Last Updated: June 2019, Melvin Weidner – Information Security & Compliance Officer
Who are we?
We offer EDI and eCommerce marketplace solutions and/or other related services through our proprietary cloud-based hub for order management, including the Service. The Service is a hosted service that enables our business customers (“Customers”) to subscribe to multiple options available to integrate with inventory, ERP applications, online channels, accounting packages, 3PLs, warehouse management system, UPC catalogue providers and drop ship platforms and to better communicate and interact with, and deliver content to, our Customer’s trading partners in real-time via co-browse and other communication and delivery methods.
How do we collect information from you?
We obtain various kinds of information about you when you use the Service. Some of this information you provide directly to us, such as when you sign up or submit feedback. Some of it we get by observing how you use the Service.
What type of information is collected from you?
If you are our Customer, when you set up to use the Service and create an account, we collect personal information about you, including your name, email address, company name, type of business, customer preference information, customer number and service tag number.
In addition, we request information when you:
- place an order
- provide feedback in an online survey
- participate in a promotional offer
- request email notification of your order status
- request online technical support
- request assistance from our Live Chat
We may also collect personal information from you when you request technical support or participate in one of our communities or message boards. If you are an individual that interacts with our Customer using the Service via its website, we may also collect personal information such as your IP address.
As you use the Service, we may automatically collect certain information about your connection to our servers, your operating system, your IP address and your browser. This information is collected to aid in diagnostics and auditing, to enhance your site visit and use of the Service, assist you with technical support and to enable us to follow up with you after your visit in order to enhance your experience
Communication Products and Services.
If you engage in a communication directly with one of our Customers or an agent of our Customer using the Service, you may voluntarily provide, or otherwise be asked by the Customer to provide, personal information such as your name, contact information and other information to facilitate the Service.
Information requested by the Customer.
Depending on the Services subscribed to by the Customer, we may, on behalf of the Customer, provide feedback and run reports related to your browsing, purchasing and online behavior and activities.
The Customer may provide data to us (including data related to visitors to the Customer’s website or its trading partners) in order for us to combine such data with our data for purposes of analyzing such combined data, and providing feedback and running reports related to such combined data on behalf of the Customer.
The Company maintains records of all such analyses, feedback and reports for as long as we believe is necessary or desirable to fulfill our business purposes or to comply with applicable law, audit requirements, regulatory requests or orders from competent courts.
Cookies (or browser cookies).
How is your information used?
We use information that we collect about you or that you provide to us, including personal information, for the following purposes:
- to enhance your customer support experience
- to manage your account
- to provide you with information, products or services that you request from us
- to fulfill any other purpose for which you have provided the information
- to carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection
- to notify you about changes or upgrades to our products or services
- in any other way we may describe when you provide the information
- to assist in debugging issues with third party service providers with respect to our service(s)
- to provide information specified by court or other legally binding order to the appropriate legal authorities
- for any other purpose with your permission
How do we share your information?
We will not sell or rent your personal information to third parties, and we will not share your personal information with third parties for marketing purposes.
We share your personal information with your consent or as necessary to complete any transaction or provide the service you have requested or authorized. In those situations, your personal information may be shared with third parties approved by you, which includes your Vendors, Customers, Business and Trading Partners, Service Providers, Contractors and Agents, 3PLs and Shipping Carriers.
We also share data ( (i) when required by law or to respond to legal process, (ii) to protect our Customers, (iii) to maintain the security of our products and services, and (iv) to protect our rights and property.
We may also share aggregate, non-personally identifiable information about our customers (such as age, gender, or categories of interest) with business partners to fulfill contractual obligations.
Third Party Processors.
If you are a Customer and have any questions on this partnership, please contact your eZCom account manager.
How long do we retain your Information?
We review our retention periods for personal information on a regular basis. We are legally required to hold some types of information to fulfill our statutory obligations (for example, to comply with obligations relating to invoicing and taxes). We will hold your personal information on our systems for as long as is necessary for the relevant activity, or as long as is specified in any relevant contract between you and us.
When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it, or, if this is not reasonably possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information on hardened servers that are hosted on highly secure data centers, and isolate it from any further processing until deletion is possible.
We will not contact you for marketing purposes by email or phone except (i) as necessary to enter into a contract or fulfill our obligations under a contract, (ii) with your permission, or (iii) for legitimate purposes permitted by applicable law. We will provide an unsubscribe option on all marketing emails you receive from us. You may also contact us at firstname.lastname@example.org to unsubscribe or if you have any other questions or concerns regarding your receipt of marketing materials from us.
Accessing and correcting your information.
You may contact us at: email@example.com with any request to access, correct or delete any personal information that you have provided to us. We make good faith efforts to honor reasonable requests to access, correct or delete your personal information. If you request that we delete your personal information, your Service account information will also be removed. We may not accommodate a request to remove personal information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.
We have implemented measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration and disclosure. All information you provide to us is stored on our secure, hardened servers that are hosted on highly secure data centers. Access to this data is protected by multiple layers of controls, including firewalls, authentication mechanisms and monitoring.
The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of the Service or our websites, you are responsible for keeping this password confidential. We urge you to be careful about giving out information in public areas of our website like message boards. The information you share in public areas may be viewed by any user of our website.
Unfortunately, the transmission of information via the Internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to the Service. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Service.
We encourage parents and guardians to take an active role in their children’s online activities. We do not knowingly collect personal information from children without appropriate parental or guardian consent. If you believe that we may have collected personal information from someone under the applicable age of consent in your country without proper consent, please contact us at firstname.lastname@example.org and we will take appropriate measures to investigate and address the issue promptly.
Consent to transfer, process and store Personal Information.
As eZCom continues to engage in business on a global basis, we may transfer your personal information to third parties, including trading and business partners as described above that are located in various countries around the world. By using the Service or providing any personal information to us, where applicable law permits, you consent to the transfer, processing, and storage of such information outside of your country of residence where data protection standards may be different.
eZCom is responsible for the processing of personal data it receives under the Privacy Shield Framework and subsequently transfers to a third party acting as an agent on its behalf. We comply with the Privacy Shield Principles for all onward transfers of personal data from the EU, including the onward transfer liability provisions. In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
In compliance with the US-EU Privacy Shield Principles, we commit to resolve complaints about privacy and our collection or use of the personal information of EU individuals. If you believe we retain your personal data within the scope of our Privacy Shield certification, you may direct any queries or complaints regarding our Privacy Shield certification or compliance to the address above. We will respond to any inquiries or complaints within 45 days at no cost to you.
If you feel we failed to provide an adequate response with respect to an alleged violation of US-EU Privacy Shield Principles, in whole or in part, you may contact JAMS (https://www.jamsadr.com/file-an-eu-us-privacy-shield-claim), which provides an independent third-party dispute resolution mechanism. Under certain conditions more fully described on the Privacy Shield website (https://www.privacyshield.gov), you may be entitled to invoke binding arbitration through the Privacy Shield Panel when other dispute resolution procedures have been exhausted.
We are subject to the investigatory and enforcement powers of the US Federal Trade Commission with respect to personal data received or transferred pursuant to the EU-US Privacy Shield Framework.
Additional Terms that may Apply to your Information.
Customers’ Websites and other Third-Party Websites.