Data Privacy at ISMS Applications, LLC

ISMS Applications has established a comprehensive privacy program, including a global privacy office and a chief privacy officer, designed to help us respect and protect your data privacy rights. This document sets forth ISMS Applications’ European Union and Swiss – U.S. Privacy Shield Framework Statement and the Website Privacy Statement.

ISMS Applications’ Website Privacy Statement

ISMS Applications respects the privacy of visitors to its websites, as a result, we have developed this website privacy policy. This website privacy policy applies only to the operation of websites that directly link to this policy when you click on “privacy statement” in the website footer. Through this website ISMS Applications may collect information that can identify you, such as your name, address, telephone number, e-mail address, and other similar information (“Your Information”) when it is voluntarily submitted to us (how-ever, see discussion below about “IP Addresses” if you have a broadband connection). We will use Your Information to respond to requests you may make of us, and from time to time.

Any other information transferred by you in connection with your visit to this site (“Other Information” – that is, information that cannot be used to identify you) may be included in databases owned and maintained by ISMS Applications or its agents. ISMS Applications retains all rights to these databases and the information contained in them. Other Information we collect may include your IP Address and other information gathered through our weblogs and cookies (see below).

This website may use a technology called a “cookie.” A cookie is a piece of information that our webserver sends to your computer (actually to your browser file) when you access a website. Then when you come back, our site will detect whether you have one of our cookies on your computer. Our cookies help provide additional functionality to the site and help us analyze site usage more accurately. For instance, our site may set a cookie on your browser that keeps you from needing to remember and then enter a password more than once during a visit to the site.

This website uses Internet Protocol (IP) Addresses. An IP Address is a number assigned to your computer by your Internet service provider so you can access the Internet. Generally, an IP address changes each time you connect to the Internet (it is a “dynamic” address). Note, however, that if you have a broadband connection, depending on your individual circumstance, it is possible that your IP Address that we collect, or even perhaps a cookie we use, may contain information that could be deemed identifiable. This is because with some broadband connections your IP Address does not change (it is “static”) and could be associated with your personal computer. We use your IP address to report aggregate information on use and to help improve the website.

You should be aware that this site is not intended for, or designed to attract, individuals under the age of 18. We do not collect personally identifiable information from any person we actually know is an individual under the age of 18.

Areas of this website that collect Your Information use industry standard secure socket layer encryption (SSL); however, to take advantage of this your browser must support encryption protection (found in Internet Explorer release 3.0 and above).

We may share Your Information with agents, contractors, or partners of ISMS Applications in connection with services that these individuals or entities perform for, or with, ISMS Applications. These agents, contractors or partners are restricted from using this data in any way other than to provide services for ISMS Applications, or services for the collaboration in which they and ISMS Applications are engaged (for example, some of our products are developed and marketed through joint agreements with other companies). We may, for example, provide your information to agents, contractors or partners for hosting our databases, for data processing services, or so that they can mail you information that you requested. In accordance with the Privacy Shield we may be liable for the transfer of EU and/or Swiss personal data to third parties.

We may also provide Your Information to a third party in connection with the sale, assignment, or other transfer of the business of this website to which the information relates, in which case we will require any such buyer to agree to treat Your Information in accordance with this Privacy Policy.

As a convenience to our visitors, this Website may contain links to a number of sites that we believe may offer useful information. The policies and procedures we described here do not apply to those sites. We suggest contacting those sites directly for information on their privacy, security, data collection, and distribution policies.

To be removed from our contact lists, please write to ISMS Applications at the following address: 

ISMS Applications, LLC
1099 Winterson Road, Suite 141
Linthicum, MD 21090

Please note that you may continue to receive materials while we are updating our lists. We may update this Web site Privacy Policy from time to time. When we do update it, for your convenience, we will make the updated policy available on this page.

U.S. – EU and Swiss Privacy Shield Framework Statement

For personal information of employees, consumers, healthcare professionals, medical research subjects and investigators, customers, investors, and government officials that ISMS Applications receives from the European Economic Area or Switzerland, ISMS Applications has committed to handling such personal information in accordance with the EU and Swiss – U.S. Privacy Shield Framework. (When issued) ISMS Applications’ EU and Swiss -U.S. Privacy Shield Framework certification can be found at https://www.privacyshield.gov/list. For more information about the Privacy Shield Principles, please visit the U.S. Department of Commerce’s Website at https://www.privacyshield.gov/.

ISMS Applications, LLC complies with the US-EU and US-Swiss Privacy Shield Frameworks as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information transferred from European Union member countries and Switzerland.

ISMS Applications, LLC has certified to the Department of Commerce that it adheres to the Privacy Shield Principles of notice, choice, accountability for onward transfer, security, data integrity, purpose limitation, access, and recourse, enforcement and liability. If there is any conflict between the policies in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/.

We acknowledge that EU and Swiss individuals have the right to access their personal data for the purpose of inspection, correction, deletion, or limitation of use. Individuals wishing to review the personal data we hold may do so by contacting our Data Protection Officer, Sean Fornwalt at sfornwalt@ismssolutions.com.

In compliance with the US-EU and US-Swiss Privacy Shield Principles, ISMS Applications, LLC, commits to resolve complaints about your privacy and our collection or use of your personal information. European Union or Swiss citizens with inquiries or complaints regarding this privacy policy should first contact ISMS Applications, LLC at: 

ISMS Applications, LLC
1099 Winterson Road, Suite 141
Linthicum, MD 21090
Attn: Sean Fornwalt

ISMS Applications, LLC has further committed to refer unresolved privacy complaints of EU and Swiss individuals under the US-EU and US-Swiss Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU Privacy Shield, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit http://www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information and to file a complaint.

Privacy Shield Framework requires us to provide notice that an individual has the possibility, under certain conditions, to invoke binding arbitration before a Privacy Shield Panel for complaints regarding Privacy Shield compliance not resolved by any of the other Privacy Shield mechanisms. For additional information: https://www.privacyshield.gov/article?id=ANNEX-I-introduction

The Federal Trade Commission has jurisdiction with enforcement authority over ISMS Applications LLC’s compliance with the Privacy Shield.

EU and Swiss individuals whose HR data we receive can address questions or comments regarding the handling of that information directly to us at sfornwalt@ismssolutions.com. We resolve to deal with all questions regarding this data and potential grievances arising from it in a timely manner. Note that under certain conditions we may, as a data processor, have to refer you to our client who is the data controller.

In the event ISMS Applications, LLC is unable to accommodate the individual’s request regarding HR data received by us within the context of the work relationship, we further commit to working with the Data Protection Authorities (DPA’s) who cover the jurisdiction the data originated from. For information on how to contact your jurisdiction’s DPA, visit http://ec.europa.eu/justice/data-protection/article-29/structure/data-protection-authorities/index_en.htm

In the event ISMS Applications, LLC is unable to accommodate a Swiss individual’s request regarding HR data received by us within the context of the work relationship, we further commit to working with the Swiss Federal Data Protection and Information Commissioner (FDPIC) who cover the jurisdiction the data originated from. For information on how to contact your jurisdiction’s Commissioner, visit https://www.bk.admin.ch/themen/dschutz/index.html?lang=en

Please also note, ISMS Applications, LLC may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Our subsidiary ISMS Applications, LLC does also certify that it conforms with the requirements of U.S. – EU and Swiss Privacy Shield Framework as explained above.