Privacy Policy
Effective: January 1, 2022
The following Privacy Policy will apply to the use of any Strategy service beginning on January 1, 2020, though you are invited to review and accept its terms at any time before such date.
Strategy LLC (“Strategy,” “we,” “us,” or “our”) respects your privacy and is committed to protecting the Personal Data it collects. The purpose of this Privacy Policy is to inform you of how we protect your privacy when accessing or using Strategy Resources.
This Privacy Policy applies to Strategy Resources that link to, or reference, this Privacy Policy, and describes the ways Strategy collects and uses your personal information and the choices you have regarding collection, use, maintenance, access and transmission of your personal information. Capitalized terms not expressly defined in this Privacy Policy shall have the meaning found in the Customer Agreement. By utilizing a Strategy Resource, including without limitation the Strategy Services, Strategy’s website or otherwise providing your Personal Data to Strategy via any other means, you or the entity you represent (“you” or “your”) accept and consent to the rights, obligations and practices described in this Privacy Policy.
1. Who does the Privacy Policy apply to?
This Privacy Policy applies to all Customers of, and Visitors to, any Strategy Resource or Strategy Service. In the case of Customers, the Account Holder shall be responsible for (i) informing their End Users, if any, of the existence of this Privacy Policy, as well as any amendments, updates or modifications made to this Privacy Policy and (ii) agreeing to this Privacy Policy, as amended, updated or modified from time to time, on behalf of his, her or its End Users.
2. What Personal Data is Collected by Strategy?
Strategy considers any information that can be used to directly or indirectly identify you to be Personal Data, including without limitation, Personal Data that is accessed, collected, maintained, transmitted and/or used by Strategy in the normal course of our business, and is subject to the provisions of this Privacy Policy and applicable law.
3. How is Personal Data Collected by Strategy?
Strategy collects and logs your IP address, the time and duration of your visit, the time and duration of the pages on Strategy’s website that you view (where applicable) and information about your computer system, such as your browser type and operating system, whenever a Strategy Resource is accessed or used by you. In the case of Customers, we collect, maintain, transmit and/or use Personal Data provided by you in your Account, including without limitation, your full name, Strategy identification number, billing data and contact information.
Strategy also collects anonymous usage information on Visitors to its website through use of Google Analytics. Google Analytics may employ third party tracking cookies to gather anonymous browser, operating system, geographic, and website navigation information. Use of the Strategy Manager interface requires the acceptance of cookies for login session management purposes.
Strategy will likely place a cookie on your hard drive during the web visit. A cookie is a unique alphanumeric identifier that Strategy uses to determine the number of unique Visitors that view its website, whether or not those Visitors are repeat Visitors, and the source of the visits. Cookies cannot be executed as code or used to deliver a virus. Other servers cannot read cookies and personal information cannot be gathered from cookies. Cookies are simply an identifier shared between you and Strategy to allow Strategy to improve the services Strategy offers to you through its website. If you do not wish cookies to be placed on your computer, then they can be disabled in your web browser. The option to do so is normally found in your browser’s “security settings” section. However, please note, permanently disabling cookies in your browser may hinder your use of Strategy’s website as well as other website and interactive services.
A web beacon, also known as a web bug, is a small graphic (usually 1 pixel x 1 pixel), that is embedded in a web advertisement, email, or page on Strategy’s website, which is invisible to you. When you view a page on Strategy’s website, an e-mail or an advertisement, your web browser will request the web beacon from a web server, which in turn will set a cookie in your web browser containing a unique identifier. This unique identifier will be linked to log information that is used to track your usage of Strategy’s website in order to determine the effectiveness of content and advertising campaigns.
Strategy does not collect personal information about you as part of a web visit, but web visit information may be tied to other information (including personal information) that Strategy collects from you via chat, web forms, and the other means Strategy describes in this Privacy Policy.
4. Why Does Strategy Collect Personal Data?
For Customers
Strategy may use your Personal Data to process your service requests, handle orders, deliver products and services, process payments, communicate with you about orders, provide access to secure areas of Strategy’s website, and to enable Strategy to review, develop and continually improve the products, services and offers that it provides. Strategy also uses this information to prevent or detect fraud or abuses of Strategy’s website and to enable third parties to carry out technical, logistical or other functions on its behalf.
For Visitors
Strategy uses Personal Data to send information about Strategy to Visitors and to contact them when necessary. Strategy also uses the information that it collects to improve the content of its website and as training aids for its employees. Visitors have discretion as to whether to grant information to Strategy upon Strategy’s request for information.
For Financial Information
Strategy may ask Customers to enter credit card or account information in order to process orders for services placed with Strategy. Financial information provided via its website is transferred over a secure connection via CDG Commerce, a payment processing company, and Foxy.io, a shopping cart company. Strategy does not collect this information and will not authorize the release of the information to anyone not directly involved in processing the transaction. This information may be encrypted and stored for logging purposes by CDG Commerce or Foxy.io.
Credit card numbers are used by CDG Commerce and Foxy.io only for processing payments and are not used for any other purposes. Strategy entered into a written agreement with CDG Commerce and Foxy.io and it will continue to enter into written agreements with third parties that provide credit card processing services. Strategy will ensure that appropriate security and confidentiality measures are in place in safeguarding your personal data.
For Use Information
Strategy uses website use information to measure interest in and develop its web pages and marketing plans, customize the content you view on your web visits based on your activity during past visits, and administer Strategy’s website. In addition:
- Strategy uses a Visitor’s IP address to help diagnose problems with its servers, and to administer its website.
- Strategy uses cookies to help it recognize Visitors as unique Visitors when they return to Strategy’s website. Strategy also uses cookies to tailor content or advertisements to match your preferred interest; avoid showing Visitors the same advertisements repeatedly; compile anonymous, aggregated statistics that allow Strategy to understand how users use its site and to help it improve the structure of its website (Strategy cannot identify Visitors personally in this way); and count the number of anonymous users of its websites.
- Strategy uses web beacons to count the number of times that its advertisements and web-based e-mail content are viewed. Strategy combines web beacon information with cookies to track activity on its website originating from advertisements and web-based e-mail content.
For Support Information
Strategy uses information that you provide to it via telephone calls, chat, e-mail, web forms and other communications to correspond with you about services you may be interested in purchasing. If you elect to purchase a service online using a web form, Strategy will use the information to establish your account. Information you submit in writing, such as chat, e-mail, and web form information is archived and may be tied to information that Strategy collects about your web visits. Your telephone call may be recorded for training purposes and Strategy may enter information you provide via telephone into its systems to use for the purposes described in this paragraph.
5. Strategy’s Disclosure of Personal Data to Regulatory Agencies
Strategy transfers Personal Data to third parties, including without limitation, law enforcement agencies and consumer reporting agencies, under the following normal business procedures:
- Strategy uses a Visitor’s IP address to help diagnose problems with its servers, and to administer its website.
- Strategy uses cookies to help it recognize Visitors as unique Visitors when they return to Strategy’s website. Strategy also uses cookies to tailor content or advertisements to match your preferred interest; avoid showing Visitors the same advertisements repeatedly; compile anonymous, aggregated statistics that allow Strategy to understand how users use its site and to help it improve the structure of its website (Strategy cannot identify Visitors personally in this way); and count the number of anonymous users of its websites.
- Strategy uses web beacons to count the number of times that its advertisements and web-based e-mail content are viewed. Strategy combines web beacon information with cookies to track activity on its website originating from advertisements and web-based e-mail content.
If you breach the Customer Agreement or other applicable Service Level Agreement, or if Strategy is under a duty to disclose or share your personal data in order to comply with any legal obligation, Strategy may disclose your information to a relevant authority. Disclosure may include, but is not limited to, exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction. In particular, Strategy may release the information it collects to third parties when Strategy believes that it is appropriate to comply with the law, to enforce its’ legal rights, to protect the rights and safety of others, or to assist with industry efforts to control fraud, spam or other undesirable conduct.
Strategy may release the information it collects to third parties, where the information is provided to enable such third party to provide services to Strategy, provided that the third party has agreed to use at least the same level of privacy protections described in this Privacy Policy, and is permitted to use the information only for the purpose of providing services to Strategy.
6. User Choice
Subject to applicable law, you have the choice to and right to limit, restrict or deny Strategy’s ability to share your Personal Data with third parties or use of your Personal Data for a purpose that is materially different from the purpose for which it was originally collected or authorized by you. In order to exercise your right to choose, please contact us at [email protected], or via postal mail or facsimile using contact information found on Strategy’s Contact webpage. Please note, in the absence of any notice to the contrary, you expressly grant Strategy permission to share your Personal Data at Strategy’s discretion.
7. Security and Integrity of your Personal Data
Strategy intends to protect and secure your Personal Data in accordance to the terms of this Privacy Statement and the Customer Agreement, and has implemented physical, administrative and technical measures designed to protect your Personal Data from unauthorized access, use or disclosure. These industry-standard safeguards are consistent with the ISO/IEC 27001:2013 standard, and include without limitation encryption of credit card information, password and/or cryptographic key-based authentication controls on servers which house personal information, browser-based secure sockets layer encryption, and other storage system access control mechanisms to protect the integrity of internal databases and prevent unauthorized access.
Strategy requires all Strategy business partners and vendors to provide the same or greater protections for any Personal Data that is disclosed by Strategy in furtherance of our provision of a Strategy resource to you. Information about Users that is maintained on Strategy’s systems is protected using industry standard security measures. However, no security measures are perfect or impenetrable, and Strategy cannot guarantee that the information submitted to, maintained on or transmitted from its systems will be completely secure. Strategy is not responsible for the circumvention of any privacy settings or security measures relating to the Website by any Users or third parties.
8. Access to your Personal Data
You control access to Personal Data maintained or stored by you via Strategy’s web-based interface for account management. You may update your information at any time. You may cancel your account at any time and may request that your personal information be deleted from Strategy’s databases, with the exception of: network access logs, which may be stored for any duration of time at Strategy’s discretion, cases where financially fraudulent or otherwise illegal activity is deemed to have occurred (as determined by Strategy management or law enforcement officials), in which case personal information may be retained indefinitely for purposes of ongoing investigation and prevention of fraud recurrence, or cases where a violation of the Customer Agreement and applicable Service Level Agreement has resulted in cancellation of your account (as defined by revocation of your permission to utilize Strategy’s services), in which case personal information may be retained indefinitely for purposes of prevention of further use of Strategy’s services in the future by the offending individual.
Upon request, Strategy will grant you reasonable access to Personal Data maintained by Strategy about you. In addition, we will take reasonable steps to correct, amend or delete information that is demonstrated by you to be inaccurate, incomplete or processed in violation of applicable law. Unless required by law, Strategy will not permit you to access the Personal Data of any Data Subject other than yourself.
9. International Transfers of Personal Data
Strategy is an international organization headquartered in the United States of America (the “US”). By utilizing a Strategy Resource, you expressly consent to Strategy’s access, maintenance, transmission and/or use of your Personal Data outside of your country of residence, regardless of location or jurisdiction.
In addition to its obligations under US law, Strategy supplements the protection of the international transfer of your Personal Data by observing numerous industry best practices.
10. Sensitive Information
Strategy will not intentionally collect or maintain, and requests that you do not provide, any information regarding your medical or health condition, race or ethnic origin, political opinions, religious or philosophical beliefs or other sensitive information. If you host any material or information that is sensitive and/or subject to the Graham-Leach Bailey Act, the Health Information Privacy Portability and Accountability Act, or any other law or regulation, such information and compliance with applicable privacy laws remains solely your responsibility. Strategy is not responsible for any sensitive information stored by you on its system.
11. Children’s Online Privacy Protection
Strategy’s services are not designed for or directed to children under thirteen (13) years of age and Strategy will not intentionally collect or maintain information about anyone under thirteen (13) years of age.
12. Dispute Resolution
Please direct any complaints regarding this Privacy Policy to us at [email protected], or via postal mail or facsimile using contact information found on Strategy’s Contact webpage. We will attempt to resolve any such complaints in a reasonably timely manner and in accordance with this policy.
13. Enforcement
If you believe your Personal Data has been used in a way that is not consistent with this Privacy Policy, or if you have further questions regarding this Privacy Policy, please contact our Custodian of Records at [email protected] or by writing us at the following address:
Custodian of Records
Strategy LLC
1121 N. Julia St
Olathe, KS 66061
14. Definitions
- “Custodian of Records” means the Strategy employee described in Section 13 of this Privacy Policy.
- “Customer Agreement” means the Strategy Data Processing and Customer Agreement published here, as amended at Strategy’s sole and absolute discretion from time to time.
- “IP” means any internet protocol address, including without limitation, unique and non-unique network addresses.
- “Personal Data” means any information relating to a Data Subject that you or your End Users directly or indirectly provide to us as part of the Strategy Services or any Data Subject’s use of any Strategy Resource.
- “Privacy Policy” means this policy, as amended at Strategy’s sole and absolute discretion from time to time.
- “Visitor” or “Visitors” means any individual(s) or entity(ies) that accesses, maintains, transmits, develops, acquires, operates or otherwise uses any Strategy Resource but is not a Customer.
15. Changes
Amendments to this Privacy Policy may be made at any time and you should check back frequently for any changes. Unless otherwise directed by you in writing to the Custodian of Records, you agree that Strategy shall have the right and ability to amend this Privacy Policy at Strategy’s sole and absolute discretion, and that you waive any requirement for specific or expressed acknowledgement or agreement to any such amendments or modifications. This Privacy Policy was last updated on December 31st, 2019.
16. Verification
Strategy utilizes the self-assessment approach to assure its compliance with its Privacy Policy. Strategy regularly verifies that the Privacy Policy is accurate, comprehensive, prominently displayed, completely implemented and in conformity with applicable international law. Strategy conducts its self-assessment on an annual basis to ensure that all relevant privacy practices are being followed. Appropriate employee training is in place and internal procedures for periodically conducting objective reviews of compliance are in place. A statement verifying this self-assessment is signed by a corporate officer or other authorized representative at least once per year.
17. CALIFORNIA RESIDENTS: YOUR CALIFORNIA PRIVACY RIGHTS
Under the California Consumer Privacy Act of 2018 (“CCPA“), California residents have certain rights around Strategy’s collection, use, and sharing of their personal information. Strategy does not sell your personal information and will not do so in the future without providing you with notice and an opportunity to opt-out of such sale as required by law. Similarly, we do not offer financial incentives associated with our collection, use, or disclosure of your personal information.
Strategy collects various categories of personal information when you use Strategy Services, including identifiers, commercial information, internet or other electronic network or device activity information, geolocation data, and professional information. A more detailed description of the information Strategy collects and how we use it is provided above. Strategy does not share personal information with third parties other than those described in section 5 above.
If you are a resident of California, you have the right to request to know what personal information has been collected about you, and to access that information. You also have the right to request deletion of your personal information, though exceptions under the CCPA may allow Strategy to retain and use certain personal information notwithstanding your deletion request. You may send your request by email to [email protected]. We will not discriminate against you for exercising your rights under the CCPA. An agent may submit a request on your behalf, but you must verify that your agent is authorized to do so.
Separate from the CCPA, California’s Shine the Light law gives California residents the right to ask companies what personal information they share with third parties for those third parties’ direct marketing purposes. We do not disclose your personal information to third parties for the purpose of directly marketing their goods or services to you unless you request such disclosure. If you have any questions regarding this policy, or would like to change your preferences, you may contact us at the address listed above in Section 13.
18. NEVADA RESIDENTS: YOUR NEVADA PRIVACY RIGHTS
Nevada law (SB 220) requires website operators to provide a way for Nevada consumers to opt out of the sale of certain information that the website operator may collect about them. Strategy does not sell your personal information to third parties as defined in Nevada law, and will not do so in the future without providing you with notice and an opportunity to opt-out of such sale as required by law. If you have any questions regarding our data privacy practices or our compliance with Nevada data privacy law, please contact us by email at [email protected].
19. EUROPEAN RESIDENTS: YOUR PRIVACY RIGHTS AND INTERNATIONAL DATA TRANSFER
If you are a European Resident, you have the right to access your personal data, and the right to request that we correct, update, or delete your personal data. You can object to the processing of your personal information, ask us to restrict processing of your personal information, and request portability of your personal information. Similarly, if we have collected and processed your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent. Strategy Services generally provides you with a reasonable means to view and change your profile information and you can opt-out of marketing communications at any time by clicking on the “unsubscribe” or “opt-out” link in the marketing emails we send you or in your account settings. If you have any questions or comments about the processing of your personal information, you may contact us by email at [email protected].
For European Residents, please note that the personal information we obtain from or about you may be transferred, processed, and stored outside of the EEA or Switzerland for the purposes described in this Privacy Policy, including in the United States of America. We take the privacy of our users seriously and therefore take steps to safeguard your information, including ensuring an adequate level of data protection in accordance with E.U. standards in effect as of the date of this Privacy Policy.