Table of Contents
Section 2. What Personal Information Do We Collect?
Section 3. IP Addresses
Section 4. Cookies
Section 5. How We Use Your Personal Information
Section 6. How We Share Your Personal Information
Section 7. Storage and Data Retention
Section 8. Security
Section 9. Personal Information of Children
Section 10. CAN-SPAM Act
Section 11. DMCA
Section 12. What Are Your Rights?
Section 13. Automated Decision Making
Section 14. California Consumer Privacy Act
Section 15. Information for Users in the European Economic Area (“EEA”) or in the United Kingdom (“UK”)
Section 17. Contact Us
Section 2. What Personal Information Do We Collect?
Positek RFID collects certain personal information (i.e., information that identifies an individual either alone or in combination with other data). We also collect information that has been de-identified and aggregated, meaning it does not identify an individual, and other non-personal information which does not, on its own, identify an individual person.
Positek RFID obtains information when you or someone acting on your behalf provides such information to us. We also collect information automatically when you access or use the Site or our services or when you use a device on which a Positek RFID service is installed.
The following are examples of the personal information we may collect and process:
(a) Personal Information Collected Directly From You (Or Someone Acting On Your Behalf): This is information about you that you give to us by filling in forms on the Site (or other forms that we ask you to complete), giving us a business card (or similar), corresponding with us by telephone, post, email or otherwise, or accessing our partners’ web-based platforms from the Site, and it may include, for example:
- Your contact information, including your name, address, email address and telephone number;
- Information about your business relationship with Positek RFID and your transactions with us and your use of our services;
- Information about your professional role, background and interests;
- Information provided by you through Positek RFID-related communication channels such as forums, technical support, and customer service;
- Username, password, and other information for accounts for Positek RFID services;
- Financial information, such as data related to your payment method (e.g. valid credit card number, card brand, expiration date) that we may collect when you purchase, order, return, exchange, or request information about our services from the Site; and
- Photographs, images, biometrics, and related hash values.
You are under no obligation to provide us with personal information of any kind, however your refusal to do so may prevent you from using certain features of the Site or our services.
(b) Personal Information Collected By The Site, Our Other Systems, Or From Interactions With Our Services: If you visit the Site, interact with us through social media services, exchange emails, telephone conversations or other electronic communications with our employees and other staff members, or physically enter some of our facilities, we may automatically collect some information about you and your visit or interaction, including, for example:
- Details about your computers, mobile devices, applications, and networks (including IP address, browser characteristics, mobile device ID, characteristics and location, operating system, system language, and preferences);
- Information about your activities on the Site, usage patterns of services and interactions with or through social media networks (including referring URLs, dates and times of website visits, and clickstream data such as information commonly recorded in web server logs);
- Details about Internet or network usage (including URLs or domain names of websites you visit, information about applications that attempt to access your network, or traffic data);
- Data about files and communications, such as potential malware or spam (which may include computer files, emails and attachments, email addresses, metadata, and traffic data, or portions or hashes of any of this information);
- Details of your conversations with our employees or other staff, including, in some instances, their content;
- Information about your visit to our facilities captured by closed circuit TV systems and other security and access management systems, including video; and
- Other information used in the operation of our services.
(c) Other information: We may also collect information about you from other sources, including, the organization you represent, third party data providers and publicly available sources.
(e) De-Identified and Aggregated Information: By visiting, registering to use, accessing, using, interacting with, and/or providing information through the Site or our services, you expressly agree that Positek RFID owns, without restriction, all de-identified and aggregated information and other non-personal information collected and/or created by or on behalf of Positek RFID.
Section 3. IP Addresses
All Internet-enabled devices have an Internet protocol address or IP address. The Site and other Positek RFID services use IP addresses to help keep security measures current and relevant.
Section 4. Cookies
Positek RFID uses “cookies” to remember user preferences and to maximize the performance of the Site and our services. Cookies also help us to identify returning users so, for example, we don’t need to ask them to enter their email and password on every visit. Please note the information gathered by cookies may be necessary to provide some Positek RFID services, including certain subscriptions. We cannot provide such services to users who do not give their consent to the data processing carried out through cookies or whose browsers are set to reject all cookies. For example, when you purchase a subscription to an online technology, a cookie is set that identifies the software, version, and when it expires. We use this information to alert you that a newer version is available or if your subscription is going to expire.
Cookies may also be used to control the type and frequency of ads, promotions, or other marketing messages the customer views. These ads may be placed by Positek RFID or third-party advertising companies which are our vendors. Positek RFID also uses “web beacons” (small transparent image files) to count visitors to the Site and analyze how visitors use our Site. The information collected is generally anonymized and is not used to identify any particular user.
Positek RFID also maintains log files of the traffic on the Sites. For example, our servers may automatically record the information you or your browser send when you visit the Site. These log files may include information such as your requests, IP address, browser type, browser language, the date and time of your request, and one or more cookies that may uniquely identify your system.
Section 5. How We Use Your Personal Information
Having accurate information about you permits Positek RFID to provide you with a smooth, efficient, and customized experience. Specifically, Positek RFID and the providers and partners that help provide Positek RFID’s services may use collect and use your personal information for the following purposes:
- to operate, manage, develop and promote our business (including the Site, our products and services);
- to perform accounting, auditing, billing, reconciliation, and collection activities, and, if applicable, process payments and complete transactions through our third-party payment processor;
- to operate recruiting activities;
- to protect our business from fraud, money-laundering, breach of confidence, theft of proprietary materials and other financial or business crimes, and to investigate and respond to potential or actual claims, liabilities, prohibited behavior, and criminal activity;
- to comply with and enforce our legal and regulatory obligations, agreements, and policies, and bring and defend legal claims and assert legal rights;
- to predict future security threats and vulnerabilities and investigate, respond to, and manage security related incidents and events;
- to authenticate your inputted biometrics;
- to provide security advisories, information, and updates;
- to help safeguard your devices and your data;
- to conduct research and analysis, and to communicate about, and administer participation in, special events, programs, surveys, contests, sweepstakes, and other offers and promotions;
- to establish and manage Positek RFID user accounts, provide customer support, manage subscriptions, and respond to requests, questions and comments;
- to personalize and manage our relationship with you;
- to enable posting on our blogs and other communications;
- to customize, measure, and improve the Site and our services; and
We may from time to time review your information held in our systems – including the contents of and other information related to your email and other communications with us – for compliance and business-protection purposes as described above. This may include reviews for the purposes of disclosure of information relevant to litigation and/or reviews of records relevant to internal or external regulatory or criminal investigations. To the extent permitted by applicable law, these reviews will be conducted in a reasonable and proportionate way and approved at an appropriate level of management. They may ultimately involve disclosure of your information to governmental agencies and litigation counterparties as described below. Your emails and other communications may also occasionally be accessed by persons other than the member of staff with whom they are exchanged for ordinary business management purposes (for example, where necessary when a staff member is out of the office or has left Positek RFID).
We will only process your personal information as necessary so that we can pursue the purposes described above and where we have a legal basis for such processing. Where our lawful basis for processing is that such processing is necessary to pursue our legitimate interests, we will only process your personal information where we have concluded that our processing does not prejudice you or your privacy in a way that would override our legitimate interest. In exceptional circumstances we may also be required by law to disclose or otherwise process your personal information.
Because de-identified and aggregated information and other non-personal information cannot be used to personally identify you, we may use such information for any lawful purpose.
Section 6. How We Share Your Personal Information
We may share your personal information, where reasonably necessary for the various purposes set out above, with:
- your colleagues within the organization that you represent;
- authorized service providers and partners who perform services for us, including those who host our web services or other information technology systems, or otherwise hold or process your information on our behalf, under conditions of confidentiality and security required by law;
- business partners, channel partners, service partner, agents, suppliers and sub-contractors for the performance of any contract we enter into with them or you;
- your administrator, if applicable, with your consent, or
- third parties with your consent.
We may also disclose personal information: (a) if we are required to do so by law or legal process; (b) in response to requests by government agencies, such as law enforcement authorities or other authorized third parties; (c) as may be required for purposes of national security; (d) when we believe disclosure is necessary and appropriate to prevent physical, mental, financial, or other harm, injury, or loss; or (e) in connection with an investigation of suspected or actual illegal or inappropriate activity or exposure to liability.
These disclosures may involve transferring your personal information to countries other than the country in which the information originally was collected. Those countries may not have as comprehensive data protection laws as the country from which Positek RFID initially obtained the information. When we transfer the information to other countries, we use a reasonable standard of care and appropriate organizational, physical, and technical security practices and procedures
Because de-identified and aggregated information and other non-personal information cannot be used to personally identify you, we may share such information for any lawful purpose.
Section 7. How You Can Manage and Control Your Personal Information
Many Positek RFID services allow users to make choices about the personal information collected. For instance:
- You may choose not to receive marketing communications from us by clicking on the unsubscribe link or other instructions in our marketing emails or contacting us as specified in the “How to Contact Us” section below.
- Many Positek RFID services contain settings that allow users or administrators to control how the service collects information. Please refer to the relevant service manual or contact us through the appropriate technical support channel for assistance.
- To remove your personal information, please contact us.
If you chose to no longer receive marketing information, Positek RFID may still communicate with you regarding such things as security updates, functionality, responses to service requests, or other transactional, non-marketing/administrative related purposes.
Section 8. Storage and Data Retention
The information we collect may be stored and processed in servers in the United States and wherever Positek RFID and our service providers have facilities around the globe.
The time periods for which we retain your personal information depend on the purposes for which we use it. Generally, Positek RFID will keep your personal information for as long as it is necessary to fulfil the purposes for which we had collected it or you remain a registered subscriber or user of our services and, thereafter, for no longer than is required by law, or Positek RFID’s Records Retention Policy, reasonably necessary for internal reporting and reconciliation purposes, or to provide you with feedback or information you might request. In certain circumstances, we may be required to retain data we have about you for a longer period (such as for tax, litigation (threatened, anticipated, or actual), other business purposes, or if required by law enforcement). We will delete your personal information if we believe that your personal information that we hold is inaccurate, or when you have informed us that you no longer consent to our processing of your personal information.
Section 9. Security
We implement appropriate organizational, physical, and technical security practices and procedures for storing and transmitting the personal information we collect and process. Our security controls are designed to maintain an appropriate level of data confidentiality, integrity, and availability. Periodically, we test our website, services, data centers, systems, and other assets for security vulnerabilities.
Section 10. Personal Information of Children
Positek RFID respects the privacy of children and does not knowingly collect, use or disclose personal information of children under 16 years of age without verifiable consent from a parent or guardian. If Positek RFID becomes aware that the information submitted to or collected by Positek RFID is personal information of children without first receiving verifiable consent from a parent or guardian, Positek RFID will take prompt steps to delete such personal information. If a parent or guardian wishes to raise a concern regarding personal information pertaining to a child, please email our Data Protection Office at legaldepartment @positerfid.com.
Section 11. CAN-SPAM Act
Positek RFID is committed to being compliant with the Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003 (“CAN-SPAM Act”). All emails you receive from us are intended to fully comply with the CAN-SPAM Act. If at any time you would like to unsubscribe from receiving future emails, you can email us at firstname.lastname@example.org, and we will promptly remove you from ALL correspondence.
Section 12. DMCA
The Digital Millennium Copyright Act of 1998 (“DMCA”) provides recourse for copyright owners who believe that material appearing on the Internet infringes their rights under U.S. copyright law. If you believe in good faith that any content made available in connection with the Site or Positek RFID’s services infringes your copyright, you (or your agent) may send us a notice requesting that the content be removed, or access to it blocked. Notices and counter-notices must meet the then-current statutory requirements imposed by the DMCA (see http://www.loc.gov/copyright for details). Notices and counter-notices with respect to the Site or our services should be sent to:
1210 Stanbridge St, Suite 710
Norristown, PA 19401
Attn: DMCA Notice
Section 13. What Are Your Rights?
You have the following rights (subject to applicable local laws) in relation to the personal information that we hold about you:
- to access your personal information, and some related information, under relevant data protection law;
- to require any inaccurate personal information to be corrected or deleted;
- to object to our use of your personal information for direct marketing purposes at any time and you may have the right to object to our processing of some or all of your personal information (and require them to be deleted) in some other circumstances;
- to require us to delete your personal information in certain circumstances;
- to require us to restrict or block the processing of your personal information in certain circumstances (when processing is restricted, we can still store your personal information, but may not use it further);
- to obtain from us your personal information, in a structured, commonly used and machine-readable format in certain
- circumstances. Further, you may have the right to require us to transmit your personal information directly to another person (for instance a new provider) where it is technically feasible to do so; and where we are processing your personal information based on your consent to such processing, to withdraw your consent at any time.
- Further information and advice about your rights can be obtained from the data protection regulator in your country. If you wish to exercise any of these rights (subject to applicable local laws), or have complaints about our processing of your personal information, please email email@example.com.
- Section 14. Automated Decision Making
- We may use technology which tracks your use of our website and your interactions with us and which helps us to build a profile of your preferred products and information requests. If we do this, what this means for you is that you are more likely to receive offers and information that are tailored to your specific preferences, based on your previous profile activity.
- If we use automated decision making in respect of any specific service or product and such automated decision making produces legal effects concerning data subjects or similarly significantly affects them, we will provide information required by applicable laws in respect of such automated decision making.
Section 15. California Consumer Privacy Act
(a) General: The California Consumer Privacy Act (“CCPA”) provides California residents with rights to receive certain disclosures regarding the collection, use, and sharing of “Personal Information,” as well as rights to know/access, delete, and limit sharing of Personal Information. The CCPA defines “Personal Information” to mean “information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.” Certain information we collect may be exempt from the CCPA because it is considered public information (i.e., it is made available by a government entity) or covered by a specific federal privacy law, such as the Gramm–Leach–Bliley Act, the Health Insurance Portability and Accountability Act, or the Fair Credit Reporting Act.
To the extent that we collect Personal Information that is subject to the CCPA, that information, our practices, and your rights are described below.
(b) Right to Notice at Collection Regarding the Categories of Personal Information Collected: You have the right to receive notice of the categories of Personal Information we collect, and the purposes for which those categories of Personal Information will be used. This notice should be provided at or before the time of collection. The categories we use to describe the information are those enumerated in the CCPA.
- Identifiers, such as name, contact information, IP address and other online identifiers;
- Personal information, as defined in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))customer records law, such as name, contact information, and payment card number;
- Characteristics of protected classifications under California or federal law, such as age and gender;
- Commercial information, such as transaction information and purchase history;
- Internet or network activity information, such as browsing history and interactions with our website;
- Geolocation data, such as device location;
- Audio, electronic, visual, and similar information; and
- Inferences drawn from any of the Personal Information listed above to create a profile about, for example, an individual’s preferences and characteristics.
We do not sell Personal Information and in the preceding twelve (12) months, we have not sold any Personal Information.
(c) Right to Know/Access Information: If you are a California resident, you have the right to request access to Personal Information collected about you over the past 12 months and information regarding the source of that information, the purposes for which we collect it, and the third parties and service providers with whom we share it. Below is a complete list of the Personal Information that you can include in your request.
- The categories of Personal Information that Positek RFID has collected about you.
- The categories of sources from which Positek RFID collected the Personal Information.
- The business or commercial purpose for collecting or selling Personal Information.
- The categories of third parties with whom Positek RFID shares Personal Information.
- The specific pieces of Personal Information Positek RFID has collected about you.
- The categories of Personal Information that Positek RFID disclosed about you for business purpose.
- The categories of Personal Information that Positek RFID has sold about you, as well as the categories of third parties to whom Positek RFID sold your Personal Information.
If you would like to exercise your right to request disclosure, you may submit such a request as described below. To protect our users’ Personal Information, we are required to verify your identity before we can act on your request.
(d) Right to Request Deletion of Information: If you are a California resident, you also have the right to request in certain circumstances that we delete any Personal Information that we have collected directly from you. You may submit such a request as described below. To protect our users’ Personal Information, we are required to verify your identity before we can act on your request. We may have a reason under the law why we do not have to comply with your request, or why we may comply with it in a more limited way than you anticipated. If we do, we will explain that to you in our response.
(e) How to Submit a Request: You may submit a request to exercise your rights to know/access or delete your Personal Information by sending us an email at firstname.lastname@example.org, calling us at (610)275-2905, or by writing us at the address listed under “Contact Us” below. We will respond to your request consistent with applicable law.
Only you or your authorized agent may make a verifiable consumer request related to your Personal Information. If you use an authorized agent to submit a request on your behalf, we may require that you (1) provide the authorized agent written permission to do so, and (2) provide a copy of the authorization or provide a copy of a power of attorney that complies with California Probate Code sections 4000 to 4465 so that we can verify the identity of the authorized agent.
In verifying requests, we employ reasonable measures to detect fraudulent requests and prevent unauthorized access to your Personal Information. To meet our obligations, we are required to verify your identity, and the identity of your authorized agent, if the request is submitted via an agent, by associating the information provided in your request to Personal Information previously collected by us.
If we suspect fraudulent or malicious activity on or from the password-protected account, we may decline a request or request that you provide further verifying information.
You may only make a verifiable consumer request twice within a 12-month period. Making a verifiable consumer request does not require you to create an account with us. We will only use Personal Information provided in a verifiable consumer request to verify your identity or authority to make the request.
(f) Right to Opt Out of Sale of Personal Information to Third Parties: You have the right to opt out of any sale of your Personal Information by Positek RFID to third parties. We do not sell information to third parties.
(g) Right to Information Regarding Participation in Data Sharing for Financial Incentives: You have the right to be free from discrimination based on your exercise of your CCPA rights. We do not discriminate against anyone who chooses to exercise their CCPA rights.
Section 16. Information for Users in the European Economic Area (“EEA”) or in the United Kingdom (“UK”)
Positek RFID may transfer Personal Data from the EEA or the UK to the United States, including Personal Data we receive from individuals residing in the EEA or the UK who visit the Site and/or who may use our services or otherwise interact with us. Please note that the term “Personal Data” used in this section is equivalent to the term “personal data” under applicable European and UK data protection laws for individuals located in the EEA or the UK. When Positek RFID engages in such transfers of Personal Data, it relies on (a) Adequacy Decisions as adopted by European Commission on the basis of Article 45 of Regulation (EU) 2016/679 (“GDPR”), or (b) Standard Contractual Clauses issued by the European Commission. The European Commission has determined that the Standard Contractual Clauses provide sufficient safeguards to protect personal data transferred outside the EU or EEA. For more information, please visit https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en. Positek RFID continually monitors the circumstances surrounding such transfers in order to ensure that these maintain, in practice, a level of protection that is essentially equivalent to the one guaranteed by the GDPR.
Section 18. Contact Us
If you have any questions, comments, requests or concerns regarding this privacy statement or our processing of personal information, or would like to update information we have about you or your preferences, please contact us by: please send an email to email@example.com or contact us by writing us at:
1210 Stanbridge St, Suite 710
Norristown, PA 19401
Attn: Legal Department
LAST UPDATED: 2/16/2023