Effective Date: 1/1/2020
This privacy statement describes how Cornerstone Information Systems, Inc. and each of its subsidiaries (“Cornerstone Information Systems”) collects and uses the personal information you provide on our Web sites: https://www.iqcx.com, https://apps.ciswired.com and https://www.ciswired.com, https://etopaz.com, https://apexconnect.io and our Service. The use of information collected through our service shall be limited to the purpose of providing the service for which the Client has engaged Cornerstone Information Systems companies. It also describes the choices available to you regarding our use of your personal information and how you can access and update this information.
EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield
Cornerstone Information Systems companies participate in and have certified our compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework. Cornerstone Information Systems companies are committed to subjecting all personal data received from European Union (EU) member countries and Switzerland, respectively, in reliance on the Privacy Shield Framework, to the Framework’s applicable Principles. To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce’s Privacy Shield List.
Cornerstone Information Systems companies are responsible for the processing of personal data it receives, under the Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. Cornerstone Information Systems companies comply with the Privacy Shield Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to the Privacy Shield Framework, Cornerstone Information Systems companies are subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, Cornerstone Information Systems companies may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
Under certain conditions, more fully described on the Privacy Shield website, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.
Information Collection and Use
Cornerstone Information Systems companies may collect Personally Identifiable Information (“PII”) voluntarily in the process of servicing our clients. The kinds of information we may collect could include full name, email, addresses, and credit card information.
In addition, we may collect and store on behalf of our clients some system administration contact information. Typically, this involves our client’s contact information such as email address to notify users of service notifications.
Cornerstone Information Systems companies reserves the right to disclose your personally identifiable information as required by law and when we believe that disclosure is necessary to protect our rights and/or to comply with a judicial proceeding, court order, or legal process served on our Web Site.
In the event any of the Cornerstone Information Systems companies goes through a business transition, such as a merger, acquisition by another company, or sale of all or a portion of its assets, your personally identifiable information will likely be among the assets transferred. You will be notified via email of any such change in ownership or control of your personal information.
Children’s Personal Information
Cornerstone Information Systems companies offer only business-related services and does not offer areas specifically designed for children.
As is true of most websites, Cornerstone Information Systems companies gather certain information automatically. This information may include Internet protocol (IP) addresses, browser type, Internet service provider (ISP), referring/exit pages, the files viewed on our site (e.g., HTML pages, graphics, etc.), operating system, date/time stamp, and/or clickstream data to analyze trends in the aggregate and administer the site.
Cornerstone Information Systems companies do not share, sell, or rent user’s personally identifiable information (PII) to third party parties in ways other than disclosed in this privacy statement.
We will share aggregated demographic information with our business partners. This is not linked to any personal information that can identify any individual person, nor is it linked to any client proprietary information. We partner with another party to provide specific services. When the user signs up for these services, we will share names, or other contact information that is necessary for the third party to provide these services. These parties are not allowed to use personally identifiable information except for the purpose of providing these services.
An example of the sharing of data would be that one of our customers has requested in writing that Cornerstone Information Systems companies may provide travel data to a supplier of the customers’ choosing, such as an emergency medical team for travelers at risk. Travel data transferred to the emergency medical team may include contact information.
This web site contains links to other sites. Please be aware that Cornerstone Information Systems companies are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of every web site that collects personally identifiable information (PII). This privacy statement applies solely to information collected by Cornerstone Information Systems companies web sites.
This website takes every precaution to protect our users’ information. When our customers handle sensitive information via the website, information is protected both online and off-line.
All online data transmitted is secured via TLS 1.2 encryption and all data at rest is protected by AES 256bit encryption. All our users’ information, not just the sensitive information mentioned above, is restricted in our offices. Only employees who need the information to perform a specific job are granted access to personally identifiable information (PII).
Our employees must use password-protected screensavers when they leave their desk. When they return, they must re-enter their password to re-gain access to your information.
Furthermore, ALL employees are kept current on our security and privacy practices. Every calendar quarter, as well as any time new policies are added, our employees are notified and/or reminded about the importance we place on privacy, and what they can do to ensure our customers’ information is protected.
Finally, the servers that may store personally identifiable information (PII) on are kept in a secure environment and located in rooms that require security card access readers and cameras. No method of transmission over the Internet, or method of electronic storage, is 100% secure, however. Therefore, we cannot guarantee its absolute security. If you have any questions about security on any Cornerstone Information Systems companies Web site, you can contact us at firstname.lastname@example.org.
Supplementation of Information
For this website to properly fulfill its obligation to our clients, it is necessary for us to supplement the information we receive with information from third party sources. As indicated above we may collect some information from industry databases. This information is tied to an identifier that our clients use to run reports and analyze the data. It is possible for our clients to then also be able to append more of their own data to it.
Site and Service Updates
From time to time Cornerstone Information Systems companies send clients site and service announcement updates. These announcements contain important information about the service, therefore are required as part of the service. Generally, you may not opt-out of these required communications as they are necessary to receive the service. If you wish to stop receiving these communications, please see the “Choice/Opt-out” section below for instruction. We communicate with the user to provide requested services and with regards to issues relating to their account via email or phone.
Correction/Updating Personal Information
Upon request Cornerstone Information Systems companies will provide you with information about whether we hold, or process on behalf of a third party, any of your personal information. If a client’s personally identifiable information (PII) changes (such as your zip code) we provide a way to correct, update or remove that user’s personal data provided to us. This can usually be done at the system administration information page or by emailing our Customer Support. We will respond to your request within a reasonable timeframe.
Cornerstone Information Systems companies acknowledges that you have the right to access your personal information. Cornerstone Information Systems companies have no direct relationship with the individuals whose personal data it processes. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data should direct his query to the Cornerstone Information Systems companies Client (the data controller). If requested to remove data, we will respond within a reasonable timeframe. If you are a customer of one of our Clients and would no longer like to be contacted by one of our Clients that use our service, please contact the Client that you interact with directly. We handle client data as a data processor. Consequently, access requirements are handled by them, though we will cooperate with any requests made by our data controller clients having to do with their end users. The data controller clients can expect a response to their request with 10-20 business days.
We may transfer personal information to companies that help us provide our service. Transfers to subsequent third parties are covered by the service agreements with our Clients.
We will retain your information and information we process on behalf of our Clients for as long as your account is active or as needed to provide you services or to our Clients. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
All requests to update or delete currently held information can be initiated by sending an email to email@example.com
We handle client data as a data processor. Consequently, choice requirements are handled by the administrator assigned by the client. If you wish to stop receiving site and service announcements or trip notifications, please contact your system administrator.
Notification of Changes
Enforcement of this Privacy Statement
If you have questions regarding this statement you should contact Cornerstone Information Systems at: firstname.lastname@example.org. You may also contact Cornerstone Information Systems by telephone (812-330-4361) or postal mail. Please mail correspondence to:
Cornerstone Information Systems
304 W. Kirkwood Avenue
Bloomington, IN 47404