RSi Global Privacy Policy
Revised October 1, 2020
As the world around us grows more interconnected and technology-driven, protecting the proliferation of data that exists about each of us has become an important mission. Individuals expect companies to protect their personal information and to use and share such information in ways that are fair and ethical.
This Global Data Privacy Policy (the “Privacy Policy”) provides Retail Solutions, Inc. (“RSi”, the “Company”, “we”, or “us”) a uniform process for governing the standards, procedures, and controls related to data privacy, while ensuring the proper implementation and maintenance of appropriate controls. This Privacy Policy applies to RSi, including all business units, departments, personnel, third parties and other service providers (non-employees) having a contractual arrangement with RSi that handle personal data.
Any questions concerning the material presented in this document can be addressed to the contacts listed below. General inquiries may also be submitted through RSi’s parent company’s (Information Resources Inc., “IRI”) privacy inbox, which can be found at [email protected]
Legal Department | +1 312-474-8355 | [email protected] |
Privacy Office & Data Protection Officer | +1 312-474-2662 | [email protected] |
Information Security Office | +1 312-474-2865 | [email protected] |
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
RSi’s Global Code of Conduct
RSi’s Information Security Policy
RSi’s Privacy Shield Notice
RSi’s GDPR Privacy Notice
Various internal policies and procedures
RSi assesses privacy implications while developing its products and services and incorporates appropriate privacy protections and data minimization techniques. RSi takes into account the privacy principles and regulations that may apply in a certain jurisdiction (for instance the GDPR in Europe) or by industry.
In many jurisdictions organizations are required to establish a lawful basis for their use of personal data. RSi has established different lawful bases for different types of processing. In almost all cases, RSi’s basis for processing personal data will be Legitimate Interest, Performance of a Contract, or Consent.
Legitimate Interests. RSi may process personal data based on a legitimate interest in performing market research or other marketing services because the benefits of improving services to existing clients and offering services to new clients would likely outweigh the risk of any harm.
Performance of a contract. Many of RSi’s services are engaged in on the basis of a contract. RSi’s clients engage us contractually in order to perform analytics, offer access to data through our platforms, and to manage CRMs and panels on the client’s behalf.
Consent. RSi typically acts as a data processor, or service provider, to organisations known as data controllers. RSi relies on consent obtained by the data controller because it has a direct relationship with the individual and obtains consent.
RSi is committed to complying with applicable laws regarding the collection of data about children.
RSi has invested in and implemented a series of controls to ensure that personal information is maintained according to our overarching principles of confidentiality, integrity, and availability. Personal Information is housed in physically and electronically secure facilities with protections against intrusion. Protections include extensive physical security, multiple layers of firewalls, and intrusion detection at the network and host level. Additionally, systems, servers and networks are encrypted to prevent loss or unauthorized modification of data.
Retail Solutions Inc. (and its parent/subsidiaries) participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework. Retail Solutions Inc. is committed to subjecting all personal data received from European Union (EU) member countries and Switzerland, respectively, in reliance on each Privacy Shield Framework, to the Framework’s applicable Principles. To learn more about the Privacy Shield Frameworks, visit the U.S. Department of Commerce’s Privacy Shield List: https://www.privacyshield.gov/list.
Retail Solutions Inc. is responsible for the processing of personal data it receives, under the Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. Retail Solutions Inc. complies with the Privacy Shield Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to the Privacy Shield Framework, Retail Solutions Inc. is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, Retail Solutions may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
Under certain conditions, more fully described on the Privacy Shield website (https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint), you may invoke binding arbitration when other dispute resolution procedures have been exhausted.