Privacy Policy

Version 2023.9

CDI PRIVACY STATEMENT

Computer Design & Integration, LLC (“CDI” or “We”) takes measures to ensure that the use and disclosure of your private personal information is consistent with applicable law.

This Privacy Statement explains what personal data we collect, why we collect it, how we protect it, how we use it, and how and why, in certain cases, we share such information with other parties. Our Privacy Statement is effective January 1 2012, and may be amended from time to time.

Our Privacy Statement applies to personal data collected or used by our website and when we offer products or services to our customers.

CDI also provides systems and services to customers who may also collect your information as needed for them to provide their services to you. In such circumstances, this statement does not directly apply and you should review that customer’s privacy statement.

CONSENT

By accessing or using any of the services provided by CDI, and affirmatively giving consent to process your personal data, you are affirmatively “opting-in” and giving us consent to the use or process your personal information. If you are providing any data from data subjects from the European Union that is regulated under the General Data Protection Regulation (“GDPR”), you must receive consent from that data subject to process their information before sending it to CDI for processing (“Data Subject Consent”). Client shall indemnify and hold CDI harmless for any claims related to failure to provide proof of Data Subject Consent, or from claims from any data protection regulatory authority enforcing GDPR compliance related to consent. At any time, you can opt-out of consent to the use or processing of your personal information by notifying CDI [email protected], at which time your personal information will be deleted from CDI’s systems.

INFORMATION THAT WE COLLECT AND MAY DISCLOSE

We collect information from and about you in order to comply with applicable laws and to provide the superior level of service that you expect. Personal data may include: names, addresses, phone numbers, e-mail addresses, IP addresses, web cookies, social security number; driver’s license information; income tax documents for you and your family; bank statements; and investment records.

Specific examples of personal information that we collect and may disclose to affiliates and certain third parties may include:

  • Information we receive from you on new account and service request forms.
  • Information about your transactions with us, our affiliates, and others such as account balances, payment history, account activity and statements.
  • If you visit our Internet web site, www.cdillc.com (the “website”), information you may submit to us on our website forms and information we may collect from your web browser and through “cookies” (explained below).
  • If you use any of our services, we may collect your IP address and other identifying information as part of the normal operations of those services.

HOW WE USE YOUR INFORMATION

CDI and third-party service providers may work together to provide a variety of services, and these providers may need to share your personal data to maintain an efficient and effective level of service.

The responsible use and disclosure of the personal data we collect is crucial to our ability to provide you with the services that you expect, and may occur under a variety of different circumstances. For example, we may:

  • Use personal data internally for the purposes of furthering our business, which may include analyzing information we receive from you, matching that information with the information of others, processing services, maintaining accounts, resolving disputes, preventing fraud, and verifying your identity.
  • Disclose personal data when required by law, such as requests for personal data in connection with a judicial, administrative or investigative matter.
  • Use and disclose personal data on an aggregate basis. This means that we may combine parts of your information with parts of the information from our other users without including other identifying components of that information, such as name, complete telephone number, complete e-mail address or your street address, in the combination.

Additionally, CDI may also use your IP address to help diagnose problems and to administer our website and services, analyze trends, track visitor movements, and gather broad demographic information that assists us in identifying visitor preferences. CDI’s website also uses cookies and web beacons but does not track users when they cross to third party websites, does not provide targeted advertising to them, and therefore does not respond to Do Not Track (DNT) signals.

We do not sell personal information to anyone and only share it with third parties who are facilitating the delivery of CDI’s services.

SHARING WITH NONAFFILIATED SERVICE PROVIDERS

We may disclose personal data to nonaffiliated service providers who perform business functions on our behalf, which may include marketing of our products and services, check printing, and data processing. Nonaffiliated third party service providers often aid us in the efficient and effective delivery of services and there may be circumstances where it is necessary to disclose personal data we collect to such parties. However, before we disclose personal data to a nonaffiliated party, we require them to agree to keep that information confidential and secure and to use it only as authorized by us. Also, we will only share your nonpublic information with nonaffiliated third parties where permitted by applicable law. All data shared with nonaffiliated service providers is kept to the minimum elements needed for the service provider to provide service.

CDI does not share, sell, or rent personal data with outside marketers.

Information about your CDI purchases are maintained in association with your profile account. The personal data that CDI collects from you is stored in one or more databases hosted by third parties located in the United States. These third parties do not use or have access to your personal data for any purpose other than cloud storage and retrieval. On occasion, CDI engages third parties to mail information to you.

HOW WE PROTECT YOUR INFORMATION

To help protect your privacy and any personal data received by CDI, we maintain a comprehensive information security program designed, overseeing the security and confidentiality of your personal data, protecting it against threats or hazards to the security of such information, and preventing unauthorized access. This program includes:

  • Procedures and specifications for administrative, technical and physical safeguards.
  • Security procedures related to the processing, storage, retention and disposal of confidential information.
  • Programs to detect, prevent and when necessary respond to attacks, intrusions or unauthorized access to confidential information.
  • Restricting access to your personal data to employees who need to know that information to provide products and services to you, and appointing specific employees to oversee our information security program.
  • Employee training programs to insure that all employees are trained regarding our information security program, the confidentiality of your information, and the laws applicable to the proper safeguarding and disposal of your personal data.
  • Updating and testing our security technology on an ongoing basis.
  • A commitment to taking appropriate disciplinary measures to enforce our employees’ privacy responsibilities.

However, we cannot and do not guarantee that unauthorized, inadvertent disclosure never may occur.

DISPOSAL OF BUSINESS RECORDS

CDI disposes of all business records containing personal data in accordance with applicable state and federal laws.

COMMUNICATIONS FROM CDI

Based upon any personal data you may provide to us, we may occasionally send you some or all of the following promotional communications:

  • information on products, services, special deals, promotions
  • CDI newsletters Out of respect for your privacy, we provide you a way to unsubscribe from these communications. Please see the “Choice and Opt-out” section.

In addition, however, based upon any personal data we receive from you as a result of an account you create or products or services you request from us, we also may occasionally send you some or all of the following:

  • service-related announcements, on rare occasions when it is necessary to do so (for instance, if our service is temporarily suspended for maintenance, we might send you an email)
  • communications in response to inquiries, service requests, and account management Generally, you may not opt-out of these communications, which are not promotional in nature. If you do not wish to receive them, you have the option to deactivate your account, subject to any contractual obligations.

CHOICE AND OPT-OUT

If you no longer wish to receive any promotional communications from us, you may opt- out of receiving them by following the instructions included in each newsletter.

LOG FILES

Log files are collected directly and indirectly by CDI, and your personal data may be stored with either approach.

Direct collection consists of the CDI website and email systems, which gather certain user information automatically, storing it in log files. This information may include, among other things, internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, sending servers, operating system, date/time stamp, and clickstream data. We may use this information to analyze trends, to administer the site, to track users’ movements around the site, perform spam filtering, and to gather demographic information about our user base as a whole.

Indirect data collection may occur automatically through the services we provide to our customers, such as hosted email services, hosted application servers, and management of customer systems. This data is controlled by our customers, not by CDI, and is managed following their privacy policies.

COOKIES

We use cookies on the CDI website. A cookie is a small file stored on a user’s computer for record-keeping purposes. We do not link the information we store in cookies to any personal data you submit while on the website.

We may use both session cookies and persistent cookies. A session cookie expires when you close your browser. We use session cookies to simplify your use of our site. A persistent cookie remains on your hard drive for an extended period of time. We may set a persistent cookie to store your identity, so you don’t have to enter your username and password more than once. We may also use persistent cookies to enable us to track and target the interests of our users and to enhance your experience on the website. You can remove persistent cookies by following directions provided in your Internet browser’s “help” file.

If you reject cookies, you may still use the website, but your ability to use some areas of the website, such as contests or surveys, may be limited.

OTHER SITES AND SERVICES

The website may contain links to other sites that are not owned or controlled by CDI. CDI is not responsible for the privacy practices of such other sites. Similarly, CDI provides services to customers who may hold a relationship with you separate from CDI. While CDI may process such data, CDI does not control it.

If you have concerns regarding the privacy practices of other sites, you should read the privacy statements available at those sites.

This privacy statement applies only to information collected by the CDI website and services that CDI controls.

TRANSFER OF CUSTOMER INFORMATION

Customer lists and other information provided to us are our business assets. If we merge with another entity or if we sell our assets to another entity, such information, including personal data provided us, may be included among the assets to be transferred.

To provide services to our customers, CDI may need to transfer personal data to a third party. Under the EU-U.S. Data Privacy Framework (EU-U.S. DPF) as set forth by the U.S. Department of Commerce, CDI shall remain liable if the third party improperly processes your personal data unless we prove that we are not responsible for the event giving rise to the damage.

TRANSFERRING PERSONAL DATA FROM THE EU TO THE US

CDI has its headquarters in the United States. Information we collect from you will be processed in the United States. The United States has not sought nor received a finding of “adequacy” from the European Union under Article 45 of the General Data Protection Regulation (“GDPR”). CDI relies on derogations for specific situations as set forth in Article 49 of the GDPR. In particular, CDI collects and transfers to the U.S. personal data only: with your consent; to perform a contract with you; or to fulfill a compelling legitimate interest of CDI in a manner that does not outweigh your rights and freedoms. CDI endeavors to apply suitable safeguards to protect the privacy and security of your personal data and to use it only consistent with your relationship with CDI and the practices described in this Data Privacy Statement. CDI also minimizes the risk to your rights and freedoms by not collecting or storing sensitive information about you.

Where CDI serves as a processor, facilitating the transfer of personal data on behalf of our customers, the customers’ privacy policies apply but do not override the requirements on both CDI and CDI’s customers under applicable law. As CDI customers may use CDI systems for various purposes, this privacy policy applies to both Human Resources (HR) data and non-HR data. In compliance with the EU-U.S. DPF, CDI commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) with regard to unresolved complaints concerning our handling of HR data received in reliance on the EU-U.S. DPF in the context of the employment relationship.

To meet our commitment to the Privacy Principles under GDPR, CDI complies with the EU-U.S. DPF. CDI has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

DATA SUBJECT RIGHTS

To the extent that GDPR applies to the processing of your personal data, this Data Privacy Statement is intended to provide you with information about what personal data CDI collects about you and how it is used. If you reside in the EU and your HR data exists on CDI’s systems, you have several rights regarding the limitation and use and disclosure of your personal data – ranging from how it is used in communications to how it is stored and accessed on our systems. If you have any questions, please contact us at [email protected].

If you wish to confirm that CDI is processing your personal data, or to access the personal data CDI may have about you, please contact us at [email protected].

SECURITY OF YOUR INFORMATION

To help protect the privacy of data and personally data you transmit through use of this Web site, we maintain physical, technical and administrative safeguards. We update and test our security technology on an ongoing basis. We restrict access to your personal data to those employees who need to know that information to provide benefits or services to you. In addition, we train our employees about the importance of confidentiality and maintaining the privacy and security of your information. We commit to taking appropriate disciplinary measures to enforce our employees’ privacy responsibilities.

DATA STORAGE AND RETENTION

Your personal data is stored by CDI on its servers, and on the servers of the cloud-based database management services CDI engages, located in the United States. CDI retains data for the duration of the customer’s business relationship with CDI. For more information on where and how long your personal data is stored, and for more information on your rights of erasure and portability, please contact our data protection officer at [email protected].

PROTECTION OF MINORS’ PERSONAL INFORMATION

Our products and services are primarily designed for adults. Anyone who is identified to be a minor customer under the laws of the country in which he or she is located must obtain the consent of his or her parents or guardians before using our products and services upon purchase.

We value the privacy protection of minors and encourage parents to always play an active role in their child’s online experience.

THIRD-PARTY SERVICE

This Data Privacy Statement does not apply to products and services provided by third parties. CDI products and services may include products and services from third parties, as well as links to third-party websites. When you use these third-party products or services and personal information is collected and/or processed, the privacy policy of the third-party shall apply.

We are not responsible for how third-parties collect, use, share, transfer and protect user’s personal information, and cannot control how it is processed.

To avoid any misunderstandings, please refer to the third party’s service agreement and read its privacy policy.

DISPUTE RESOLUTION

In compliance with the EU-U.S. DPF, CDI commits to resolve DPF Principles-related complaints about our collection and use of your personal information. EU individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF should first contact CDI at [email protected]

In compliance with the EU-U.S. DPF, CDI has further committed to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF to JAMS, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not resolved your DPF Principles-related complaint to your satisfaction, please contact or visit https://www.jamsadr.com/dpf-dispute-resolution for more information or to file a complaint. The services of JAMS are provided at no cost to you.

CHANGES IN THIS PRIVACY STATEMENT

We reserve the right to modify this privacy statement at any time, so please review it frequently.

If we decide to change our Privacy Statement, we will post those changes on the website so our users and investors are always aware of what information we collect, use and disclose. If at any point we decide to use or disclose personal data received from you in a manner different from that stated at the time it was collected, we will notify you in writing. We will otherwise use and disclose personal data in accordance with the Privacy Statement that was in effect when such information was collected.

We may e-mail periodic reminders of our notices and terms and conditions and will e-mail of material changes thereto, but you should check the Web site frequently to see the current Data Privacy Statement that is in effect and any changes that may have been made to it.

DATA PROTECTION OFFICER

CDI is headquartered in New York, in the United States. CDI has appointed an internal data protection officer for you to contact if you have any questions or concerns about the CDI’s personal data policies or practices. CDI’s data protection officer’s name and contact information are as follows:

Data Protection Officer
585 Colonial Park Drive
Roswell, GA 30075
(770) 542-0000

EU-REPRESENTATIVE AND UK REPRESENTATIVE

We value your privacy and your rights as a data subject and have therefore appointed Prighter as our privacy representative and your point of contact. Prighter gives you an easy way to exercise your privacy-related rights (e.g. requests to access or erase personal data). If you want to contact us via our representative Prighter or make use of your data subject rights, please visit: https://prighter.com/q/13809481

PrighterGDPR-Rep is the Art 27 GDPR representative of Computer Design & Integration LLC

PrighterGDPR-Rep by Maetzler Rechtsanwalts GmbH & Co KG
c/o Computer Design & Integration LLC

Address:
Schellinggasse 3/10
1010 Vienna
AUSTRIA

Website:
https://prighter.com

Please add the following subject to all correspondence: ID-13809481

PrighterUK-Rep is the Art 27 UK-GDPR representative of Computer Design & Integration LLC

PrighterUK-Rep by Prighter Ltd
c/o Computer Design & Integration LLC

Address:
Kemp House 160 City Road
London EC1V 2NX
UNITED KINGDOM

Website:
https://prighter.com

Please add the following subject to all correspondence: ID-13809481

DATA PROTECTION AUTHORITY

CDI commits to cooperate with EU data protection authorities (DPAs) and comply with the advice given by such authorities with regard to European Union data subjects data transferred from the EU. Notwithstanding the generalities of the foregoing, CDI reserves its rights to defend itself or choose whether to implement any changes to its information security program or Data Privacy Statement requested by DPA, including, but not limited to, any such changes CDI reasonably believes are necessary or required by security or privacy requirements set forth in applicable data protection law or by a DPA of competent jurisdiction.

AVAILABILITY OF OUR PRIVACY STATEMENT

The most up-to-date Privacy Statement is posted on the website at www.cdillc.com/privacy-policy, or you may call us at 770-542-0001 to request a copy.

CONTACT US

If you have any questions or suggestions regarding our Privacy Policy, please contact us at [email protected] or by phone at 770-542-0001.