal information with third parties for their direct marketing purposes, if we ever do, we will inform you. If you are a California resident, who has an established business relationship with us, California law allows you to request information regarding the disclosure of your personal information by AGI to third parties for the third parties’ direct marketing purposes. If you wish to do so, you may contact us at the address provided below.
16. Contact information
Please note that any requests will require verification of your identity, which may mean that you will need to disclose additional personal information. Furthermore, we will not be able to comply with your request in certain circumstances, especially if unfounded or excessive.