Last Updated September 2018
Links to other sites
Collection and use of personal information
We collect personal information for the reasons listed below to enable us to operate our business on a reasonable basis and to provide you with a safe, smooth, efficient, and customized experience.
In general, you may visit the Site without providing us with or revealing any personally identifiable information about yourself. However, if you choose to register with the Site, you will be required to provide us with certain personal information, as described below. By providing us with such personal information, you explicitly agree to our collection and use of such information as described in this Policy.
When you register with the Site you provide us with two kinds of information: personal information you knowingly choose to disclose and Site use information collected by us as you interact with the Site.
When you register with the Site, you provide us with your name, email address and, on an optional basis, with your gender, location, age, etc., as well as with information about your educational and professional background and interests. In any case, PLEASE NOTE that the name and other personal information you provide to us are automatically published on the Site as part of your profile, i.e. they become available to the other registered users of the Site to whom you have allowed access to your profile (via your privacy settings). Accordingly, if you do not wish to make the above information available to the other users of the Site, please either configure your privacy settings accordingly and/or abstain from providing any optionally required data, or abstain entirely from registering with the Site. Similarly, when you submit reviews or ratings of any Site content such reviews and ratings will appear on the relevant content’s reviews as well as on your profile. If you do not wish such reviews and ratings to appear on your profile and/or on the content’s reviews, please set your privacy settings accordingly or abstain from submitting such reviews and ratings.
When you enter the Site, we collect your browser type and IP address. This information is gathered for all Site visitors. In addition, we may also use “cookies” or similar electronic tools to collect anonymous information, such as the date and time you accessed the Site, the pages you requested and visited, and the site you linked from to reach the Site. A cookie is a small text file that your web browser places on your hard drive for record-keeping purposes. By showing how and when visitors use the Site, cookies help us deliver advertisements, identify how many unique browsers visit us, and track user trends and patterns. They also prevent you from having to re-enter your preferences on certain areas of the Site where you may have entered preference information before. Most browsers are set to accept cookies by default. If you prefer, you can usually set your browser to disable cookies, or to alert you when cookies are being sent. The help function on most browsers contains instructions on how to set your browser to notify you before accepting cookies or to disable cookies entirely. However, it is possible that some parts of the Site will not function properly if you disable cookies.
When you use the Site, you may set up your personal profile, create and publish your own Library, create and participate in groups (eventually), attend and publish courses, organize and participate in conferences (eventually), place and answer questions, send messages, perform searches and queries, transmit information through various channels, etc. We collect this information so that we can provide you the service and offer personalized features, for example, so as to enable you to manage your knowledge, to return to view prior messages you have sent, to easily see your contact list, etc. When you update information, we usually keep a backup copy of the prior version for a reasonable period of time to enable reversion to the prior version of that information.
When needed (e.g. in order to bill you for any services rendered) we may ask for your credit card information. However, we do not store credit card information.
Please keep in mind that whenever you make your personal information available for viewing by third parties online – for example by putting it in your profile or contact information and allowing third parties to have access to it, by putting it on message boards, web logs, through email or in chat areas, etc. – that information can be seen, collected and used by others besides us. Similarly, other users of the Site can also see and may collect and use any content you have published on the Site, including courses, tests, questions, answers, offerings, etc. We cannot be responsible for any unauthorized third-party use of such information. Besides, although we allow you to set privacy options that limit access to your pages, please be aware that no security measures are perfect or impenetrable. Therefore, we cannot and do not guarantee that any content you post on the Site will not be viewed by unauthorized persons. We are not responsible for circumvention of any privacy settings or security measures contained on the Site. You understand and acknowledge that, even after removal, copies of any content posted by you on the Site may remain viewable in cached and archived pages or if other users have copied or stored it. In this respect, please also keep in mind that, whenever possible, personally identifiable information is requested at the Site on an optional basis, which means that it is you who choose what information you put in your profile, including contact and personal information, pictures, knowledge, interests and groups you join.
As mentioned above, the name under which you register with the Site is displayed and made available to the other registered users of the Site as part of your profile. All of your activities on the Site will be identifiable to your registered name. Accordingly, please keep in mind that if you register under your name, other registered users of the Site will be able to personally identify your activities on the Site.
Any personal information collected by us will be processed in adherence to applicable United States and European Data Protection legislation. Reasonable and appropriate measures are taken to ensure that your personal information is protected from unauthorized access or modification, unlawful destruction and improper use. However, the Internet is an open system and we cannot and do not guarantee that the personal information you have submitted will not be intercepted by others and decrypted.
You agree that we may also use your personal information to contact you and deliver information to you that are targeted to your interests, such as targeted advertisements, notices, offerings, and communications relevant to your use of the Site.
We store all user information in secure databases protected via a variety of industry-standard access controls. Secure passwords, SSL encryption and disk-based encryption, firewalls, and other electronic measures are in place that help us protect your data. We also maintain physical and procedural safeguards, such as secure areas in buildings, authentication procedures, training our employees in the proper handling of personal information, and limiting employee access to this information to those employees with a business need for access. We employ these measures to ensure this data is accessed only for the purposes specified in this privacy statement. When we use third parties to assist us, we require that they comply with all the same confidentiality and security measures. However, since the internet is not a 100% secure environment, we cannot ensure or warrant the security of any information you transmit to the Site. There is no guarantee that information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards. It is your responsibility to protect the security of your login and account information. Please note that emails, instant messaging, and similar means of communication are not encrypted, and we strongly advise you not to communicate any confidential information through these means.
stratus22.com uses industry best practices to keep any information collected and/or transmitted by the Services secure. This includes the use of HTTPS with TLS (Transport Layer Security), which encrypts all transmitted data, and OAuth 2.0 protocols for authentication and data transfer. Certain Personal Information, such as stratus22.com login details, is encrypted during transmission using TLS. Once validated within the stratus22.com system, passwords are deleted from the system. In addition, stratus22.com uses third-party vendors and hosting partners to provide the necessary hardware, software, networking, storage, and related technology required to run the Services. These vendors have been selected for their high standards of both physical and technological security, including ISO and SSAE16 certifications. When payments are processed via credit card,stratus22.com uses third-party vendors that are PCI-DSS Compliant. Submission of information over the Internet is never entirely secure.stratus22.com cannot guarantee the security of information submitted via the Services while it is in transit over the Internet and any such submission is at Client’s own risk, and this risk is specifically disclaimed in our Terms of Service. It is advisable that Client logs out of its Account at the end of every session and not leave a logged-in account unattended for any period of time, particularly if using a shared computer or device.
All information accessed through https://stratus22.com is in compliance with the required information security mandates of Article 32 of the GDPR. Specifically, Article 32 mandates the following:
- Implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including inter alia as appropriate –
- The pseudonymization and encryption of personal data
- The ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services.
- The ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident.
- A process for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing.
Please note that refusal to provide Personal Information may result in our inability to provide the Services to you, to manage our relationship with you, or to improve the Services.
Accessing, modifying, rectifying and removing of personally identifiable information
You retain the right to access, modify, rectify or remove any personally identifiable information in our possession at any time. However, where you make use of the communication features of the Site to share information with other users of the Site (e.g., public comments, posts, discussions, etc.) you generally cannot remove such communications once posted. Accordingly, please keep in mind that even after you remove information from your profile or delete your account, copies of that information may remain viewable elsewhere to the extent it has been shared with others, it was otherwise distributed pursuant to your privacy settings, or it was copied or stored by other users.
Access and control over most personally identifiable information on the Site is available through the profile editing tools. Site users may modify, rectify or remove any of their profile information at any time by logging into their account. Information will be updated immediately. If you wish to deactivate your account or have us remove any personally identifiable information of yours from our databases, you may exercise these rights by contacting us at the contact information given above, on the condition that you can prove your identity.
California Privacy Rights. California Civil Code Section 1798.83 permits users that are California residents to request that we not share their personally identifiable information with third parties if we know or have reason to know that the third parties use the personally identifiable information for the third parties’ direct marketing purposes. For their protection, we exercise this right on behalf of our California users and require third parties hired by Stratus22 LLC, to keep all personally identifiable information related to California users secure and to not permit any use of personally identifiable information for direct marketing or any other purposes not authorized by Stratus22 LLC.
GDPR Data Privacy Rights
If you are an EU resident and stratus22.com is processing, and/or transmitting your personal data, then you – as an “EU data subject” – benefit from the following rights and privileges under the General Data Protection Regulation (GDPR) –
- Right of Access: You have the right to obtain from us, as controllers, confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, access to the following personal data and information:
- The purposes of the processing;
- The categories of personal data concerned;
- The recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations;
- Where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
- The existence of the right to request from us rectification or erasure of personal data or restriction of processing of personal data concerning you or to object to such processing; (f) the right to lodge a complaint with a supervisory authority;
- Where the personal data are not collected from you, any available information as to their source; and
- The existence of automated decision-making, including profiling, along the lines indicated by Article 22(1) and (4) GDPR, and meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for you.
- Right to Rectification: You have the right to obtain from us without undue delay the rectification of inaccurate personal data concerning him or her. Taking into account the purposes of the processing, you have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
- Right to Erasure (“Right to be Forgotten): You have the right to obtain from us the erasure of your personal data without undue delay, and we have the obligation to erase personal data without undue delay when: a) your data are no longer necessary for the purposes for which they were collected; b) you had consented to the processing; c) you have objected to the processing, as per below; d) you persona data had been unlawfully collected; e) your personal data need to be erased as a matter of compliance with a legal obligation.
- Right to Restriction of Processing: You have the right to obtain from us the restriction of processing if you: a) contest the accuracy of the personal data, until this is verified; b) the processing is unlawful but you don’t want erasure; c) we no longer need the persona data, but you require them to establish, exercise fo defend a legal claim; d) you have objected to processing but there is a need to verify whether our legitimate grounds override your rights to object.
- Right to Data Portability: Where your personal data have been provided on the basis of your consent or for the performance of a contract, and their processing occurs in an automated way, you have the right to receive the personal data you have provided to us in a structured, commonly used and machine-readable format and have the right to transmit those data– or have directly transmitted – to another controller.
- Right to Object: You have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data based on a legitimate ground point (e) or (f) of Article 6(1), including profiling based on those provisions. In this case, we can no longer process your personal data unless we show that there is a compelling legitimate ground for the processing which override your interests, rights and freedoms or for our establishment, exercise or defense of legal claims.
Information Storage and International Transfers
If you are in the EEA, in transferring your Personal Information to countries outside of the EEA, to the extent that we transfer the personal data to recipients who are located outside the European Union or the European Economic Area, we will provide an adequate level of protection of your personal data, including appropriate technical and organizational security measures and through the implementation of appropriate contractual measures to secure such transfer, in compliance with applicable law, and will inform you accordingly.