Last updated July 31, 2015
Our Privacy Commitment
Table of Contents
Q2. What types of information do we collect about our guests?
A2. Whatever the purpose may be, we will only collect information to the extent reasonably necessary to fulfill your requests and our legitimate business objectives.
Personal Information You Provide to Us
Personal information is information that can be used to identify and contact you (such as your full name, address, telephone number or email address). With the exception of your IP address (later defined), we do not collect any personal information about you unless you choose to provide it to us and we do not require personal information to access our website. However, if you prefer not to disclose personal information, you may not be able to access certain features of our website. To offer our guests certain features on our website, we collect several types of personal information.
All of the personal information we receive comes directly from our guests. We may collect the following non-technical pieces of personal information from you:
First and last name
You may provide this information to us in order to engage in various activities such as contacting us with a general inquiry or complaint, filling out a retailer registration form, signing up for a free privacy risk assessment, newsletter, or otherwise requesting information about joining one of our programs (including ESRB Privacy Certified).
ESRB complies with the Children's Online Privacy Protection Act (COPPA), a federal law designed to protect users under the age of 13 ("children") online. We do not knowingly collect personal information from children. We take children's privacy seriously, and encourage parents to take an active role in protecting their children's privacy and online experience at all times. If you believe that we may have unintentionally collected personal information from your child, please contact us.
We may also collect demographic information, which is anonymous information such as your country of residence and company or product name. If demographic information is collected at the same time as your personal information, we may combine the demographic information with your personal information. Combining data allows us to customize the content we provide you according to your interests and preferences. Demographic information is not considered personal information unless it is linked to personal information about a specific user. If you choose not to provide certain demographic information, you may not be able to access certain features on our website.
Additionally, we may collect aggregate information, which is anonymous data about individuals that is grouped together to study a group or category of services or users. Aggregate information is not considered personal information unless it is linked to personal information about a specific user.
Q3. Are tracking technologies and cookies used to collect information?
A3. We use tracking technologies and cookies to collect information from our website visitors.
Information Collected Through Technology
We collect information through technology to make our websites more interesting and useful to you. For example, when you use certain features on our websites, we collect your IP address. An IP address is often associated with the portal through which you enter the Internet, like your ISP (Internet service provider), your company, or your university. We may use IP addresses to collect information regarding searches our guests perform across the pages on our website and the pages they visit. We may combine this information with other personal information. We do not collect personally identifiable information about your online activities over time or across third-party websites or online services.
Q4. How is your personally identifiable information used and shared?
A4. We do not share, sell, or rent your personal information to third parties without your consent. We do not require personal information to access our website. However, if you prefer not to disclose personal information, you may not be able to access certain features of our website.
We occasionally use other companies, agents or contractors to perform services necessary to our operations. For example, we have partnered with other companies to personalize our web pages, process credit card transactions, analyze customers' interaction with our website, and process consumer surveys. We also provide postal addresses to the U.S. Post Office for delivery purposes. In the course of providing such services, these companies may have contact with your personally identifying information. These entities have agreed to securely store and maintain the personal information received from us. Any vendors or partners with whom we may share personal information are permitted to obtain only the personal information they need to deliver the services requested. They are required to maintain the confidentiality of the information and are prohibited from using it for any other purpose.
Disclosures Required By Law and Disclosures to Help Protect the Security and Safety of Our Websites and Others
We may disclose personal information (a) in the good faith belief that we are required to do so by law; (b) if doing so is reasonably necessary to comply with legal process; (c) to respond to any claims; (d) to enforce the terms and conditions of our website; or (e) to protect the rights, property, or personal safety of ESRB, users, or the public.
Q5. What kinds of security measures do we take to safeguard your personally identifiable information?
A5. The security and confidentiality of your information is extremely important to us. We use robust security measures to protect user information from loss, misuse and alteration. We use industry-standard practices such as encrypted communications, physically secured rooms, firewalls and password protection systems to safeguard the confidentiality of your personal information. We will notify users of a data breach involving unencrypted personal information by email or by posting a notice on the affected website. We also strive to limit access to personal information to employees performing a legitimate business function. We review our security procedures periodically to consider appropriate new technology and updated methods. However, despite our best efforts, no security measure is ever perfect or impenetrable.
Q6. How can you review, update, or delete your personal information?
A6. You can access and update information you have previously provided to us by emailing us at firstname.lastname@example.org.
Q7. Do California residents have special rights?
A7. Beginning on January 1, 2005, California Civil Code Section 1798.83 permits users of this website who are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. However, as previously stated, we do not share information with third parties for their direct marketing purposes or otherwise, unless you affirmatively agree to such disclosure. However, if you believe your information has been shared or you have general questions about how your information may have been shared, you may contact us at:
ATTN: VP, Privacy Certified
420 Lexington Avenue, Suite 2024
New York, NY 10170
Q8. Do we self-certify under the US-EU Safe Harbor Framework?
A8. Personal information collected on our website is stored and processed in the United States. By using our website you consent to any such transfer of information outside of your country. ESRB complies with the U.S.-E.U. Safe Harbor Framework and the U.S.-Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland. ESRB has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access and enforcement. To learn more about the Safe Harbor program, and to view our certification, please visit http://www.export.gov/safeharbor/.
ATTN: VP, Privacy Certified
420 Lexington Avenue, Suite 2024
New York, NY 10170
Please note that, at all times, you are responsible for updating your personal information to provide us your current email address. If the last email address you provided us is not valid, or for any other reason is not capable of delivering to you the notice described above, our dispatch of the email containing such notice will nonetheless constitute effective notice of the changes described in the notice.