MRB Compliance Consulting LLC Privacy Statement
MRB is dedicated to protecting the confidentiality and privacy of information entrusted to it. As part of this fundamental obligation, MRB is committed to the appropriate protection and use of personal information (sometimes referred to as “personally identifiable information” or “PII”) that has been collected by or provided to us through our websites and other online and mobile services that link to or post this Privacy Statement (collectively, the “Online Services”).
Please review this Privacy Statement to learn more about how we collect, use, share and protect the PII that we have obtained. By using the Online Services, you consent to the processing of your information as set forth in this Privacy Statement, now and as amended by us.
1. Collection and use of personal information
We and our service providers collect any information that you provide when you use the Online Services. For example, when you register for a service, we may collect basic information about you such as your name, username, password, email address, physical address, phone number, date of birth, and other personal and business demographic or contact information.
We use the information we collect and Automatic collection of personal information receive from you to provide you with the Online Services; to communicate with you; to operate, maintain, and enhance the Online Services; and to fulfill your specific requests. For example, if you send us an email message requesting information about MRB, we will use your email address and other information you supply to respond to your request.
Your personal information is not used for other purposes, unless we obtain your permission, or unless otherwise required or permitted by law or professional standards.
In some cases where you have registered for certain services we may store your email address temporarily until we receive confirmation of the information you provided via an email (i.e., where we send an email to the email address provided as part of your registration to confirm a subscription request). Please note that your rights for any particular product or service will be determined by the notice provided with such product
or service, and in the event of a conflict between this notice and that notice, the specific notice provided with the product or service shall control. MRB only collects “sensitive” personal information when the relevant individuals voluntarily provide us with this information, or where such information is required or permitted to be collected by law or professional standards. Sensitive information includes personal information regarding a person’s race, ethnicity, political beliefs, trade union membership, religious or similar beliefs, physical or mental health, sexual life or criminal record. Please use your discretion when providing sensitive information to MRB, and under any circumstances, do not provide sensitive information to MRB, unless you thereby consent to MRB’s use of that information for its legitimate business purposes and consent to the transfer and storage of such information to and in MRB databases. If you have any questions about whether the provision of sensitive information to MRB is, or may be, necessary or appropriate for particular purposes, please contact MRB at us firstname.lastname@example.org.
1.1 Automatic collection of personal information
1.1.1 IP addresses
An IP address is a number assigned to your computer or internet-enabled device whenever you access the internet. It allows computers and servers to recognize and communicate with one another. IP addresses from which visitors appear to originate may be recorded for IT security and system diagnostic purposes. This information may also be used in aggregate form to maintain and improve the Online Services and to generate and analyze statistics about the Online Services and your use of the Online Services.
Cookies may be placed on your computer or internet-enabled device whenever you visit the Online Services. This allows the Online Services to remember your computer or device and serves a number of purposes.
On some of our Online Services, a notification banner will appear requiring your consent to collect cookies. If you do not provide consent, your computer or internet-enabled device will not be tracked for marketing-related activities. A secondary type of cookie referred to as “user-input” cookies may still be required for necessary functionality. Such cookies will not be blocked through the use of this notification banner. Your selection will be saved in a cookie and is valid for a period of 90 days. If you wish to revoke your selection, you may do so by clearing your browser’s cookies.
Although most browsers automatically accept cookies, you may be able to choose whether or not to accept cookies via your browser’s settings (often found in your browser’s Tools or Preferences menu). You may also be able to delete cookies from your device. However, please be aware that if you do not accept cookies, you may not be able to fully experience some of the features of the Online Services.
Other third-party tools and widgets may be used on our individual web pages or portions of the Online Services to provide additional functionality. Use of these tools or widgets may place a cookie on your device to make their service easier to use, and ensure your interaction is displayed properly.
BY ACCESSING OR USING OUR ONLINE SERVICES OR ENTERING YOUR LOGIN DETAILS TO ACCESS AREAS RESERVED FOR REGISTERED USERS, YOU AGREE THAT WE, OR A THIRD PARTY ACTING ON OUR BEHALF, CAN PLACE THESE COOKIES ON YOUR COMPUTER OR INTERNET ENABLED DEVICE.
1.1.3 Do Not Track
Our Online Services may not recognize browser based Do Not Track signals. However, as discussed above under “Cookies,” you may be able to modify your browser settings to block all cookies, or to block “third-party” cookies. Cookies that we set on our Online Services are considered “first-party” cookies. Details on your ability to restrict or change the personal information that we may collect about you are listed below under the Choice and Access sections of this statement.
1.1.4 Usage Analytics
MRB uses several third-party usage analytics tools including Google Analytics. More information about how Google Analytics is used by MRB can be found here: https://www.google.com/analytics/terms/us.html
1.1.5 Web beacons
A web beacon is a small image file on a web page that can be used to collect certain information from your computer, such as an IP address, the time the content was viewed, a browser type, and the existence of cookies previously set by the same server.
MRB or its service providers may use web beacons to track the effectiveness of third party web sites that provide us with recruiting or marketing services or to gather aggregate visitor statistics and manage cookies.
You have the option to render some web beacons unusable by rejecting their associated cookies. The web beacon may still record an anonymous visit from your IP address but cookie information will not be recorded.
In some of our newsletters and other communications, we may monitor recipient actions such as email open rates through embedded links within the messages. We collect this information to gauge user interest and to maintain and improve the Online Services.
1.1.6 Location-based tools
MRB may collect and use the geographical location of your computer or mobile device, but only with your express consent. With respect to the collection of precise information about the location of your mobile device, once you have consented to the collection you may adjust this consent by managing your Location Services preferences through the settings of your mobile device. This location data is collected for the purpose of providing you with information regarding services which we believe may be of interest to you based on your geographic location, and to improve our location-based products and services.
1.2 Social media widgets and applications
The Online Services may include functionality to enable sharing via third party social media applications (such as the Facebook Like button and Twitter widget) or allow you to use a social media identity to log into our Online Services where you have the option to do so. These social media applications may collect and use information regarding your use of the Online Services (see details on ‘Social Sharing’ cookies above). Please be aware that certain of the personal information that you provide via such social media applications may be collected and used by other members of that social media application and such interactions are governed by the privacy policies of the companies that provide the application. We do not have control over, or responsibility for, those companies or their use of your information.
In addition, the Online Services may host blogs, forums, crowd-sourcing and other applications or services (collectively “social media features”). The purpose of social media features is to facilitate the sharing of knowledge and content. Any personal information that you provide on any MRB social media feature may be shared with other users of that social media feature (unless otherwise stated at the point of collection), over whom we may have limited or no control.
MRB understands the importance of protecting children’s privacy, especially in an online environment. In particular, our Online Services are not intentionally designed for or directed at children under the age of 13. It is our policy never to knowingly collect or maintain information about anyone under the age of 13, except as part of an engagement to provide professional services.
2. Sharing and transfer of PII
We do not share personal information with unaffiliated third parties, except as stated in this Privacy Statement, including as necessary for our legitimate professional and business needs, to carry out your requests, to market our services, as required or permitted by law or professional standards, or otherwise with your consent.
In some instances, MRB may share PII about you with various third-party service providers and vendors working on our behalf. These third parties include providers of administrative, identity management, website hosting, data analysis, data back-up and security management services. MRB requires these entities to safeguard PII in the same manner as MRB.
MRB may also disclose PII in order to respond to lawful requests of government or law enforcement agencies, including to meet national security or law enforcement requirements or where disclosure is required by applicable laws, court orders, or government regulations. In the event that the ownership of MRB or an affiliate or their assets changes as the result of a merger, acquisition, or sale of assets, information owned or controlled by MRB may be transferred to another company. Information may also be shared in connection with the consideration, negotiation, or completion of a corporate transaction in which we are acquired by or merged with another company or we sell, liquidate, assign or transfer all or a portion of our assets. These disclosures may also be needed for data privacy or security audits and/or to investigate or respond to a complaint or security threat. MRB does not sell PII to any third parties. Also, MRB will not transfer the PII you provide to any third parties for their own direct marketing use.
MRB and our service providers may use personal information in an aggregated, anonymized form for research and development. This data does not identify you individually, but rather helps to identify trends in user preferences and behaviors. In addition, we may share de-identified reports on user demographics and traffic patterns, as well as de-identified information, with third parties.
Cross Border Transfer. MRB is a US limited liability company and may transfer certain PII across geographical borders to other MRB member firms or to outside companies working with us or on our behalf. MRB may also store PII in a jurisdiction other than where you are based, and such jurisdiction may not provide the same level of protection for your personal information as your home country. By providing your information to MRB, you are consenting to this transfer and/or storage of your information across borders. Each member firm is required to safeguard personal data in accordance with its contractual obligations and data protection legislation applicable to its provision of services. Your personal data will only be transferred if appropriate or suitable safeguards are in place. If you are located in the EU you may have additional rights. You can find more information under Section 7 below.
We may require you to provide certain PII in order for you to receive additional information about our services and events. MRB may also ask for your permission for certain uses of your PII, and you can agree to or decline those uses. If you opt-in for particular services or communications, such as an e-newsletter, you will be able to unsubscribe at any time by following the instructions included in each communication. If you decide to unsubscribe from a service or communication, we will try to remove your information promptly, although we may require additional information before we can process your request.
If you have submitted personal information to MRB, under most circumstances you have the right to reasonable access to that data to correct any inaccuracies. You can also make a request to update or remove information about you and we will make all reasonable and practical efforts to comply with your request, so long as it is consistent with applicable law and professional standards. To request access to or correction, updating, or removal of your personal information please contact us at: us email@example.com.
5. Data security and integrity
MRB has and requires its service providers to have security policies and procedures in place to help protect personal information from unauthorized loss, misuse, alteration, or destruction. Despite MRB’s efforts, however, security cannot be guaranteed against all threats. We seek to limit access to your personal information to those who have a need to know. Those individuals who have access to the data are required to maintain the confidentiality of such information. We also make efforts to retain personal information only for so long as the information is needed for our professional, marketing or analytic purposes or to comply with an individual’s request, or until that person asks that the information be deleted.
6. Additional EU Notices – Notice of Processing
MRB provides services, marketing and offerings in the U.S. and does not direct such activities to data subjects that are located in the EU. However, in certain circumstances, such interactions occur. To know more about it, please also note the additional EU specific notices.
7. Links to other sites
8. Changes to this statement
MRB may modify this Privacy Statement from time to time to reflect our current privacy practices. When we make changes to this statement, we will revise the “updated” date at the top of this page. We encourage you to periodically review this Privacy Statement to be informed about how MRB is protecting your information.
9. Questions and comments
MRB is committed to protecting the online privacy of your personal information. If you have questions or comments about our administration of your PII, please contact us at firstname.lastname@example.org. You may also use this address to communicate any concerns you may have regarding compliance with our Privacy Statement.