ISTA Digital Privacy Policy

Last modified: August 27, 2024 

Introduction 

The International Safe Transit Association, Inc. (“Company” or “We” or “ISTA”) respects your privacy and is committed to protecting it through our compliance with this Notice.  It is important that you read this privacy notice together with our End User Licensing Agreement, and any other notice we may provide when we are collecting or processing data from or about you so that you are fully aware of how and why we are using your data. This Notice is supplemental to any other notices and does not replace them.   

This Notice describes the types of information we may collect from you or that you may provide when you visit the ISTA Digital web application, and our practices for collecting, using, maintaining, protecting, and disclosing that information. 

This Notice applies to information we collect: 

  • On the ISTA Digital web application. 
  • In electronic messages sent via the ISTA Digital web application. 

It does not apply to information collected by: 

  • Us offline or through any other means, including on any other website operated by ISTA or any third party; or 
  • Any third party. 

Please read this Notice carefully to understand our policies and practices regarding your information and how we will treat it. If you do not agree with our policies and practices, do not use ISTA Digital. By accessing or using this web application, you agree to this privacy Notice. This Notice may change from time to time (see Changes to Our Privacy Notice). Your continued use of this web application after we make changes is deemed to be acceptance of those changes, so please check the Notice periodically for updates. 

Children Under the Age of 18 

ISTA Digital is not intended for children under 18 years of age. No one under age 18 may provide any information to or on the web application. We do not knowingly collect personal information from children under 18. If you are under 18, do not use or provide any information on this web application or on or through any of its features. If we learn we have collected or received personal information from a child under 18 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 18, please contact us at: 

1400 Abbot Rd, Suite 380 
East Lansing, MI 48823-1900 

ista@ista.org 
+1 (517) 333-3437 

Residents of certain locations under 13, 16, or 18 years of age may have additional rights regarding the collection and sale of their personal information. Please see Your Local Privacy Rights for more information. 

Information We Collect About You and How We Collect It 

We collect several types of information from and about Users of ISTA Digital, including information: 

  1. User salutation  
  2. User first name  
  3. User last name  
  4. User work address  
  5. User other address  
  6. User country  
  7. User region  
  8. User types  
  9. User company  
  10. User email  
  11. User job title  
  12. User home phone  
  13. User office phone  
  14. User mobile phone  
  15. User currency  
  16. User language  
  17. Company name  
  18. Company logo  
  19. Company address  
  20. Company phone  
  21. Company country  
  22. Company region  
  23. Company website  
  24. Company tagline  
  25. Company description  
  26. Company sector  
  27. Company type  
  28. Company industries  
  29. Project number  
  30. Project counts (number of projects in the application for each Company, for each user, etc.)  
  31. Project owner (who owns each project in the application)  
  32. Project Type (for all projects in the application)  
  33. Project status  
  34. Project create date  
  35. Project country  
  36. Project world region  
  37. Project visibility 
  38. Number of Collection projects (number of Collection projects for each Company, owned by each user)  
  39. Number of Tests (number of Tests in each project and in the application for each Company, owned by each user)  
  40. Test name  
  41. Test name2  
  42. Test organization  
  43. Test category  
  44. Test data  
  45. Test time  
  46. Test status  
  47. Distribution map count (how many in each project the application)  
  48. Distribution map number of segments (how many in each project the application)  
  49. Distribution map number of steps (how many in each project the application)  
  50. Distribution map number of metrics (how many in each project the application)  
  51. Media count (how many in each project the application)  
  52. Attachment count (how many in each project the application)  

We collect this information: 

  • Directly from you when you provide it to us; and 
  • Automatically as you navigate through the application. Information collected automatically may include usage details, IP addresses, and information collected through cookies. 

Information You Provide to Us.   

The information we collect on or through ISTA Digital may include each of the following categories. 

  • Information that you provide by filling in forms on our web application. This includes information provided at the time of registering to use ISTA Digital, posting material, or requesting and engaging in further use of the web application. We may also ask you for information when you report a problem with our web application. 
  • Records and copies of your correspondence (including email addresses), if you contact us. 
  • Your responses to surveys that we might ask you to complete for research purposes. 
  • Your navigation prompts and search queries on the web application. 

You also may provide information to be published or displayed (hereinafter, “posted”) on public areas of the web application or transmitted to other users of ISTA Digital or third parties (collectively, “User Contributions”). Your User Contributions are posted on and transmitted to others including the public at your own risk. Although you may set certain privacy settings for such information by logging into your account profile, please be aware that no security measures are perfect or impenetrable. Additionally, we cannot control the actions of other users of the web application with whom you may choose to share your User Contributions. Therefore, we cannot and do not guarantee that your User Contributions will not be viewed by unauthorized persons. 

Information We Collect Through Automatic Data Collection Technologies. 

As you navigate through and interact with ISTA Digital, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including: 

  • Details of your visits to our web application, including traffic data, location data, logs, and other communication data and the resources that you access and use. 
  • Information about your computer and internet connection, including your IP address, operating system, and browser type. 

The information we collect automatically may include personal information. It helps us to improve our web application and to deliver a better and more personalized service, including by enabling us to: 

  • Estimate our audience size and usage patterns. 
  • Store information about your preferences, allowing us to customize our Services according to your individual interests. 
  • Speed up your searches. 
  • Recognize you when you return to our web application. 

The technologies we use for this automatic data collection may include cookies (or browser cookies). A cookie is a small file placed on the hard drive of your computer. You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if you select this setting, you may be unable to access certain parts of our web application. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our web application. For information about managing your privacy and security settings for cookies, see Choices About How We Use and Disclose Your Information. 

How We Use Your Information 

We will only use your personal data when the law allows us to. We have set out a description of all the ways we plan to process your personal data. We have also identified what our legitimate interests are where appropriate. 

We use information that we collect about you or that you provide to us, including any personal information: 

  • To present our web application and its contents to you. 
  • To provide you with information, products, or services that you request from us. 
  • To fulfill any other purpose for which you provide it. 
  • To provide you with notices about your account, including expiration and renewal notices. 
  • To carry out our obligations and enforce our rights arising from any contracts entered into between you and us. 
  • To notify you about changes to ISTA Digital or any services we offer or provide though it. 
  • To allow you to participate in interactive features on our web application. 
  • In any other way we may describe when you provide the information. 
  • For any other purpose with your consent. 

We process your personal data to discharge a relevant EU or EU Member State legal or regulatory obligation if you are subject to EU or EU Member State legal or regulatory jurisdiction to which we are also subject. 

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. 

Disclosure of Your Information 

We may disclose aggregated information about our users, and information that does not identify any individual, without restriction. 

We may disclose personal information that we collect or you provide as described in this Privacy Notice: 

  • To our subsidiaries and affiliates. 
  • To contractors, service providers, and other third parties we use to support our business. 
  • To a successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other transfer of some or all of International Safe Transit Association, Inc.’s assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by International Safe Transit Association, Inc. about our web application Users is among the assets transferred. 
  • To fulfill the purpose for which you provide it. 
  • For any other purpose disclosed by us when you provide the information. 
  • With your consent. 

We may also disclose your personal information: 

  • To comply with any court order, law, or legal process, including to respond to any government or regulatory request. 
  • To enforce or apply our End User License Agreement and other agreements. 
  • If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of ISTA, our Members, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction. 

The categories of personal information we may disclose include any information that we collect and which is necessary for the purposes stated above, or which you choose to disclose to another party or the public. 

Accessing and Correcting Your Information 

You can review and change your personal information by logging into ISTA Digital and visiting your account profile page. 

You may also send us an email at ista@ista.org to request access to, correct, or delete any personal information that you have provided to us. We cannot delete your personal information except by also deleting your user account. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect. 

If you delete your User Contributions from the Website, copies of your User Contributions may remain viewable in cached and archived pages or might have been copied or stored by other users. Proper access and use of information provided on the web application, including User Contributions, is governed by our End User License Agreement. 

Residents of certain locations may have additional personal information rights and choices. Please see Your Local Privacy Rights for more information. 

Your Local Privacy Rights 

State- and country-specific consumer privacy laws may provide their residents with additional rights regarding our use of their personal information. 

Some states and countries provide their residents with rights to: 

  • Confirm whether we process their personal information. 
  • Access and delete certain personal information. 
  • Correct inaccuracies in their personal information, taking into account the information’s nature processing purpose. 
  • Data portability. 
  • Either limit (opt-out of) or require consent to process sensitive personal data.  

The exact scope of these rights may vary by location. To exercise any of these rights please send us an email at ista@ista.org. 

Data Security 

To help protect the privacy of data and personal information you transmit through use of the Website, we maintain physical, technical and administrative safeguards designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure. We update and test our security technology on an ongoing basis. We restrict access to your personal information to those employees who need to know that information to provide services to you. In addition, we train our employees about the importance of confidentiality and maintaining the privacy and security of your information. All information you provide to us is stored on our secure servers behind firewalls.  

The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our web application, you are responsible for keeping this password confidential. Do not to share your password with anyone. We urge you to be careful about giving out information in User Contributions. The information you choose to share publicly may be viewed by any user of the web application. 

Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our web application. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the web application. 

Special Laws  

You must not store on our Services (as defined in the End User Licensing Agreement) or otherwise submit to the Services any (i) protected health information subject to the Health Insurance Portability and Accountability Act, (ii) Special Categories of Personal Data or (iii) save to the extent required to pay for the Services, credit, debit or other payment card data subject to PCI DSS or any other credit card schemes or other data which requires, (iv) data similar to (i)-(iii) or (v) data which requires  special protection pursuant to applicable law. 

Changes to Our Privacy Notice 

It is our policy to post any changes we make to our Privacy Notice on this page with a notice that the Privacy Notice has been updated on the ISTA Digital home page. If we make material changes to how we treat our users’ personal information, we will notify you by email to the email address specified in your account. The date the privacy Notice was last revised is identified at the top of the page. You are responsible for ensuring we have an up-to-date active and deliverable email address for you, and for periodically visiting our web application and this privacy Notice to check for any changes.

Your legal rights 

Under certain circumstances, you have the following rights under data protection laws in relation to your personal data: 

Request access to your personal data (commonly known as a "data subject access request"). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it. 

Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us. 

Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request. 

Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object to where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms. 

Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios:  

  • If you want us to establish the data's accuracy. 
  • Where our use of the data is unlawful but you do not want us to erase it. 
  • Where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims. 
  • You have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it. 

Request the transfer of your personal data to you or to a third party. We will provide you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided with your consent for us to use or where we used the information to perform a contract with you. 

Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain Services to you. We will advise you if this is the case at the time you withdraw your consent. 

Contact Information 

To ask questions or comment about this privacy Notice and our privacy practices, contact us at: 

1400 Abbot Rd, Suite 380 
East Lansing, MI 48823-1900 

ista@ista.org 
+1 (517) 333-3437