Effective: July 15, 2021
Last Updated: July 15, 2021
2) Why do we process Personal Information?
Our goal in processing Personal Information of Registrants is to facilitate our provision of the Services to our Registrants and our Customers. Our primary goal in collecting information from Visitors is to allow us to assess and respond to a Visitor’s need for our Services and to contact the Visitor in order to provide further information regarding our Services and engage in additional marketing of our Services to such Visitors and their companies. More detail is provided below under the headings “What Personal Information do we process?” and “How do we use Personal Information we collect from and about Registrants?”.
3) What categories and specific Personal Information do we process?
Additionally, for our online educational programs and seminars, we may process the Personal Information a User provides to register as well as additional Personal Information resulting from a User’s use of such Services. We may provide this Personal Information to a User’s company (as identified by the User and/or as evidenced by the User’s use of the company’s email domain), regarding a User’s online educational program participation, a User’s performance (e.g. in taking tests for self-assessments or certifications), and a User’s educational program history.
If one of our Customers is registering a User for access to and use of our Services, the Customer must provide all relevant notices to and obtain any consents from those Users required to share the Personal Information with us and such notices and consents must sufficiently inform such Users of the purposes for which Personal Information is being processed by us.
(b) Transaction Information. Because LAS and EZLease only provide Services with respect to lease transactions between businesses (each a “Transaction”). Personal information included within a Transaction is generally limited the name, job title, email address, office address and phone number of individuals who are identified in the Transaction communications as contacts and in notice or contact provisions of or as signatories to the lease documentation as representatives of the lessee, lessor or other party to the Transaction.
(c) Sourcing Application Information. Requests for proposals (“RFPs”) by Users seeking lease financing (“RFP Authors”) and any Personal Information included in those RFPs are available to multiple financing sources for bidding (“RFP Bidders”). RFPs and RFP Bidders’ proposal responses (“Proposals”) are private among the RFP Author, the responsive RFP Bidder and us.
4) How do we use a Registrant’s Personal Information we process?
The following are examples of how we currently use Personal Information of our Registrants. These examples are not exclusive, but in all events, we use the Personal Information of our Registrants solely in connection with the provision of our Services.
- We use Personal Information of Registrants to administer our Customers’ contract with us, to provide support and respond to requests and inquiries, to improve the Services for all users, to monitor progress of a Users’ training and instruction and to log use of the Services, primarily for administration and security purposes.
- We use the Personal Information we capture in our Applications to facilitate communications with stakeholders involved in the leasing process and in lease accounting.
- We collect source IP addresses for all system activity in order to ensure audit trailing and to determine the source of any malicious use of the system.
- If you attend an event (including by telephone or video conferencing) , we may process information about you gathered in relation to the event and can share information about your attendance with your company.
5) What Personal Information do we disclose to third parties and why do we disclose it?
We share User Personal Information throughout our organization, which includes our affiliates and with third parties. The following are examples of how we currently may share Personal Information. These examples are not exclusive, but we share the Personal Information solely in connection with our provision of the Services, to protect our rights or the rights of our Customers and our Users or as required by law or compulsory process. We never sell Personal Information of our Users to third parties.
- We may share Personal Information with third-party service providers (for example, data hosting/storage, virtual assistance and learning, service/support management, credit card processing services, order fulfilment, analytics, event/campaign management, website management, information technology and related infrastructure provision, customer service, e-mail delivery, auditing, and other similar service providers) in order for those service providers to perform business functions on our behalf.
- We may share Personal Information with relevant third parties in the event of a reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock;
- We may share Personal Information with our Customer or its affiliates with whom the User is employed, engaged or deals, directly or indirectly, in connection with a Transaction or otherwise deals using our Applications.
- We may share Personal Information in the course of a Customer’s RFP activities – e.g. to allow sourcing participants to solicit, send out or respond to an RFP.
- We may share Personal Information when we believe in good faith that disclosure is necessary to protect our rights, protect a User’s safety or the safety of others, investigate fraud, or respond to government requests, including public and government authorities outside a User’s country of residence, for national security and/or law enforcement purposes or to comply with compulsory process, such as a subpoena.
We may occasionally aggregate our User information or Transaction Information and disclose such information to third parties in aggregate form for a number of business purposes, including running and enhancing our Application and Website. In these situations, we do not disclose any information that could be used to identify an individual.
6) How long do we retain Personal Information?
Personal Information about our Registrants that we collect in performing our Services for a Customer will be retained for the duration of the services contract with the Customer and thereafter, as necessary for us to comply with our post termination obligations to the Customer and to comply with applicable law.
Personal Information about our Visitors will be retained so long as we determine that such information may still facilitate our sales or marketing efforts.
7) How do we manage processing of Personal Information by Customers?
The Applications provide each Customer the opportunity to process Personal Information of its users’. Each Customer is solely responsible for, and we have no control over and do not audit, a Customer’s processing activities using our Applications.
Modern browsers provide an option to reject cookies. Learn how to use your browser to disable / block cookies here https://www.wikihow.com/Disable-Cookies. Visitors to our Websites may block cookies. Registrants desiring to access and use our Applications are required to accept all cookies in order for the features and security mechanisms to function.
Additionally, we will collect unique identifiers about each Visitor and track the web pages visited, files downloaded, and videos played. The information collected is used to enhance the user experience, assist our sales and marketing to such Visitor and for website design. It is not shared with third parties.
9) How do we protect User Personal Information?
We have implemented appropriate technical, physical and organizational measures intended to safeguard Personal Information from unauthorized or unintended access, loss, damage, alternation, disclosure or other processing.
10) How do we manage Q&A and collaboration of Users?
The Application enables inter- and intra-company Q&A communication and collaboration communications directly between Users. Q&A communications are private between parties to Transactions. Collaboration communications are private within a User’s organization and cannot be viewed by any third-party Users. Q&A communications between Users and collaboration communications between or among individuals within a User’s organization are secure utilizing the same technology as described in Section 7, above. E-mail communications between Users and between the Users and us are subject to the limitations of general Internet security.
11) What happens in the event of inadvertent disclosure of confidential information?
12) Is this a consumer website?
No. Our Application and Website is intended for business/commercial use only. Our Application and Website is not intended for consumer use. Each User agrees not to use our Website to provide or store any consumer information, including without limitation, social security numbers, credit card numbers or individual bank account information. Each User agrees not to disclose Personal Information, other than as described in Section 3(a), about any other individual when using our Applications.
14) What are your privacy rights?
You have privacy rights for the information we process about you. You can choose to opt-out of third party sharing and object to, or restrict our use of your Personal Information. You can ask us to delete, change or correct your Personal Information or access your Personal Information. We encourage Registrants to initiate these requests by contacting the company (e.g. our Customer) that provided Registrant’s Personal Information to us. Otherwise, these requests may be initiated by sending an e-mail to: firstname.lastname@example.org.
In cases of sharing with third parties of data of EU, UK and Swiss individuals received pursuant to the GDPR, EU-US Privacy Shield and Swiss-US Privacy Shield (see “How do we manage GDPR Compliance for EU data subjects?” and “How do we handle Privacy Shield Framework requirements?” below), we remain liable for the transfer of personal data to agent third parties unless we can prove we were not a party to the events giving rise to the damages.
15) How do we manage GDPR Compliance for EU data subjects?
We are a global corporation with operations in multiple countries and Personal Information may be processed globally as necessary in order for us to provide or support our Services. If Personal Information is transferred to an LAS or EZLease recipient in a country that does not provide an adequate level of protection for such information, we will take adequate measures designed to protect the Personal Information, such as ensuring that such transfers are subject to the terms of the Standard Contractual Clauses or other adequate transfer mechanism as required under relevant data protection laws.
In the event the services agreement between us and our Customer references the LAS or EZLease Data Processing Agreement (“DPA”), further details on the relevant data transfer mechanism that applies to your Personal Information are available in the DPA.
If you are located in the European Economic Area (the “EEA”), you may have the following rights to the extent provided by law:
- Request access to and receive information about the Personal Information we may maintain about you, update and correct inaccuracies in your Personal Information, restrict or object to the processing of your Personal Information, have your Personal Information deleted, or exercise your right to data portability to easily transfer your Personal Information to another company.
- Lodge a complaint with a supervisory authority, including in your country of residence, place of work, or where an incident took place.
- Withdraw any consent you previously provided to us regarding the processing of your Personal Information, at any time and free of charge. We will apply your preferences going forward and this will not affect the lawfulness of the processing before your consent withdrawal.
Please access the link provided for more information regarding our supervising Data Protection Authority:
16) How do we manage California privacy requirements?
If you reside in California, you have the right to request that we disclose to you the following information covering the 12 months preceding your request:
- The categories and specific pieces of Personal Information we have collected about you;
- The categories of sources from which the Personal Information is collected;
- Our purposes for collecting or selling your Personal Information; and
- The categories of Personal Information that we have disclosed to third parties and the categories of third parties with whom we share your Personal Information.
If you are a California resident, you also have the right to request deletion of any Personal Information about you that we have collected from you, subject to certain exceptions and to request that we not sell your Personal Information.
Any of such requests must be submitted to us in writing at the e-mail address or physical address indicated under how to contact us below. To protect your privacy and security, we will also take reasonable steps to verify the your identity before taking any action
17) How do we handle Privacy Shield Framework requirements?
We are further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers for more information and to file a complaint. This service is provided free of charge to you.
If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction.
To protect a User’s privacy and security, we will also take reasonable steps to verify the User’s identity before taking any action.
18) What is the main U.S. regulatory agency that governs us?
We are subject to the investigatory and enforcement powers of the US Federal Trade Commission (FTC).
19) Do we link to other websites?
The fact that we provide links to a given website is not an endorsement, authorization or representation that we are affiliated with that third party, neither is it an endorsement of their privacy or information security policies or practices. These other websites may place their own cookies or other files on your computer, collect data, or solicit Personal Information from you. We are not responsible for the content or privacy and security practices and policies of third-party websites or services. We encourage you to learn about third parties’ privacy and security policies before providing them with Personal Information.
20) How to contact us?
10740 Parkridge Blvd. Suite 701
Reston, VA 20191