Updated: 7 January 2025
VENZA Privacy Policy
VENZA® (comprising VENZA, Inc., VENZA Group B.V., and its affiliates) is dedicated to safeguarding data and ensuring privacy.
This Privacy Policy applies to our websites (the “Websites”) and subscription services (the “Subscription Service”). It governs our practices for collecting, processing, and using data, and outlines your choices regarding the use, access, and collection of your Personal Information (as defined below). If you disagree with the practices described in this Privacy Policy, please refrain from using the Websites, the Subscription Service, or providing us with your Personal Information.
This Privacy Policy is updated periodically. In the event of significant changes, we will provide prominent notice, such as by email if we have your email address or through notifications for subscribers of the Subscription Service.
While we will notify you of material updates, we encourage you to review this Privacy Policy regularly. Previous versions of the Privacy Policy will be archived and accessible for your reference.
Subscription Service Use
VENZA Subscription Service
Our online Subscription Service enables companies, including our customers and VENZA itself, to create accounts and access content tailored to information security and compliance. The Subscription Service also facilitates training and awareness initiatives. Information added to the Subscription Service, whether provided directly by site visitors or input by Subscription Service users, is securely stored and managed on our service providers’ servers. This information is used to engage with visitors regarding their interest in the company’s goods or services and to enable interaction with the company. VENZA offers the Subscription Service to support our customers’ information security and compliance objectives, while also using it to fulfill VENZA’s own related requirements.
Use by VENZA
We use our own Subscription Service to access content focused on information security and compliance. Any information we collect and manage through the Subscription Service for our purposes is owned by us and is used, disclosed, and protected in accordance with this Privacy Policy.
Use by Customers
Our customers use the Subscription Service to access content related to information security and compliance, gaining insights to support their business needs. VENZA processes customer information strictly as directed by our customers and in accordance with our agreements, storing it on our service providers’ servers. These agreements prohibit VENZA from using this information except as necessary to provide and improve the Subscription Service, as permitted by this Privacy Policy, or as required by law.
VENZA does not have a direct relationship with individuals who provide Personal Information to our customers.
We acknowledge your right to access your Personal Information. Our customers are responsible for managing, correcting, deleting, or updating the information they collect from you through the Subscription Service. If you request data removal, we will respond within a reasonable timeframe. We may assist our customers in notifying their visitors about data collection, processing, and usage practices.
Our agreements prohibit customers from using the Subscription Service to collect, manage, or process Sensitive Information (as defined below). VENZA is not responsible for how customers use the information they collect through the Subscription Service.
VENZA collects information under the direction of its customers and does not have a direct relationship with individuals whose Personal Information it processes. If you are a customer of one of our customers and wish to stop being contacted by them, please reach out to the customer directly.
We may transfer Personal Information to third-party companies that assist in providing our services. Such transfers are governed by the agreements we have with our customers.
Definitions
Sensitive Information
This refers to credit or debit card numbers, personal financial account information, Social Security numbers, passport numbers, driver’s license numbers or similar personal identifiers, racial or ethnic origin, physical or mental health condition or information, or other employment, financial or health information.
Personal Information
This refers to any information that you voluntarily submit to us and that identifies you personally, including contact information, such as your name, email address, company name, address, phone number, and other information about yourself or your business. Personal Information can also include information about any transactions, both free and paid, that you enter into on the Websites, and information about you that is available on the internet, such as from Facebook, LinkedIn, Twitter and Google, or publicly available information that we acquire from service providers.
Personal Information also includes Navigational Information or payment information where such information can directly or indirectly identify an individual. “Navigational Information” refers to information about your computer and your visits to the Websites, such as your IP address, geographical location, browser type, referral source, length of visit and pages viewed. Please see the “Use of Navigational Information” section below. We collect and process payment information from you when you subscribe to the Subscription Service, including credit card numbers and billing information, using third-party PCI-compliant service providers.
Data Collection
Website Visitors
You may explore the Websites without providing any Personal Information. However, when you visit the Websites or register for the Subscription Service, we may ask you to provide Personal Information and collect Navigational Information (as defined above).
Log Files
When you use our services to access content provided by us, we automatically collect information about your computer hardware and software. This information may include your IP address, browser type, domain names, internet service provider (ISP), files accessed on our site (e.g., HTML pages, graphics, etc.), operating system, clickstream data, access times, and referring website addresses. VENZA uses this information to operate the Subscription Service, ensure its quality, and generate general statistics about the use of the VENZA Websites. For these purposes, we may link this automatically collected data to Personal Information, such as your name, email address, physical address, and phone number.
Third Parties
Occasionally, we may obtain Personal Information about you from third-party sources. These sources may include partners with whom we offer co-branded services or conduct joint marketing activities, as well as publicly available platforms such as social media websites.
Information about Children
The Websites are not intended for or targeted at children under 16, and we do not knowingly or intentionally collect information about children under 16. If you believe that we have collected information about a child under 16, please contact us at privacy@venzagroup.com so that we may delete the information.
Data Use
Privacy Policy Compliance
We use the information we collect solely in accordance with this Privacy Policy. Customers who subscribe to our Subscription Service are contractually obligated to adhere to the terms of this Privacy Policy under the agreements governing their use of the service.
Selling Data
We will never sell your Personal Information to any third party.
Personal Information Use
In addition to the uses identified elsewhere in this Privacy Policy, we may use your Personal Information to:
- Improve your browsing experience by personalizing the Websites and to improve the Subscription Service.
- Provide you with information or VENZA content that we believe may be of interest to you via post, email, or other communication methods, and send you marketing materials related to our business.
- Promote use of our services to you and share promotional and information content with you in accordance with your communication preferences.
- Share statistical information about our users with other companies; however, this information will not be used to identify any individual user.
- Notify you of changes to our Customer Terms of Use, Privacy Policy (including our Cookie Policy), or other legal agreements.
- Contact you on behalf of external business partners regarding specific offerings that may be of interest to you. In such cases, your Personal Information is not shared with the third party.
We use the information collected through our Subscription Service by our customers for the following purposes:
- Provide the Subscription Service (which may include the detection, prevention, and resolution of security and technical issues)
- Respond to customer support requests
- Fulfill the obligations under the VENZA Customer Terms of Use.
Navigational Information Use
We use Navigational Information to operate and improve the Websites and the Subscription Service. We may also use Navigational Information alone or in combination with Personal Information to provide you with personalized information about VENZA.
Customer Testimonials and Comments
We post customer testimonials and comments on our Websites, which may contain Personal Information. We obtain each customer’s consent via email prior to posting the customer’s name and testimonial.
Credit Card Information Use
If you give us credit card information, we use it solely to check your financial qualifications and collect payment from you. We use a third-party service provider to manage credit card processing. This service provider is not permitted to store, retain, or use information you provide except for the sole purpose of credit card processing on our behalf.
Personal Information Security
We use a variety of security technologies and procedures to help protect your Personal Information from unauthorized access, use or disclosure. We secure the Personal Information you provide on computer servers in a controlled, secure environment, protected from unauthorized access, use or disclosure. All Personal Information is protected using appropriate physical, technical and organizational measures.
Social Media Features
Our Websites include social media features, such as the Facebook Like button and widgets. These features may collect your IP address and which page you are visiting on our Websites, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on our Websites. This Privacy Policy does not apply to these features. Your interactions with these features are governed by the privacy policy and other policies of the companies providing them.
External Websites
Our Websites provide links to other websites. We do not control, and are not responsible for, the content or practices of these other websites. Our provision of such links does not constitute our endorsement of these other websites, their content, their owners, or their practices. This Privacy Policy does not apply to these other websites, which are subject to any privacy and other policies they may have.
Public Forums
We offer publicly accessible message boards, blogs, and community forums. Please keep in mind that if you directly disclose any information through our public message boards, blogs, or forums, this information may be collected and used by others. We will correct or delete any information you have posted on the Websites if you so request, as described in “To Unsubscribe from Our Communications” below.
Personal Information Retention
How long we keep information we collect about you depends on the type of information as described in further detail below. After such time, we will either delete or anonymize your information or, if this is not possible, then we will securely store your information and isolate it from any further use until deletion is possible.
We retain Personal Information that you provide to us where we have an ongoing legitimate business need to do so (for example, as long as is required in order to contact you about the Subscription Service or our other services, or as needed to comply with our legal obligations, resolve disputes and enforce our agreements).
When we have no ongoing legitimate business need to process your Personal Information. We securely delete the information or anonymize it or, if this is not possible, then we will securely store your Personal Information and isolate it from any further processing until deletion is possible. We will delete this information from the servers at an earlier date if you so request, as described in “To Unsubscribe from Our Communications” below.
If you provide information to our customers as part of their use of the Subscription Service, our customers decide how long to retain the Personal Information they collect from you. If a customer terminates its use of the Subscription Service, then we will provide the customer with access to all information stored for the customer by the Subscription Service, including any Personal Information provided by you, for export by the customer according to our agreement with our customer. After termination, we may, unless legally prohibited, delete all customer information, including your Personal Information, from the Subscription Service.
If you have elected to receive marketing communications from us, we retain information about your marketing preferences for a reasonable period of time from the date you last expressed interest in our content, products, or services, such as when you last opened an email from us or ceased using your VENZA account. We retain information derived from cookies and other tracking technologies for a reasonable period of time from the date such information was created.
Legal Basis for Processing Personal Information (EEA Visitors Only)
If you are a visitor/customer located in the European Economic Area (“EEA”), VENZA Group B.V. is the data controller of your Personal Information. VENZA’s Data Protection Officer can be contacted at privacy@venzagroup.com.
Our legal basis for collecting and using the Personal Information described above will depend on the Personal Information concerned and the specific context in which we collect it. However, we will normally collect Personal Information from you only where we have your consent to do so, where we need the Personal Information to perform a contract with you, or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms. In some cases, we may also have a legal obligation to collect Personal Information from you.
If we ask you to provide Personal Information to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your Personal Information is mandatory or not (as well as of the possible consequences if you do not provide your Personal Information). Similarly, if we collect and use your Personal Information in reliance on our legitimate interests (or those of any third party), we will make clear to you at the relevant time what those legitimate interests are.
Sharing Data
Service Providers
We employ other companies and people to provide services to visitors to our Websites, our customers and users of the Subscription Service and may need to share your information with them to provide information, products or services to you. Examples may include removing repetitive information from prospect lists, analyzing data or performing statistical analysis, providing marketing assistance, processing credit card payments, supplementing the information you provide us to provide you with better service, and providing customer service or support. In all cases where we share your information with such agents, we explicitly require the agent to acknowledge and adhere to our privacy and customer data handling policies.
VENZA Partners
In addition, we may share data with trusted partners to contact you based on your request to receive such communications, help us perform statistical analysis, or provide customer support. Such third parties are prohibited from using your Personal Information except for these purposes, and they are required to maintain the confidentiality of your information.
We partner with trusted third parties to provide you with products and services that we think may be relevant to you. When you engage with these partners, we will tell you with whom we are sharing data and provide a link to the partner’s privacy policy so you can learn more about how to opt-out of the partner’s communications. These partners are required to adhere to our privacy and data protection policies.
Corporate Events
If we (or our assets) are acquired by another company, whether by merger, acquisition, bankruptcy or otherwise, that company would receive all information gathered by VENZA through the Websites and the Subscription Service. In this event, you will be notified via email and/or a prominent notice on our Website(s), of any change in ownership, uses of your Personal Information, and choices you may have regarding your Personal Information.
Compelled Disclosure
We reserve the right to use or disclose your Personal Information if required by law or if we reasonably believe that use or disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or comply with a law, court order or legal process.
International Transfer of Information
International Transfers Within VENZA’s Entities
To facilitate our global operations, we transfer information to either the European Economic Area or the United States and allow access to that information from countries in which the VENZA affiliated entities have operations for the purposes described in this Privacy Policy.
This Privacy Policy shall apply even if we transfer Personal Information to other countries. We have taken appropriate safeguards to require that your Personal Information will remain protected. When we share information about you within and among VENZA’s affiliated entities, we make use of standard contractual data protection clauses in accordance with the General Data Protection Regulation (GDPR).
International Transfers to Third Parties
Some of the third parties described in this Privacy Policy, which provide services to us under contract, are based in other countries that may not have equivalent privacy and data protection laws to the country in which you reside. When we share information of customers in the European Economic Area or the United States, we make use of the General Data Protection Regulation (GDPR), its data protection clauses, binding corporate rules for transfers to data processors or other appropriate legal mechanisms to safeguard the transfer.
Cookies and Similar Technologies
Cookies
VENZA and its partners use cookies or similar technologies (such as web beacons) to analyze trends, administer the Websites, track users’ movements around the Websites, and gather demographic information about our user base.
Customer Navigational Information
Our customers can use the tools we provide, as well as tools provided by third parties, to collect Navigational Information when you visit their webpages on the Subscription Service. VENZA does not control our customers’ use of these tools, nor do we control the information they collect or how they use it.
How to Access & Control Your Personal Data
Reviewing, Correcting and Removing Your Personal Information
You have the following data protection rights:
- You can request access, correction, updates or deletion of your Personal Information.
- You can object to processing of your Personal Information, ask us to restrict processing of your Personal Information or request portability of your Personal Information.
- If we have collected and process your Personal Information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your Personal Information conducted in reliance on lawful processing grounds other than consent.
- You have the right to complain to a data protection authority about our collection and use of your Personal Information.
Anti-Spam Policy
Our Acceptable Use Policy applies to us and to our customers and, among other things, prohibits use of the Subscription Service to send unsolicited commercial email in violation of applicable laws, and requires the inclusion in every email sent using the Subscription Service of an “opt-out” mechanism and other required information. We require all customers to comply with the Acceptable Use Policy at all times. Any violation of this policy by a customer may result in the immediate suspension or termination of their access to the Subscription Service.
Unsubscribe from Communications
You may unsubscribe from our marketing communications by clicking on the “unsubscribe” link located on the bottom of our emails, updating your communication preferences, or sending an email to us at privacy@venzagroup.com or sending postal mail to an office location below. Customers cannot opt out of receiving transactional emails related to their account with us or the Subscription Service.
Unsubscribe from Customers’ Communications
Our customers are solely responsible for their own marketing emails and other communications; we cannot unsubscribe you from their communications. You can unsubscribe from our customers’ marketing communications by clicking on the “unsubscribe” link located on the bottom of their emails or by contacting them directly.
Consent to This Privacy Policy
Use of the Websites signifies your consent, as well as the consent of the company for whom you use the Websites and whose information you submit (if any), to this online Privacy Policy, including the collection and use of information by VENZA, as described in this Privacy Policy, and also signifies agreement to the Terms of Use for the Websites. Continued access and use of the Websites without acceptance of the terms of this Privacy Policy relieves VENZA from responsibility to the user. We do not make any automated decisions based solely upon Personal Information you provide to us.
Data Privacy Framework
Compliance with the EU-U.S. Data Privacy Framework and the UK Extension to the EU-U.S Data Privacy Framework and the Swiss-U.S Data Privacy Framework
VENZA complies with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. VENZA has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. VENZA has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF.
If there is any conflict between the terms in this Privacy Policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program and our certification, please visit https://www.dataprivacyframework.gov/s/program-overview
VENZA does not have any other U.S. entities or U.S. subsidiaries. VENZA is the only organization in scope of and will adhere to the EU-U.S. DPF, the UK Extension to the EU-U.S DPF and Swiss-U.S DPF.
We have certified that we adhere to the Principles of Notice, Choice, Accountability for Onward Transfers, Security, Data Integrity and Purpose Limitation, Access, and Recourse Enforcement and Liability, in accordance with the EU-U.S DPF, the UK Extension to the EU-U.S DPF and Swiss-U.S DPF
We will only process personal information in ways that are compatible with the purposes outlined above, in this Privacy Policy and uphold the rights of EU, UK and Swiss individuals.
As explained in this Privacy Policy, we may provide your personal information to third parties who perform services on our behalf. If we transfer personal information received under the EU-US DPF, the UK Extension to the EU-U.S DPF and the Swiss-U.S DPF to a third-party agent or service provider and they process your personal information in a manner inconsistent with the EU-US DPF, the UK Extension to the EU-U.S DPF and the Swiss-U.S DPF, we will remain liable if they fail to meet those obligations and we are responsible for the event giving rise to damages, unless we can prove we are not responsible for the event giving rise to the damage. VENZA complies with the EU-US DPF Principles, the UK Extension and the Swiss-U.S DPF Principles for all onward transfers of personal data from the EU, UK and Switzerland, including the onward transfer liability provisions.
Under certain circumstances, we may be required to disclose your personal information in response to valid requests by public authorities, including to meet national security or law enforcement requirements.
You have the right to access personal information that we hold about you, including the right to object to the processing, and the right to have data rectified and erased.
If you have any inquiries or complaints about our handling of your personal information under the EU-US DPF, the UK Extension to the EU-U.S DPF and the Swiss-U.S DPF, you should first contact us at privacy@venzagroup.com and we will respond to your inquiry promptly. If we are unable to satisfactorily resolve your complaint, or we fail to acknowledge your complaint in a timely fashion, we have further committed to cooperate and comply with the panel of European Data Protection Authorities (DPAs) in the resolution of any EU-US DPF, the UK Extension to the EU-U.S DPF and the Swiss-U.S DPF, complaints. Individuals may also have the opportunity under certain conditions to invoke binding arbitration for complaints regarding the EU-US DPF, the UK Extension to the EU-U.S DPF and the Swiss-U.S DPF, not resolved by the above mechanisms. See here for additional information about binding arbitration.
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, VENZA commits to resolve DPF Principles-related complaints about our collection and use of your personal data.
EU and UK and Swiss individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF should first contact:
Venza Learning Solutions, Inc. d/b/a VENZA, Inc. at:
VENZA, Inc.
Attn: Chief Information Officer
3 West Garden Street
Suite 215-8
Pensacola, FL 32502
For non-human resources personal data, VENZA has committed to refer unresolved EU-US DPF and the UK Extension to the EU-US DPF and the Swiss-US DPF complaints to JAMS, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your DPF Principles related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit https://www.jamsadr.com/DPF-Dispute-Resolution for more information or to file a complaint. The services of JAMS are free of charge to you.
For human resources personal data, In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, VENZA commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner’s Office (ICO) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of human resources data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF in the context of the employment relationship.
In the course of your employment (including contractors and the recruitment process) with VENZA, please refer to the relevant internal company polices to understand how VENZA processes your personal information.
The Federal Trade Commission has jurisdiction over VENZA’s compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF).
Contact
If you have any questions about this Privacy Policy or our treatment of the information you provide us, please write to us by email at privacy@venzagroup.com or by mail to:
Global Headquarters (USA)
VENZA, Inc.
Attn: Chief Information Officer
3 West Garden Street
Suite 215-8
Pensacola, FL 32502
European Office
VENZA Group, B.V.
Attention: Privacy
Prinses Margrietplantsoen 33, 2595 AM
The Hague, Netherlands