- Compliance Services
- Cybersecurity & Risk
- Performance Services
- Technology Solutions
- Events & Education
Effective January 3, 2014
Updated August 4, 2016
NM GRC Holdco, LLC and its U.S. subsidiaries, NM GRC Acquisition, LLC, ACA Compliance Group Holdings, LLC, Adviser Compliance Associates, LLC, Broker-Dealer Compliance Associates, LLC, ACA Performance Services, LLC, ACA Technology, LLC, ACA Risk Strategies, LLC, ACA Corporate Holdings, Inc., and ACA Technology Surveillance, Inc. (collectively, “ACA US”) are committed to respecting your privacy.
ACA US, together with ACA Compliance (Europe) Limited and ACA Performance (Europe) Limited, are hereinafter referred to as the “ACA Group.”
Participation in the EU-U.S. Privacy Shield Program
ACA US complies with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries. ACA US has certified that it adheres to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability. If there is any conflict between the policies in this Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/
Organizations that participate in the U.S.-E.U. Privacy Shield Program must comply with the seven Privacy Shield Principles, which require the following:
U.S.-Swiss Safe Harbor
ACA US complies with the U.S.-Swiss Safe Harbor Framework as set forth by the U.S Department of Commerce regarding the collection, use, and retention of personal information from Switzerland. ACA US has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, accountability for onward transfer, security, data integrity and purpose limitation, access, and recourse, enforcement and liability. If there is any conflict between the policies in this Policy and the Safe Harbor Privacy Principles, the Safe Harbor Privacy Principles shall govern. To learn more about the U.S.-Swiss Safe Harbor and to view our certification page, please visit http://www.export.gov/safeharbor/
User Consent to Policy
By accessing, browsing, or using a Site, each User acknowledges that he or she has read, understands, agrees and consents to the terms and conditions of this Policy. Each User consents to the collection, use, and disclosure of his or her information, including personal information, non-personal information, and anonymous browsing information (“Information”), pursuant to the terms of this Policy. If you do not consent to these terms and conditions, you should not access, browse, or use any Site or provide any Information to ACA US via any Site.
Information Collected by ACA US
A. Personal Information
ACA US may collect the name, title, company name, address, phone and/or fax number, job title, email address, credit card number, and other personal information provided by a User who contacts ACA Group or any of ACA Group’s representatives through a Site, via email or otherwise, submits a request for information, proposals, or to receive periodic updates, subscribes to ACA Insight, attends a webcast, live conference, or other ACA Group-sponsored or hosted event, participates in a discussion forum available through a Site, or engages in any other activity through a Site in which personal information is provided to ACA US.
By submitting Information to ACA US on or through the Site, a User acknowledges that he or she has read this Policy, understands it, agrees to its terms, and authorizes ACA US to collect, use and disclose Information pursuant to the terms of this Policy.
B. Non-Individually Identifying Browsing Information
Users can browse a Site without revealing personal information. In this context, ACA US’s servers may collect certain non-individually identifying (i.e., anonymous) browsing information, such as your Internet Protocol address, your computer’s operating system, the name of the domain you used to access the Internet, the website you came from, and the website you visit next. This information is collected passively through the use of certain electronic technologies, such as cookies, web beacons, pixels, clear GIFs, or other technologies, examples of which are explained further in Section C below. Anonymous browsing information is not used, nor is it intended to be used, by ACA US to personally identify an individual.
C. Passive Gathering of Information Electronically
ACA US and any third parties that may advertise or provide other services on a Site may automatically and passively collect certain types of anonymous information whenever you use a Site or certain Site services or click on advertisements on a Site or in ACA Group’s periodicals, such as ACA Insight. If ACA US or such third parties collect this anonymous information, it will be done passively through the use of certain electronic technologies, such as cookies, web beacons, pixels, clear GIFs, and similar technologies as explained below.
Web beacons, Pixels and Clear GIFs: ACA US and certain third-party advertising partners may use web beacons, pixels, and clear GIFs. These electronic technologies are transparent image files that, if used, allow ACA US and its advertising partners to track website usage information, such as the number of times a website has been viewed and whether and when you have opened a HTML email, how many times the email was forwarded and which links in the email were clicked. Unlike cookies, these technologies are not placed on your Equipment. If used, this information will help ACA US to improve a Site and ACA US’s advertising materials and will help ACA US’s advertising partners by measuring the effectiveness of such communications to you. These technologies may be used in association with cookies to understand how Users interact with a Site or advertisements.
How ACA US Uses the Information
ACA US uses the Information collected from Users to respond to Users’ questions and/or comments, market or provide products, services or information to Users, process Users’ purchases, or provide related account status to the applicable User. Personal information, non-personal information, and anonymous browsing information may be used to gather broad demographic information used in marketing, promotion, analytics, or similar activities. This information may be aggregated to measure the number of visits, average time spent, page views and other statistics about Users of a Site. ACA US also may use this Information to monitor Site performance and to make a Site easier and more convenient to use. ACA US also may use Information collected from its Users to enforce its agreements with Users, prevent fraud and other prohibited or illegal activities, for other legally permissible purposes and generally to ensure that ACA Group complies with applicable laws.
ACA US Sharing of your Information
ACA US only will share Information that it collects or receives regarding its Users with third parties under the following circumstances:
ACA US may be held liable for unlawful transfer of personal data to third parties.
Accessing, Changing or Deleting Your Personal Information
ACA US allows you to correct inaccuracies in or make other changes or delete your Information by contacting ACA US at (301) 495-7850 or sending an email to firstname.lastname@example.org. In addition, you may correct inaccuracies in or make other changes or delete your Information collected through ACA Insight by updating your account in the My Profile section of www.acainsight.com or sending an email to email@example.com.
Users are responsible for the accuracy of the Information they provide to ACA US. ACA US will use reasonable efforts to maintain the accuracy and integrity of Information.
Choices for Use or Sharing of Certain Information
ACA US values your concerns about the privacy of your Information. Therefore, ACA US offers you the opportunity to choose how certain of your Information is used by ACA US.
Any emails sent by ACA US that are subject to the U.S. CAN-SPAM Act will include an option to unsubscribe from further correspondence. Please note that even if you opt-out from receiving certain email from ACA US, you will continue to receive transactional and/or relationship messages, such as messages confirming a product purchase or your registration for an event.
As stated above, ACA US may share names, titles, company names, addresses, phone information, and email addresses of conference and roundtable attendees with current, past, or prospective conference or roundtable attendees, exhibitors, sponsors, or co-sponsors. If you do not wish to receive further communications from these persons, you must contact them directly and make such a request. ACA US is not responsible for how such third parties handle such Information.
Linked Internet Websites
The Site may provide hyperlinks, which are highlighted words or pictures within a hypertext document that, when clicked, take you to another place within the document, to another document altogether, or to other websites not controlled by ACA US. These hyperlinked websites may contain privacy provisions that are different from those provided herein. ACA US is not responsible for the collection, use, or disclosure of information collected through these websites, and ACA US expressly disclaims any and all liability related to such collection, use, or disclosure.
Children’s Privacy Protection
No Site is directed towards children under 13 years of age, and ACA US does not knowingly collect any information from children under 13 years of age through any Site. If you are under 13 years of age, you are not permitted to submit any information to ACA US through any Site.
Each Site has commercially reasonable security measures to protect against the loss, theft, misuse, and alteration of Information that is submitted to ACA US and remains under ACA US’s control. You should be aware, however, that ACA US has no control over the security of other websites that you might visit or use, even when a link to those websites is available on or through the Site. If you share your Equipment or use Equipment that is accessed by the general public, remember to sign off and close your browser when you finish using the Site.
ACA US wants you to feel confident using the Site; however, no system can be completely secure. Therefore, ACA US makes no representations or warranties with regard to the sufficiency of its security measures. ACA US shall not be responsible for any damages, including without limitation consequential damages, resulting from a lapse in compliance with this Policy as a result of a security breach or technical malfunction. Certain information may be transmitted to you by email. Although it is illegal to intercept or disclose such messages under U.S. Federal law, such transmissions are not secure. In addition, Users’ communications through a Site are, in most cases, viewed only by you and anyone to whom you address your message. As the operator of a Site, ACA US may need to review or monitor your electronic mail and other communications through a Site from time to time as may be required by law. Therefore, you should not expect to have a right to privacy in any of your electronic communications through a Site.
In the event of a breach of the confidentiality or security of your personal information, ACA US will notify you if reasonably possible and as reasonably necessary under applicable law so that you can take appropriate protective steps. ACA US may notify you under such circumstances using the email address or addresses that it has on record for you. You should also take care with how you handle and disclose your personal information. Please refer to the U.S. Federal Trade Commission’s website for information about how to protect yourself against identity theft.
ACA US may occasionally update this Policy, as noted by the “updated date” at the beginning of this Policy. If ACA US updates this Policy in a manner that allows it to collect, use, or disclose your personal information in a materially less restrictive manner than under a prior version of this Policy, ACA US will provide you with prior notice of the pending update and seek your consent by posting notice on the Site or by contacting you using the email address or addresses that ACA US has on record for you. ACA US encourages you to periodically review this Policy to stay informed about its collection, use, and disclosure of your Information. Your continued use of a Site constitutes your agreement to this Policy and any updates.
Your California Privacy Rights
California law permits customers of ACA US who are California residents to request certain information regarding our disclosure of their personal information to third parties for direct marketing purposes. At this time, ACA US does not disclose personal information of “customers,” as defined under the California “Shine the Light” Act, to third parties for direct marketing purposes. If ACA US changes this policy, it will update this provision and provide instructions on how you may make a request for details concerning such use of information.
Enforcement and Dispute Resolution
ACA US has further committed to refer unresolved privacy complaints under the EU-U.S. Privacy Shield Principles BBB EU PRIVACY SHIELD, a non-profit alternative dispute resolution provider located in the U.S. and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information and to file a complaint.
ACA US is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission. There is the possibility, under certain circumstances, for EU individuals to invoke additional binding arbitration.
In compliance with the U.S.-Swiss Safe Harbor Principles, ACA US commits to resolve complaints about your privacy and our collection or use of your personal information. Swiss citizens with inquiries or complaints regarding this Policy should first contact ACA US (see “How to Contact ACA US” below).
ACA US has further committed to refer unresolved privacy complaints under the U.S.-Swiss Safe Harbor to an independent dispute resolution mechanism operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/us/safe-harbor-complaints for more information and to file a complaint.
ACA US retains sole and absolute discretion in resolving all questions relating to the administration, interpretation and application of this Policy. This authority includes construing the terms of this Policy, including any disputed or doubtful terms.
No Rights of Third Parties
This Policy does not create rights enforceable by third parties.
How to Contact ACA US
If you have any questions about this Policy, please
Call: (301) 495-7850
Write: Legal Department – Privacy
8401 Colesville Road, Suite 700
Silver Spring, MD 20910
© 2016 NM GRC Holdco, LLC, NM GRC Acquisition, LLC, ACA Compliance Group Holdings, LLC, Adviser Compliance Associates, LLC, Broker-Dealer Compliance Associates, LLC, ACA Performance Services, LLC, ACA Technology, LLC, ACA Risk Strategies, LLC, ACA Corporate Holdings, Inc. and ACA Technology Surveillance, Inc. All rights reserved.