fbpx
Skip to content

PRIVACY POLICY

Leer en Español

Introduction

This Privacy Policy is effective as of September 1st, 2021, and represents the Privacy Policy of El American Inc. (“El American,” “we,” “our,” or “us”).

This Privacy Policy addresses the privacy rights of individuals who:

  •  visit our Website or use our Services”;
  • interact with us on behalf of a Service Provider in connection with the products and services our Service Provider provides to us;
  • interact with us on behalf of a business partner in connection with our relationship with the business partner;
  • apply to work with us;
  • receive marketing communications from us; and/or
  • interact with us by registering for, attending and/or otherwise taking part in our trade events, webinars, newsletter or conferences or who communicate with us via email, phone, or in-person.

This Privacy Policy, which includes and incorporates our GDPR Privacy Policy, is designed to assist individuals and businesses that interact with us to understand the types of Personal Data we collect, how that Personal Data is Processed, and the practices we have adopted to protect Personal Data.

Definitions

Controller” means a person or organization that, alone or jointly with others, determines the purposes and means of the Processing of Personal Data.

GDPR” means the EU General Data Protection Regulation 2016/679.

Personal Data” means any information relating to an identified or identifiable natural person.

Privacy Policy” means this Privacy Policy.

Process” and “Processing” means any operation or set of operations which is performed upon Personal Data, whether or not by automated means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure or dissemination, and erasure or destruction.

Processor” means a person or organization that engages in Processing.

Representative” means an individual who (i) acts on behalf of, or is employed by, a Customer, including, a Customer’s employees, agents, and representatives, (ii) acts on behalf of a Service Provider, including, a Service Provider’s employees, agents, and representatives, (iii) acts on behalf of a business partner, including a business partner’s employees, agents, and representatives or (iv) otherwise interacts with us in any manner, for example through our Website or uses our Services, in any manner whatsoever.

Service Provider” means a supplier, subcontractor, vendor, or other third party who provides services to us.

Website” means all of the websites and applications maintained by us that display a link to the Privacy Policy.

Website Visitor” means an individual who visits the Website.

Personal Data Collected

For our Service Providers, we may collect the Personal Data of your Representatives when we inquire about or purchase services from you to support our business operations.

For our business partners, we may collect the Personal Data of your Representatives in connection with our interactions with you.

For prospective employees, we may collect your Personal Data when you visit, browse, or register on our Websites, when you submit an application for employment, when you provide additional Personal Data during the application and interview process, when you speak to our employees during your interview process, and when you otherwise provide or authorize us to collect your Personal Data during the application and interview process.

For our Website Visitors, we may collect certain Personal Data from you when you visit, browse, register on our Websites, complete a form on our Websites, or engage in online support received through our Websites. We may also collect certain information about your session when you visit our Websites, including internet protocol (IP) addresses, browser type, internet service provider, referring/exit pages, operating system, date/time stamp and clickstream data, as further outlined below.

We may also collect the Personal Data of Representatives if they (i) register for a trade event, webinar, or conference hosted by us, (ii) download or request content and information regarding our Services, (iii) complete a survey or form, (iv) request online support through our Website, or (v) receive marketing communications from us.

Purpose of Personal Data Collection and Processing

We collect and Process Personal Data for the following purposes:

  • To personalize your experience using our Website;
  • To fulfill a legal obligation or to protect our rights;
  • To comply with applicable laws and regulations;
  • To administer and manage Service Providers;
  • To work with business partners;
  • To improve and protect the integrity and security of our Website;
  • To consider job applicants for employment;
  • To send periodic communications (the contact information that you provide may be used to send you information, including marketing, respond to inquiries, and/or other requests or questions); and
  • For any other purpose for which you have been notified, and if legally required where appropriate consent has been obtained.

If you receive marketing communications from us by email, and you no longer want to receive marketing-related emails from us, you may opt out of receiving such emails by clicking the “unsubscribe” link at the bottom of any marketing email you receive from us.  If you are having difficulty unsubscribing from our marketing emails using the above methods, please contact us directly at the email [email protected] .

Security

We implement a variety of security measures to maintain the safety of your Personal Data when you enter, submit, or access your Personal Data, or when it is otherwise collected or Processed by us. We take reasonable and appropriate measures to secure your Personal Data.

Cookies and Other Technologies 

We automatically collect information about your use of our Website through cookies, web beacons, and other technologies. To the extent permitted by applicable law, we combine this information with other information we collect about you, including your personal information.  

Cookies are alphanumeric identifiers that we transfer to your device’s hard drive through your web browser for record-keeping purposes. Some cookies allow us to make it easier for you to navigate our Website, while others are used to enable a faster log-in process or to allow us to track your activities at our Website. There are two types of cookies: session and persistent cookies.  

Session cookies exist only during an online session. They disappear from your device when you close your browser or turn off your device. We use session cookies to allow our systems to uniquely identify you during a session or while you are logged into the Website. This allows us to process your online transactions and requests and verify your identity, after you have logged in, as you move through our Website.  Persistent cookies remain on your device after you have closed your browser or turned off your device. We use persistent cookies to track aggregate and statistical information about user activity.

Most web browsers automatically accept cookies, but if you prefer, you can edit your browser options to block them in the future. The “Help” portion of the toolbar on most browsers will tell you how to prevent your computer from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether. Visitors to our Website who disable cookies will be able to browse certain areas of the Website, but some features may not function

Collection of Personal Data from Children 

Our Website is intended for individuals 16 years of age and older. It is not directed at, marketed to, nor intended for, children under 16 years of age. We do not knowingly collect any information, including Personal Data, from children under 16 years of age. If you believe that we have inadvertently collected Personal Data from a child under the age of 16, please contact us at [email protected] , and we will take immediate steps to delete it.

Changes to Privacy Policy

We will provide adequate notice of any material changes and obtain your consent when legally required when making such changes to this Privacy Policy.

Inquiries/Contact Us

You may have rights regarding your Personal Data depending on where you are and where your Personal Data is Processed. Please contact us at [email protected] if  you have questions in this regard or if you wish to update your Personal Data.

Governing Law; Venue; Waiver of Jury Trial and Class Actions

Unless applicable data protection / privacy laws provide otherwise, (a) the Privacy Policy is governed by the laws of the State of Florida, U.S.A, (b) you hereby agree that any dispute or claim raised or made by you against us relating to the Privacy Policy shall be subject to arbitration before a single arbitrator in Miami, Florida in accordance with the Commercial Arbitration Rules of the American Arbitration Association and (c) you hereby waive all rights to bring or maintain any court action, jury trial or any class claim, class action, class arbitration, or other representative action, claim or proceeding against us in a court of law.

CALIFORNIA CONSUMER PRIVACY ACT NOTICE

This section addresses the specific disclosure requirements under the California Consumer Privacy Act of 2018 (“CCPA”). It applies to personal information about California residents using our Website. For purposes of the CCPA, personal information means information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular California resident or household.

In the event of a conflict between this CCPA Notice and any of our other privacy notices, this CCPA Notice shall control only with respect to the personal information of California residents.

Personal Information Categories

Our Privacy Notice covers our personal information collection and usage more fully. The chart below describes the categories of personal information we collect and the sources from which we collect the personal information, organized into the categories specified by the CCPA.

Personal Information CategorySources
Personal information described in Cal. Civ. Code §1798.80(e)(such as name, address, telephone number, education, employment history, credit card or debit card number)Information you provide directly or through your interactions with our Website.
Identifiers (e.g., real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, or other similar identifiers)Information you provide directly or through your interactions with our Website.
Characteristics of protected classifications under California or Federal law (e.g., your gender or age) (“Characteristics of Protected Classifications”)Information you provide to us directly
Commercial information (e.g., information regarding products or services purchased, obtained, or considered)Information you provide to us directly.
Internet or Other Electronic Network Activity Information (e.g., browsing history, search history, and information regarding your interactions with our Services)Your interactions with our Website.
Geolocation DataInformation you provide directly or through your interactions with our Website.
Professional or Employment-Related InformationInformation you provide directly.
InferencesInformation you provide directly or through your interactions with our Website.
Audio, electronic, visual or similar informationInformation you provide directly.


We use this personal information for the purposes outlined in the “Purpose of Personal Data Collection and Processing” set forth above.  We do not sell your personal information and we do not have actual knowledge that we sell the personal information of minors under 16 years of age. 

California Residents’ Privacy Rights

California residents have rights to request access to or deletion of their personal information and may not be discriminated against because they exercise any of their rights under the California Consumer Privacy Act in violation of Cal. Civ. Code §1798.125. You can make requests by sending an email to [email protected] with details of your specific request. We may ask that you provide certain information to verify your identity, and the information we request from you will depend on your prior interactions with us and the sensitivity of the personal information at issue. Once confirmed, we will respond to your request in accordance with the CCPA. If we deny your request, we will explain why.

You may designate an authorized agent to make a request under the CCPA on your behalf if: (1) the authorized agent is a natural person or a business entity registered with the Secretary of State of California; and (2) you sign a written declaration that you authorize the authorized agent to act on your behalf. We may ask that you provide certain information to verify your identity and that you authorized the authorized agent to act on your behalf. If you provide an authorized agent with power of attorney pursuant to Probate Code sections 4000 to 4465, it may not be necessary to perform these steps and we will respond to any request from such authorized agent in accordance with the CCPA.

California residents also have the right to opt out of the sale of their personal information; we do not provide this option as we do not sell your personal information. 

If you have any questions or concerns regarding this CCPA Notice, please email [email protected] .

GDPR Privacy Policy

This GDPR Privacy Policy section of our Privacy Policy (this “GDPR Privacy Policy”) applies to the Processing of Personal Data by El American in its role as a Controller, or as otherwise covered by the GDPR, when individuals:

  • visit or use our Website;
  • interact with us on behalf of a Service Provider in connection with the products and services our Service Provider provides to us;
  • interact with us on behalf of a business partner in connection with our relationship with the business partner;
  • apply to work with us;
  • receive marketing communications from us; and/or
  • interact with us by registering for, attending and/or otherwise taking part in our trade events, webinars, or conferences or communicate with us via email, phone, or in-person interactions.

This GDPR Privacy Policy does not apply to any Personal Data Processed, stored, or hosted by Customers using any of our Services or to the extent that we Process Personal Data in the role of a Processor on behalf of our Customers. Where we act as Processors on behalf of our Customers, that Processing is subject to the protections contained in our data processing agreements with Customers. We have no control over, and are not responsible for, any Personal Data that our Customers may store or host on their equipment or otherwise process while using our Website. We are not responsible for the privacy or data security practices of our Customers, which may differ from those set forth in this GDPR Privacy Policy. For information related to how our Customers Process Personal Data, please contact the respective Customer directly.

Furthermore, this GDPR Privacy Policy does not apply to any third-party website or service that may be linked to the Website unless that website or service is controlled by us and displays this GDPR Privacy Policy. We have no control over, and are not responsible for, the data collection and/or handling practices of these third-party websites or services outside our Website. We encourage you to read the privacy statements of any third-party websites or services linking to (or linked to via) the Website. In the event of a conflict between this GDPR Privacy Policy and the remainder of the Privacy Policy this GDPR Privacy Policy will prevail.

Our Contact Details

If you have any questions or concerns as to how your Personal Data is Processed, please write to us at [email protected] or at [email protected] (Attn: El American Legal Department).

El American’s Data Collection Practices

El American collects and processes the following categories of Personal Data from Service Providers, business partners, Representatives, Website Visitors, prospective employees, individuals that receive marketing communications from El American and individuals that interact with El American by registering for, attending and/or who communicate with El American via email, phone or in person, in each case to operate its business for the specific purposes identified below.

  • Personal Details include data such as names, titles, company names, departments, email addresses, physical street addresses, telephone numbers, and social media usernames of individuals.
  • Unique IDs include data such as IP addresses and geolocation data that we obtain from (a) prospective employees, (b) Website Visitors, or (c) other individuals that interact with us.
  • Website Records include data related your interactions with our Website and other online content such as log data (i.e., preferences and settings, IP addresses, technical information about the device used to visit the Website, and geolocation information) and traffic data (i.e., pages viewed, date stamps, time spent on a page, click through and clickstream data, queries made, search history, search results selected, comments made, type of service requested, and purchases made).
  • Employment Information includes details such as descriptions of roles performed and locations of employment.

Why Does El American Collect Personal Data, What are the Sources of Personal Data, What are the Purposes for Processing, and What is the Lawful Basis?

The table below sets out the types of Personal Data El American Processes, the purposes of Processing such Personal Data, and El American’s lawful basis for doing so. The lawful basis will vary with the type of Processing involved and will typically include Processing (i) necessary for El American to pursue its legitimate business interests, (ii) based on your consent, where this is required by data protection laws, and (iii) necessary for El American to comply with its legal obligations. Where we rely on our legitimate business interests, we have explained what the grounds are for that reliance.

El American’s Purpose of Processing Personal DataEl American’s Lawful Basis for Collecting Personal Data
To interact with Service Providers and business partners.  El American collects and Processes such Personal Data when engaging with and purchasing products and services from Service Providers or business partners. Personal Details Unique IDs
El American has a legitimate business interest in processing Personal Data in order to engage in transactions with its Service Providers and business partners and efficiently run its business.
To manage the security of our systems or Services. In order to grant a Website Visitor, Service Provider, business partner or prospective employee access rights to our Website or systems and to monitor applicable security thereof, El American collects and Processes the following categories of Personal Data from the Representatives of such Website Visitor, Service Provider or business partner or the prospective employee: Personal Details Unique IDs Access Credentials and Visitation RecordsEl American has a legitimate business interest in protecting the security of its systems.
To communicate and respond to requests and inquiries. When a Service Provider, business partner or other person or entity contacts us by email, phone, text or by submitting a contact form on our Website, El American collects and Processes the following Categories of Personal Data from the Representatives or other individuals in order to communicate with such person or entity, as applicable, and respond to their requests and inquiries: Personal Details Unique IDs Website RecordsEl American has a legitimate business interest in being able to communicate with its Service Providers, business partners and other persons or entities and respond to their inquiries and requests.
To analyze, improve, and optimize the use, function and performance of our Website. El American may Process the following categories of Personal Data in order to analyze, improve, and optimize the use, function and performance of its Website, including for quality assurance and training purposes, as well as for marketing and sales campaigns. Personal Details Unique IDs Website Records Marketing and Event RecordsEl American has a legitimate business interest in improving and optimizing the use of its Website.
To comply with applicable laws, regulations and internal policies, practices, and procedures. El American may be required to disclose certain categories of Personal Data to comply with applicable laws and regulations, for example, to respond to a request from a government agency or to defend a legal claim. Additionally, El American may also be required to Process certain categories of Personal Data when conducting internal audits and investigations to ensure compliance with internal and external policies, practices, and procedures.El American has a legitimate business interest in complying with all applicable laws, regulations, and internal policies.
To receive applications for employment. El American may Process the following categories of Personal Data when receiving, reviewing, using, and storing applications for employment, including from prospective employees who visit the Website or other online locations where jobs may be posted and applications may be submitted: Personal Details Login Credentials Unique IDs Education and Work HistoryEl American has a legal obligation to collect certain information to confirm your right to work in the country to which you have applied. Otherwise, El American has a legitimate business interest in Processing the Personal Data of job applicants who seek to join the company to assess them as candidates for employment.

Sharing with Third Parties

Except as described below, we will not share or disclose Personal Data with or to outside third parties. Any and all Personal Data provided to us by a Website Visitor, Business Partner, or other third party is transferred only on a “need to know” basis in keeping with the purposes outlined in this Privacy Policy.

Service Providers. We may share Personal Data with our Service Providers in connection with advertising, hosting, data analytics, information technology and infrastructure, order management and fulfillment, billing, contract management, email delivery, auditing, events, and other related activities. We provide such Personal Data or authorize the processing of such Personal Data only as necessary to enable our Service Providers to perform their designated functions. Our contracts with them (1) require them to act only under our instruction and for the purpose(s) directed by us with respect to such Personal Data; and (2) prohibit them from sharing such Personal Data with any third parties without our authorization.

Business Partners. We may also share your Personal Data with trusted business partners pursuant to our contractual arrangements with them, which will include appropriate safeguards to protect any Personal Data that we share with these partners. These may include, but are not limited to, third parties that organize tradeshows, third party consultants and experts, and auditors.

Affiliated Entities. We share Personal Data with our Affiliates. Subject to local requirements, this Personal Data may be used to provide Services offered by our Affiliates, for the Affiliates to provide support to the Affiliated entity that is sharing the Personal Data or for any other purposes described in this Privacy Policy. For example, Affiliates may share Personal Data about our Service Providers, business partners, Representatives, prospective employees, and Website Visitors for direct marketing purposes.

Fraud Prevention and Protection of Legal Rights. We may use and disclose Personal Data to the appropriate legal, judicial or law enforcement authorities and our advisors and investigators: (i) when we believe, in our sole discretion, that such disclosure is necessary to investigate, prevent, or respond to suspected illegal or fraudulent activity or to protect the safety, rights, or property of El American and of our Service Providers, business partners, Representatives, Website Visitors, prospective employees, or others; (ii) when we suspect abuse of the Website or unauthorized access to any system, spamming, denial of service attacks, or similar attacks; (iii) to exercise or protect legal rights or defend against legal claims; or (iv) to allow us to pursue available remedies or limit the damages that we may sustain.  We may disclose personal information to our partners, service providers, and law enforcement to secure our Website, including to detect, prevent, and investigate security incidents or violations of our Terms of Use or applicable laws.

Law Enforcement. We may have to disclose the Personal Data of our Service Providers, business partners, Representatives, applicants, Website Visitors or others if a court, law enforcement or other public or government authority with appropriate competency requests that we provide that Personal Data and we believe, in our reasonable discretion, that such request was made in compliance with applicable law.  

Corporate Reorganization. We may transfer the Personal Data of our Service Providers, business partners, Representatives, Website Visitors or others to a third party in the case of the reorganization, sale, merger, joint venture, assignment, transfer or other disposition of all or any portion of our business, asset or stocks, including in the event of bankruptcy or corporate restructuring. Except as otherwise provided by a bankruptcy or other court, the use and disclosure of all transferred Personal Data will be subject to compliance with applicable data protection laws. Any Personal Data that an individual submits or that is collected after the reorganization may be subject to a new privacy policy adopted by the successor entity, of which we will inform, where required.

Service Improvements.  We may disclose personal information to our service providers in order to improve our Website and Services, such as to identify bugs, repair errors, or ensure that services function as intended, or conduct internal research and analysis to improve our technology.

In addition to the above, we also may disclose personal information to third parties at your direction.

Cross-Border Transfers

If we transfer EEA/EU/UK/Switzerland Personal Data to affiliates in the US, we will put in place appropriate intra-group agreements in accordance with the GDPR requirements, including use of the EU Commission-approved Standard Contractual Clauses for Controllers as appropriate. If we transfer EEA/EU/UK/Switzerland Personal Data to third parties, such as Service Providers or business partners in countries outside the EEA/EU/UK/Switzerland, we will put in place the EU Standard Contractual Clauses or other relevant international transfer documentation that complies with the GDPR requirements. We will also put in place a GDPR-compliant data processing agreement.

Data Retention

We will retain Personal Data that we collect and Process where we have a justifiable business need to do so and/or for as long as it is needed to fulfill the purposes outlined in this Privacy Policy. We may retain Personal Data as required by law, such as for tax, legal, or accounting purposes.  When, in our reasonable discretion, we have no justifiable business need to Process your Personal Data (for example, after all of our necessary interactions have ended, our internal record keeping policies no longer require us to continue to Process your Personal Data, and we have no other legal obligations to retain your Personal Data), we will either delete it or anonymize it.

Data Subject Rights under the GDPR

The GDPR grants individuals who are in the EU/EEA/UK the following rights, with some limitations. Individuals may contact us, at our contact information as set forth herein to exercise any of those rights and we will respond with the requested action or information, or will let you know why such rights do not apply to you.  These rights are not absolute and are subject to various conditions under applicable data protection and privacy legislation and the laws and regulations to which we are subject. In some cases, the exercise of these rights (for example, erasure, objection, restriction or the withholding or withdrawing of consent to processing) may make it impossible for us to provide services.

Right Not to Provide Consent or to Withdraw Consent. We may seek to rely on your consent in order to Process certain Personal Data. Where we do so, you have the right not to provide your consent, and the right to withdraw your consent at any time. If you withdraw your consent, this will not affect the lawfulness of the Processing conducted based on consent before its withdrawal.

Right of Access. You have the right to obtain confirmation as to whether or not we collect or Process Personal Data concerning you and, if this is the case, you have the right to request a copy of such Personal Data in digital format.

Right of Rectification. You have the right to require that we correct any inaccurate Personal Data concerning you, and that we complete incomplete Personal Data.

Right of Erasure. In certain circumstances, you have the right to request that we erase Personal Data concerning you; for example, if it is no longer necessary for the purposes for which it was originally collected and we do not otherwise have a legitimate reason to retain it. We may need to retain certain Personal Data when legally required, for internal, record keeping purposes, and/or in order to complete any transactions initiated prior to an individual’s request to remove or delete their Personal Data. Where we are unable to delete data from our systems, we will anonymize it so it will no longer be tied to your identity.

Right to Restrict Processing. In certain circumstances, you have the right to request that we restrict the Processing of the Personal Data that we have collected about you; for example, where you believe that the Personal Data that we hold about you is not accurate or lawfully held.

Right to Data Portability. In certain circumstances, you have the right to receive the Personal Data concerning you that you have provided to us in a structured, commonly used, machine readable format, and for us to transmit the data to another entity where technically feasible.

Right to Object to the Processing. In certain circumstances, you have the right to request that we stop Processing your Personal Data, including where we rely on legitimate interests as legal basis in the tables on the details of Processing provided above. If you receive commercial electronic communications from us, you can unsubscribe from the receipt of future commercial electronic communications from us by clicking on the “unsubscribe” link provided in such communications. Please also note that if you do opt out of receiving commercial electronic communications from us, we may still send you important administrative messages (such as updates about your account or changes in the Services), and you cannot opt out from receiving these messages, unless you stop receiving our Services.

Right Not to be Subject to Decisions Based Solely on Automated Processing that Produce Legal Effects. We do not make decisions based solely on automated processing – including profiling – that produces legal effects or similarly affects you.

Right to Complain to a Supervisory Authority. You have the right to lodge a complaint with a Supervisory Authority if you believe that our Processing of Personal Data relating to you is inconsistent with our obligations under the GDPR. In this situation, we ask you please consider contacting us first, so that we can try and assist with your query or address your concern.

To exercise any of your rights as set forth herein, please contact us in writing, via email or postal mail as indicated above, so that we may consider your request under applicable law. We may ask that you provide the following Personal Data for us to address your request speedily:

  • The name, User ID, pseudonym, email address, or other identifier you have provided to us or if you have not otherwise previously interacted with us, your first and last name and an address where we can correspond with you;
  • The country in which you are located;
  • A clear description of the Personal Data or content you wish to receive or to be deleted or corrected, or the action you wish to be taken; and
  • Sufficient information to allow us to locate the content or Personal Data to be deleted, removed, or corrected.

For your protection, we may only implement requests with respect to the Personal Data that are associated with the particular email address that you use to send us your request. In addition, please note that, depending on the nature of your inquiry, request, or complaint, we may need to verify your identity before implementing your request and may require proof of identity, such as in the form of a government issued ID and proof of your physical address. We will try to comply with your request as soon as reasonably practicable and in any case within the timelines prescribed by applicable laws. However, we reserve the right to refuse to act on a request that is manifestly unfounded or excessive (for example because it is repetitive) and/or, in some cases, to charge a fee that takes into account the administrative costs for providing the information or the communication or taking the action requested.