NetRoadshow, Inc. and its group of affiliated companies, Financial Software and Services, Inc., Secure Share Network, LLC, and Apparity, LLC (collectively, “NetRoadshow”) value the trust and confidence of their customers, employees, and business partners and respect individual privacy. NetRoadshow strives to uphold the highest ethical standards in all of its business practices, and collects, uses, and discloses personal information in a manner consistent with the laws of the countries in which it does business. Capitalized terms not defined elsewhere in this Policy are defined in Section 12.
NetRoadshow provides global business to business services to investment banks, issuers of debt and equity securities, and corporations (collectively, the “Services”). NetRoadshow is committed to supporting its customers’ compliance with all applicable EU data protection requirements, including those set out in the General Data Protection Regulation (“GDPR”). Among other requirements, GDPR requires NetRoadshow to use third-party data processors who guarantee their ability to implement the technical and organizational requirements of the GDPR. We are also prepared to provide our customers with contractual commitments regarding our commitment to implement additional contractual provisions required by the GDPR.
Data Processing Addendum: These provisions include our commitment to (i) respond to requests from data subjects to correct, amend or delete personal data; and (ii) be made aware of and report personal data breaches to relevant supervisory authorities and data subjects in accordance with GDPR timeframes.
2. PROCESSING OF PERSONAL DATA
The Services may include the transfer to NetRoadshow of Personal Data. NetRoadshow uses the Personal Data solely to provide Services to its customers. When NetRoadshow receives Personal Data, NetRoadshow is acting as the “processor” and its customer or business partner is the “controller” of such data. NetRoadshow’s customers or business partners retain responsibility for obtaining the appropriate consents or other lawful basis for processing such Personal Data under applicable EU law.
3. RIGHTS OF DATA SUBJECTS
Any visitor to an NRS Website may request access to, and the opportunity to update, correct, or delete, his or her Personal Data by contacting our Chief Privacy Officer for assistance. If you are a resident of the EEA about whom NetRoadshow holds Personal Data on behalf of one of our customers or business partners, you may request access to, and the opportunity to update, correct, or delete, such Personal Data from our customer. If we do not authority to permit you to access, update, correct, or delete, your Personal Data, we will assist you in contacting our customer who can handle your request.
4. RESPONSIBILITIES AND MANAGEMENT
NetRoadshow has a Chief Privacy Officer who is responsible for overseeing our information security program, including our compliance with GDPR and the EU Privacy Shield program. The Chief Privacy Officer reviews and approve any material changes to this program as necessary. You may direct questions, concerns, or comments regarding this Policy to firstname.lastname@example.org.
NetRoadshow will maintain, monitor, test, and upgrade information security policies, practices, and systems to assist in protecting the Personal Data that it collects while providing Services to its customers.
All of our employees and consultants are required to maintain the confidentiality of Personal Data and comply with the Privacy Shield Principles. Any employee or consultant that NetRoadshow determines is in violation of these policies will be subject to discipline, up to and including termination of employment and/or criminal prosecution.
5. INFORMATION WE COLLECT
Registered Users are individuals that represent businesses with whom NetRoadshow or NetRoadshow’s customers and business partners have a business relationship. NetRoadshow collects identifying information from Registered Users including names, addresses, work phone numbers, work email addresses, IP address, browser type, etc. This information is used for providing the Services, validation of identity, managing transactions, reporting, diagnosing technical problems, other operations related to providing the Services to NetRoadshow’s customers and business partners. NetRoadshow only uses the Personal Data of Registered Users for purposes of providing the Services, responding to support questions, and other matters related to the Services. NetRoadshow does not use Personal Data of Registered Users for marketing or promotional purposes.
In connection with certain Services (e.g., Document Delivery Services and Data Room Services), Registered Users have the ability to add comments and annotations to documents which are stored and processed by NetRoadshow, and up load files and due diligence information which could include Personal Data. NetRoadshow has no control over the Personal Data which NetRoadshow customers and business partners upload into the Services.
NetRoadshow may also track and analyze non-identifying and aggregate usage and volume statistical information from Registered Users, and we may provide such information to third parties that assist us for these purposes. NetRoadshow may collect analytics data, or use third-party analytics tools and services, to measure traffic and usage of the Services. These tools collect information sent by the browser or mobile device or a Registered User, including the pages visited and other information that assists NetRoadshow in administering and improving the Services. Specifically, NetRoadshow has implemented Google Analytics to improve the quality of the user experience and administer and improve the Services. As implemented at NetRoadshow, the Google Analytics cookie collects technology data including browser, operating system, screen resolution, screen colors, flash version, and java support; session data, such as the number of new users and returning users, frequency data, and recency data, and engagement; and geographic data, including language and location. You may obtain more information about data collected by Google Analytics here. You can opt-out of Google Analytics by installing a plug-in to for browser available from Google here.
6. HOW WE PROTECT YOUR INFORMATION
NetRoadshow uses commercially reasonable and appropriate security measures to protect against unauthorized access, alteration, disclosure, or destruction of Personal Data of Registered Users and Personal Data. All Personal Data is stored and processed in encrypted computer databases and servers. NetRoadshow uses Secure Socket Layer (SSL) technology to protect Personal Data using both server authentication and data encryption during transmission.
7. DISCLOSURE OF PERSONAL INFORMATION
Except as otherwise stated in this Policy, NetRoadshow does not disclose or share Personal Data with third parties. NetRoadshow does not sell, rent, or otherwise provide Personal Data to any third parties for marketing or promotional purposes.
NetRoadshow retains the right to disclose Personal Data as required by law, such as to comply with a subpoena or similar legal process to the extent provided in the agreements with NetRoadshow and its customers or to respond to a government request. NetRoadshow may also may be required to disclose Personal Data in response to a lawful request by public authorities, including to meet national security or law enforcement requirements.
8. THIRD PARTY PROCESSORS
NetRoadshow may share information, including Personal Data, with its third-party service providers used to provide hosting for and maintenance of our Websites, application development, backup, storage, payment processing, analytics and other services for us. These third-party service providers may have access to or process Personal Data for the purpose of providing these services for us; however, we do not permit our third-party service providers to use any Personal Data that we share with them for their marketing or promotional purposes or for any other purpose than as necessary to provide services to us.
This Policy may be updated from time to time. Following each update, the date of the last revision will be reflected at the end of the page. This page may be bookmarked to facilitate periodic review of this Policy and to note recent updates. Neither this Policy nor any update to it will affect or modify any contract between NetRoadshow and its customers.
10. ANNUAL ASSESSMENT
NetRoadshow assures compliance with this Policy and the EU-U.S. Privacy Shield Framework by utilizing the self-assessment approach as specified by the U.S. Department of Commerce. The assessment is conducted on an annual basis to ensure that all of NetRoadshow’s relevant privacy practices are being followed in conformance with this Policy and the EU-U.S. Privacy Shield Framework.
11. COMPLIANCE WITH EU-U.S. PRIVACY SHIELD PRINCIPLES
NetRoadshow complies with the EU-U.S. Privacy Shield Framework in NetRoadshow’s collection, use, and retention of Personal Data. In keeping with EU-U.S. Privacy Shield principles, NetRoadshow has self-certified adherence to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability. If there is any conflict between this Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern the rights and obligations of NetRoadshow. To learn more about the EU-U.S. Privacy Shield program, and to view NetRoadshow, Inc.’s certification, please visit www.privacyshield.gov/welcome.
If you are not satisfied with our response, or if contacting us does not resolve your complaint, you can contact, JAMS, an independent dispute resolution provider located in the United States by calling +1 (404) 588-0900 or visiting https://www.jamsadr.com/eu-us-privacy-shield for more information and to file a complaint.
There is the possibility, under certain limited conditions, for individuals to invoke binding arbitration before the Privacy Shield Panel to be created by the U.S. Department of Commerce and the European Commission.
“Data Room Services” means a secure on-line repository for offering and due-diligence materials for debt offerings, equity offerings, and private transactions made by or for the account of a NetRoadshow customer.
“Document Delivery Services” means the electronic delivery of securities transaction related materials, such as preliminary, amended, and final, offering memoranda and prospectuses to Registered Users.