Titan Investment Group Holdings LLC has a Data Protection Officer (“DPO”) who assists in ensuring compliance with this Policy. “The Company” educates its employees concerning compliance with this Policy and has self-assessment procedures in place to assure compliance. The Company’s Data Protection Officer is available to any of its valued members, employees, customers, vendors, business partners or others who may have questions concerning this Policy or data security practices. Relevant contact information is provided herein.
"The company" and all of our entities under Titan Investment Group Holdings LLC participate in and abide by the EU-U.S. Privacy Shield Framework developed by the U.S. Department of Commerce and the European Commission. "the company" is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC). Additionally, we also rely on other mechanisms such as standard contractual clauses as a legal basis for transfers of personal data in light of the judgement of the Court of Justice of the EU in Case C-311/18.
This Policy applies to all Personal information received by “the company” in any format including electronic, paper or verbal. "the company" collects, stores and processes Personal information concerning current and former employees, as well as applicants for employment through its Internet websites, its intranet site, electronic mail and manually. “The company” will not sell or share this information with third parties in ways different from what is disclosed in this Policy. On a global basis, “the company” will establish and maintain business procedures that are consistent with this Policy. Notwithstanding the foregoing, “the company” has separate policies governing the processing of applicants and employee personal data and external personal data in those countries that are members of the EU. These policies are consistent with EU data protection law.
“The company” collects, stores, and processes Personal information from current and past members, such as name, contact information and financial account information. This information is maintained at Senior level by “the company” and its authorised agents, depending on the level of the position as well as the local office of the employee or applicant. “The company” collects Personal information for member related purposes and legitimate business reasons such as administration, training and development and management planning; production and publication of company address books and telephone and email directories; managing email and other communication systems; meeting governmental reporting requirements; security, health and safety management; performance management; company network access; managing and administering internal Ethics; facilitating workplace communications; workforce analytics, and authentication. “The company” does not request or gather information regarding political opinions, religion, philosophy or sexual preference. To the extent “the company” maintains information on medical health, race or ethnicity, “the company” will protect, secure and process that information in a manner consistent with this Policy and applicable law.
“The Company” also collects, stores, and processes Personal information from prospective customers, consumers, vendors, professional advisers and consultants, distributors, dealers, suppliers, business partners and others, such as name, contact information, assist in the administration of employee benefit and compensation programs, and financial or other payment information. This information may be maintained by "the company" facilities, and its authorised agents, consistent with local legislation. "the company" collects this Personal information for, among other things, legitimate business reasons such as processing and fulfilling orders; customer service; the provision of services or products to "the company", product, warranty and claims administration; meeting governmental reporting and records requirements; maintenance of accurate accounts payable and receivable records; marketing; internal marketing research; safety and performance management; financial and sales data; and contact information. All Personal information collected by "the company" will be used for legitimate business purposes consistent with this Policy.
"the company" may process and disclose Personal information to service providers, advisors, potential transactional partners, or other third parties in connection with the consideration, negotiation, or completion of a corporate transaction in which an "the company" business is acquired by or merged with another business, or sells, liquidates, or transfers all or a portion of its assets.
"the company" also may process or disclose Personal information as is reasonably necessary or legally required on important public interest grounds, to respond to lawful requests by public authorities (including to meet national security or law enforcement requests), to meet governmental reporting or records requirements, or for the establishment, exercise or defence of legal claims by "the company" or other companies within its group.
For purposes of this Policy, the following definitions shall apply:
"Agent" means any third party that processes Personal information provided by "the company" to perform tasks on behalf of or at the instruction of "the company".
""the company"" means "the company", its subsidiaries, divisions and groups, with brands such as Titan Network, Titan Integrator and Titan Ignite.
"Personal information" means any information or set of information that identifies or could be used by or on behalf of "the company" to identify an individual. Personal information does not include information that is anonymized, or publicly available information that has not been combined with non-public Personal information.
"Sensitive Personal information" means Personal information that reveals race, ethnic origin, trade union membership, political opinions, or religious or philosophical beliefs, that concerns health or sex life, or that contains criminal records. In addition, "the company" will treat as Sensitive Personal information any Personal information received from a third party where that third party treats and identifies the Personal information as sensitive.
"the company" commits to subject the Personal information covered by this policy to the following principles:
(1) NOTICE: Where "the company" collects Personal information directly from individuals, it will inform them about the purposes for which it collects, stores and processes Personal information about them, the types of non-Agent third parties to which "the company" discloses that information, and the choices and means, if any, "the company" offers individuals for limiting the use and disclosure of their Personal information. Notice will be provided in clear and conspicuous language when individuals are first asked to provide Personal information to "the company", or as soon as practicable thereafter, and in any event before "the company" uses the information for a purpose other than that for which it was originally collected.
(2) CHOICE: "the company" will offer individuals the opportunity to choose (opt-out) whether their Personal information is (a) to be disclosed to a non-Agent third party, or (b) to be used for a purpose other than the purpose for which it was originally collected or subsequently authorised by the individual.
For Sensitive Personal information, "the company" will give individuals the opportunity to affirmatively and explicitly consent (opt-in) to the disclosure of the information to a non-Agent third party or the use of the information for a purpose other than the purpose for which it was originally collected or subsequently authorised by the individual.
"the company" will provide individuals with reasonable mechanisms to exercise their choices should requisite circumstances arise.
(3) DATA INTEGRITY AND PURPOSE LIMITATION: "the company" will use Personal information only in ways that are compatible with the purposes for which it was collected or subsequently authorised by the individual. "the company" will take reasonable steps to ensure that Personal information is relevant to its intended use, accurate, complete and current.
(4) ACCOUNTABILITY FOR ONWARD TRANSFER: "the company" uses third-party Agents to assist us in accomplishing the purposes described in this Policy, for example to support our customers, perform technical operations, and store and transmit data. "the company" will confirm that any third party to which it discloses Personal information will appropriately safeguard the privacy of that Personal information. Examples of appropriate privacy safeguards include: a contract obligating the third party to provide at least the same level of protection as is required by the relevant privacy principles or applicable standards, the third party being subject to EU data protection law, or the third party being subject to another European Commission adequacy finding (e.g., companies located in Switzerland). Where "the company" has knowledge that a third party is using or disclosing Personal information in a manner contrary to this Policy, "the company" will take reasonable steps to prevent or stop the use or disclosure. "the company" holds third parties to which it discloses Personal information accountable for maintaining the trust our employees and customers place in the company.
(5) ACCESS AND CORRECTION: Upon request, "the company" will grant individuals reasonable access to Personal information that it holds about them. In addition, "the company" will take reasonable steps to permit individuals to correct, amend or delete information that is demonstrated to be inaccurate or incomplete. Any employees that desire to review or update their Personal information can do so by contacting their local Human Resources Representative.
(6) SECURITY: "the company" will take reasonable precautions to protect Personal information in its possession from loss, misuse and unauthorised access, disclosure, alteration and destruction. "the company" protects data in many ways. Physical security is designed to prevent unauthorised access to database equipment and hard copies of sensitive Personal information. Electronic security measures continuously monitor access to our servers and provide protection from hacking or other unauthorised access from remote locations. This protection includes the use of firewalls, restricted access and encryption technology. "the company" limits access to Personal information and data to those persons in "the company" organisation, or as Agents of "the company", that have a specific business purpose for maintaining and processing such Personal information and data. Individuals who have been granted access to Personal information are aware of their responsibilities to protect the security, confidentiality and integrity of that information and have been provided training and instruction on how to do so.
Suppliers, vendors and other third parties shall report any data breaches or potential data breaches of Personal information by contacting the Company’s internal DPO.
(7) RECOURSE, ENFORCEMENT AND LIABILITY: "the company" will conduct compliance audits of its relevant privacy practices to verify compliance with this Policy and the relevant privacy principles. Any employee that "the company" determines is in violation of this Policy will be subject to disciplinary action up to and including termination of employment.
Any questions or concerns regarding the use or disclosure of Personal information should be directed to the "the company" Data Protection and Privacy Office at the address given below. "the company" will investigate and attempt to resolve complaints and disputes regarding use and disclosure of Personal information in accordance with the principles contained in this Policy. For complaints that cannot be resolved between "the company" and the complainant, "the company" has agreed to participate in the dispute resolution procedures of the panel established by the data protection authorities to resolve disputes pursuant to the relevant privacy principles. In some circumstances, complainants may be able to appeal these decisions by invoking binding arbitration. All of these dispute resolution mechanisms are free of charge to you.
"the company" sees the Internet, intranets and the use of other technologies as valuable tools for communicating and interacting with consumers, employees, vendors, business partners and others. "the company" recognizes the importance of maintaining the privacy of Personal information collected through websites that it operates. "the company"' sole purpose for operating its websites is to provide information concerning products and services to the public. In general, visitors can reach "the company" on the Web without revealing any Personal information. Visitors on the Web may elect to voluntarily provide Personal information via "the company" websites but are not required to do so. "the company" collects information from visitors to the websites who voluntarily provide Personal information by filling out and submitting online questionnaires concerning feedback on the website, requesting information on products or services, or seeking employment. The Personal information voluntarily provided by website users is contact information limited to the user's name, home and/or business address, phone numbers and email address. "the company" collects this information so it may answer questions and forward requested information. "the company" does not sell this information. (See section VIII. for further clarifications on “selling” activities as defined under the California Consumer Privacy Act).
"the company" websites may contain links to other "non-"the company"" websites. "the company" assumes no responsibility for the content or the privacy policies and practices on those websites. "the company" encourages all users to read the privacy statements of those sites; their privacy practices may differ from those of "the company".
7.1. As mentioned, this Policy sets forth the privacy principles that "the company" follows with respect to Personal information transferred to "the company" from anywhere in the world, including transfers from the European Economic Area (EEA) (which includes the twenty-eight member states of the European Union (EU) plus Iceland, Liechtenstein and Norway).
If you are working within the EU or are a data subject in the EU protected by GDPR, you can invoke your rights under GDPR towards the relevant DPO that controls your personal data for the performance of the day-to-day operations, each acting as a separate controller.
7.2. For job applicants, employees and former employees based in EU, more information can be found here: General Data Protection Regulation (GDPR) Compliance Guideline
When you are not a job applicant, employee or former employee, we hereunder inform you about your rights under GDPR and how to perform them. In such case, the processing of personal data by the relevant "the company" entities may be based on the necessity to perform a contract with you or in order to take steps at your request prior to entering into a contract, because we have a legal obligation to do so, or because it is in our legitimate interest to do so (for instance if you are working for one of our suppliers or customers who have to receive your data for normal business operations, or because you want to browse through our website), or, alternatively, may be based on your consent (for instance when you have consented to the use of your personal data for direct marketing purposes).
7.3. Under the GDPR individuals have:
the right of access to the personal data that the relevant controller processes about the individual concerned, as well as a right of rectification and erasure of their data;
the right to obtain from the relevant controller restriction of processing of the individual’s personal data, and the right to object to the processing;
the right to obtain from the relevant controller in a structured, commonly used and machine-readable format, the personal data the individual has communicated to the controller in order to transmit this data to another controller (the so-called “right to data portability”)
the right to withdraw at all times the individual’s consent with respect to the processing which would possibly be based on the individual’s consent, without affecting the lawfulness of processing based on consent before its withdrawal;
the right to lodge a complaint with the competent supervisory authority.
The performance of these rights may be subject to certain conditions and exceptions as provided by the GDPR. Individuals who want to perform these rights can do so by contacting your local Human Resources Representative.
The inquiries should be made in writing and include the individual's name, address, and other relevant contact information (phone number, email address). "the company" may require that you provide additional information in order to verify your identity and will use all reasonable efforts to honour such requests as quickly as possible and within the time limits set forth by applicable law.
7.4. Except as otherwise permitted or required by applicable law or regulatory requirements, the relevant "the company" entity that controls your personal data retains personal data only for as long as necessary to fulfil the legitimate business purposes for which the personal data was collected (including, for the purpose of meeting any legal, tax, accounting or other reporting requirements or obligations). If destroying or erasing personal data is not mandatory by law, we may make it anonymous such that it cannot be associated with or tracked back to the individual. Local "the company" entities may have policies that deviate from the above.
California Residents please review the government guidance on CCPA via this link: CCPA Fact Sheet.docx (ca.gov)
The practices described in this Policy are current Personal data protection policies as of April 2022"the company" reserves the right to modify or amend this Policy at any time consistent with the requirements of the relevant principles and applicable law. Appropriate notice will be given concerning such amendments.