Privacy Policy
Celerium LLC ("CELERIUM") is a provider of various situational readiness solutions offered to its Clients via a subscription services model, including CELERIUM Risk Center™, CELERIUM Security Center™, ActivTravel (travel tracking services) and the ActivPoint™ mobile application (collectively “Services”). This Privacy Policy (“Policy”) describes how CELERIUM uses the information you provide to us or we gather from you or your employer or its Agents. By using CELERIUM’s Services, however accessed and/or used, whether by personal computer, tablet, mobile device, or otherwise, you consent to CELERIUM’s Privacy Policy and its applicable Terms of Use (depending on which CELERIUM service you are using).
CELERIUM enters into contracts with its Clients (as defined below) that specify the terms and conditions under which CELERIUM will provide its Services to Clients and their authorized Users. As such, CELERIUM takes its direction with respect to Users' Personal Information from the Client.
For European data protection purposes, CELERIUM is acting as a data processor in accordance with the instructions of the Client. If you are a European User, please contact the Client (e.g., your employer) for a copy of its privacy policy, which is also applicable to you.
Because privacy is critical to its Clients and their authorized Users, CELERIUM collects only certain Personal Information that is necessary to provide its Services in the course of its business. CELERIUM takes these activities seriously and strives to collect, use, safeguard, and disclose Personal Information in a manner consistent with the laws of the countries in which it does business.
SCOPE
This Policy applies to Personal Information required by CELERIUM in order to provide the following subscription service offerings: CD Collaborate, CD STIX, Cyber Defense Network, Soltra Edge, NC4 Mission Center, (ii) unsolicited information delivered to CELERIUM in any form, (iii) websites or articles or other information owned by or created by other entities and that are linked to on CELERIUM's website or within the Services, (iv) information delivered to CELERIUM by fax, email, manually or through off-line requests, or (v) other information received by CELERIUM apart from its standard subscription service offerings.
DEFINITIONS
The following definitions shall apply throughout this Policy:
"Agent" means any third party that collects or uses Personal Information under the instructions of, and solely for, CELERIUM or Client or to which CELERIUM discloses Personal Information for use on CELERIUM's behalf. Agent includes, but is not necessarily limited to, third-party service providers and administrators or insurers and their respective third-party providers (e.g., security or emergency assistance providers).
"Client" means an agency, corporation, or other entity which contracts with CELERIUM to perform services, as the principal subscriber to the CELERIUM Services. The Client is typically the User’s employer, but may be a third party engaged by the User’s employer to procure the Services.
"CELERIUM" means Celerium LLC, and its affiliates.
"Personal Information" means any information that identifies or could reasonably be used by or on behalf of CELERIUM to identify an individual. Personal Information does not include information that is anonymized or stripped of all personally identifiable information.
"Subcontractor" means any individual, corporation, or other entity under written contract with CELERIUM to assist CELERIUM in providing its Services.
"User" means any employee or contracted agent, representative or consultant of Client authorized by Client to use the CELERIUM Services.
INFORMATION COLLECTED BY CELERIUM
CELERIUM's Client registration process is designed to collect certain Personal Information regarding Users of the Services necessary for CELERIUM to grant access to the CELERIUM Service(s) and to properly and securely administer the Service(s) on behalf of the Client. System configuration is not possible without this basic information.
CELERIUM obtains Personal Information concerning a Client's Users and/or travelers from its Clients or their Agents. Depending on the Services used, the Personal Information that may be obtained includes, but is not necessarily limited to: name, gender, business and/or home address, business and/or home phone numbers, business and/or home email address, travel itineraries, passenger name record (PNR) information and reservation information, and precise location data. Personal Information will be maintained in CELERIUM's system in accordance with the data retention provisions of this Policy.
INFORMATION PROCESSED BY CELERIUM ON BEHALF OF CLIENTS USING CELERIUM SERVICE(S)
As part of providing the Services to our Clients, CELERIUM may receive and process your Personal Information if you are an authorized User of the Services. When CELERIUM provides its Services under contract with its Clients, CELERIUM acts on the instructions of the Client and uses reasonable physical, electronic, and administrative safeguards to protect the Personal Information from loss, misuse, unauthorized access, disclosure, alteration, or destruction. The Client is responsible for complying with all other obligations in relation to the Personal Information it may collect from you as a User.
USE OF PERSONAL INFORMATION
CELERIUM uses the Personal Information it obtains in a number of ways, including, but not limited to:
-
To provide access to and use of the Services subscribed to by the Client, including, but not necessarily limited to, providing personalization services, verifying and validating User identity, tracking travelers, sending notifications from within the Service when important transactions have occurred, contacting Users and/or Clients as needed to provide the Services, providing reports to Clients, and in other ways necessary to support the Client.
-
To provide Client and/or Users with limited CELERIUM marketing or training information or to notify Client about updates and/or upgrades or new releases to the Services (e.g., invitations to, or information concerning, CELERIUM's User conferences, Webinars, news flashes, training opportunities, customer satisfaction survey, etc.).
-
To provide Client with historical and/or trend analysis reports.
-
To improve or enhance the Services.
-
To diagnose problems with our website or Services.
-
To provide customer support to the Client and/or User.
INFORMATION SHARED WITH THIRD PARTIES
Personal Information obtained by CELERIUM is only accessed by authorized CELERIUM personnel or Subcontractors and/or Agents (which may include your employer's service providers and insurance provider(s)). Except as otherwise described herein, CELERIUM does not release or otherwise disclose Personal Information collected from or on behalf of Client without the prior written permission from the Client, Client's authorized administrative User(s), or the individual User. CELERIUM may provide your Personal Information to third-party vendors, subcontractors, consultants and other service providers who are working on CELERIUM's or its Client's behalf and need access to your information in order to carry out their duties so that CELERIUM or Client may conduct its business. This may include, but is not limited to: (i) the hosting and managing of CELERIUM's Services, analyzing data, handling email distribution, and providing other services for CELERIUM in order for CELERIUM to provide the Services; and (ii) your employer's service and/or insurance providers. All other requests for Personal Information and requests for access to Personal Information will be forwarded to the Client, and CELERIUM will act in accordance with the Client's instructions.
CELERIUM will obtain assurances from its third-party providers that they will safeguard Personal Information in a manner consistent with this Policy. Examples of appropriate assurances that may be provided by Subcontractors or Agents include a contract or data transfer agreement obligating the Subcontractor or Agent to follow applicable data protection laws in accordance with this Policy, and/or where appropriate, executing a set of Standard Contractual Clauses (for transfers of personal data from the EU/EEA).
If CELERIUM has knowledge that a Subcontractor or Agent is using or disclosing Personal Information in a manner contrary to this Policy, it will take reasonable steps to prevent or stop such use or disclosure.
TRANSFERS OF PERSONAL DATA FROM THE EU/EEA
For Clients that transfer personal data from the EU/EEA to the US as part of the Services, CELERIUM will incorporate the European Commission approved Standard Contractual Clauses (commonly referred to as the Model Contracts) into its agreements with those Clients, and/or be registered under a program agreed to by the EU and US to allow for the transfer of personal data from the EU/EEA to the US. The Standard Contractual Clauses are a set of contract terms that have been approved by the European Commission as ensuring adequate protection for personal data transferred from the EU/EEA to non-EU/EEA countries, including the US, in accordance with the EU Data Protection Directive 95/46/EC.
NOTICE AND CONSENT
CELERIUM's standard procedures require the Client or the Client's Agent (e.g., Client's travel management company) to provide Personal Information to CELERIUM concerning the Client's Users or travelers in order for CELERIUM to perform the Services. CELERIUM acts in accordance with the Client's instructions, and therefore CELERIUM may have no direct contact or relationship with the individuals whose Personal Information it obtains.
CHOICE ("OPT-OUT")
As an agent processing Personal Information under the instruction of its Clients, CELERIUM may have no direct contact or relationship with the individuals whose Personal Information it obtains. Prior to CELERIUM (a) disclosing any Personal Information to a non-agent third party, or (b) using any Personal Information for a purpose other than the purpose for which it was originally collected or a purpose subsequently authorized by the individual, CELERIUM will work with its Clients to inform individuals of such intended use and also provide opt-out instructions for such disclosures.
DATA INTEGRITY
CELERIUM will use Personal Information provided to it only in ways that are compatible with the purpose for which it was collected or subsequently authorized by the Client. As an agent processing Personal Information under the instruction of its Clients, CELERIUM works with its Clients to provide reasonable steps to ensure that Personal Information is relevant to its intended use, accurate, complete, and current.
DATA SECURITY
CELERIUM has implemented appropriate technical and organizational measures and will take other reasonable precautions to protect Personal Information in its possession from loss, misuse and unauthorized access, disclosure, alteration and destruction. Any specific requirements of a Client with respect to the processing and security of Personal Information are specified in the contract between CELERIUM and the Client.
CLIENT ACCESS AND CORRECTION
As an agent processing Personal Information under the instruction of its Clients, CELERIUM works with its Clients to grant individuals reasonable access to Personal Information that CELERIUM holds about them, and CELERIUM will take reasonable steps to permit individuals to correct, amend, or delete information that is demonstrated to be inaccurate or incomplete. CELERIUM's contract with its Client may require CELERIUM to notify Client of any request received directly from a User without responding to that request.
If a Client or User no longer has access to the Services, he or she can contact the CELERIUM Support Center and request that Personal Information be verified, modified, or deleted. Depending on the Service in question, CELERIUM may not be able to delete all Personal Information due to auditing requirements of the underlying system. This is an important feature of the CELERIUM Services. CELERIUM's Support Center can be contacted at 888-624-4411. Clients/Users will be required to prove identity to the satisfaction of CELERIUM in order to have Personal Information modified or potentially removed.
ENFORCEMENT
CELERIUM uses a self-assessment approach to assure compliance with this Policy and will conduct periodic compliance audits of its relevant privacy practices to verify such adherence. Any CELERIUM employee found to have acted in violation of this Policy may be subject to disciplinary action up to and including termination of employment.
DISPUTE RESOLUTION
Any questions, concerns, or complaints regarding CELERIUM's use or disclosure of Personal Information shall be directed to the CELERIUM address below. Any CELERIUM employee who receives a question, concern, or complaint regarding the use or disclosure of Personal Information will direct that information to CELERIUM's legal department. CELERIUM will investigate and attempt to resolve complaints and disputes regarding use and disclosure of Personal Information in accordance with the principles contained in this Policy.
For complaints that cannot be resolved between CELERIUM and the complainant, CELERIUM has agreed to participate in the dispute resolution procedures of the International Centre for Dispute Resolution of the American Arbitration Association. By utilizing CELERIUM's Service, you also agree to subject any unresolved complaints to these dispute resolution procedures. For more information regarding The International Centre for Dispute Resolution, please consult its website at www.icdr.org or call 800.778.7879.
LIMITATION ON APPLICATION
Adherence by CELERIUM to the provisions set forth in this Policy may be limited (a) to the extent required for CELERIUM to respond to a legal or ethical obligation; (b) to the extent necessary to meet national security, public interest, or law enforcement requirements; (c) to the extent a disclosure or other action is permitted or required by an applicable law, rule, regulation, or legal process; (d) to enforce our policies or to protect our rights, property or safety, or those of another; and/or (e) to prevent illegal or improper uses of CELERIUM's Services or to defend CELERIUM against claim.
DATA RETENTION
CELERIUM retains data in accordance with instructions and/or contract provisions with its Client. Therefore, Personal Information associated with inactive accounts that are more than two (2) years old is deleted from the CELERIUM production systems, unless otherwise agreed to in writing between CELERIUM and the Client.
USE OF COOKIES OR OTHER PERSISTENT INFORMATION
CELERIUM uses cookies, hidden from fields, and information in URL strings in its applications to maintain a User session. When the work session is completed, no Personal Information (other than possibly a login ID) is maintained about the User in cookies or other persistent form on the User's computer.
THIRD PARTY LINKS
The CELERIUM Services may provide links to third parties for Client/User convenience, but no Personal Information is transmitted to outside systems without Client's or the individual User's consent. Third-party links posted within the CELERIUM Services do not constitute an endorsement of, or any responsibility for, any product, service, content or policy of that website. CELERIUM is not responsible for any information you may choose to provide at one of those sites. CELERIUM suggests you read that website's privacy policy and terms of use/terms and conditions and other applicable rules before submitting any information. This Privacy Policy does not extend to third party websites or links.
CONTACT INFORMATION
Questions, comments, or complaints pertaining to this Policy or CELERIUM's collection or retention of Personal Information should be submitted to CELERIUM via the following means:
Celerium LLC
Attn: Legal Department
100 N. Pacific Coast Hwy, Suite 200
El Segundo, CA 90245
Email: info@CELERIUM.com
Phone: 310.606.4444
Fax: 310.606.4309
AMENDMENTS TO POLICY
CELERIUM may update this Policy from time to time to reflect changes in CELERIUM's products and services, or to remain consistent with the requirements of various privacy principles. When a User logs into a CELERIUM Service, the User will be notified when there has been an amendment that materially changes this Policy and will be directed to review the amended Policy if he/she so chooses. CELERIUM will also post its current privacy policy on the CELERIUM website at www.CELERIUM.com.
EFFECTIVE DATE
April 3, 2019