At both PAAST, P.L. and Genesis Systems Consulting, LLC, we pride ourselves on our commitment to protecting your privacy. Our data governance and privacy policies reflect our company’s values and how we strive to maintain your privacy.
Any use you make of PAASTGEN’s service offerings is subject to the engagement terms as indicated in the specific agreements that you have signed with us.
Both PAAST, P.L. and Genesis Systems Consulting, LLC are corporations registered in Florida, with a principal office at located at 255 Alhambra Circle, Suite 1100, Coral Gables, FL 33134, United States of America.
If you have any questions about this Policy or questions or complaints about our privacy practices, please contact us using the details below:
If for PAAST, P.L. then:
FAO Data Protection Officer
Address PAAST, P.L., 255 Alhambra Circle, Suite 1100, Coral Gables, FL 33134
If for Genesis Systems Consulting, LLC then:
FAO Data Protection Officer
Address Genesis Systems Consulting, LLC, 255 Alhambra Circle, Suite 1100, Coral Gables, FL 33134
The contact information above should also be used for communications relating to exercising the rights described in “How To Exercise Your Rights” section.
We gather information that you provide to us when you:
- Purchase products or services from us
- Subscribe to our newsletters and mailing lists
- Exchange contact information from various networking events or social venues
- Participate in promotional offers (such as a trial services or discounted products) and other promotions, competitions or prize drawings
- Fill in forms, conduct searches, post content on the website, respond to surveys, or use any other features of our websites or social media pages
- Make an inquiry, provide feedback, submit correspondence, or make a complaint over the phone, by email, on our website or by post
- Register for, and update an online account with us (including if you access through Facebook, LinkedIn, Twitter, Google, or an open IP provider)
- Register to, present at, and/or attend, our events and conferences
- Enter into a contract with us
- Submit a job application, a CV, cover letter, or social media profile to a job vacancy, attend an interview, assessment, or meeting
- ‘Follow’, ‘like’, post to, or interact with, our social media accounts, including Facebook, LinkedIn, Twitter, Pinterest, Instagram, Google+, and SnapChat.
The information you provide to us may include (depending on the circumstances):
- Identity and contact data: title, names, addresses, email addresses, phone numbers or your signature.
- Account profile data: a username/display name, password, user preferences and, if you sign up through a social media account, certain information about that account.
- Conference registration details: the company/organization you work for, job title/position, language preferences, your name, your email, your age, your gender, your job function, your experience, your opinions and why you are attending the conference and what you hope to learn, your accessibility needs.
- Financial data: payment details, which may include billing addresses, credit/debit card details and bank account details.
- Employment and background data: if you apply for employment on our sites, your academic and work history, qualifications, skills, projects and research that you are involved in, references, proof of your entitlement to work in the relevant country, your national security number, your passport or other identity document details, your current level of remuneration (including benefits), and any other such similar information that you may provide to us.
- Visual and audio information about yourself: e.g. a photo or video footage, or sound recording.
- Your preferences: information about your preferences, interests, industry focus, community choices, and other customer profile information.
- Sensitive information: information about your race or ethnicity, religious beliefs, sexual orientation, health and whether or not you have any disability. You can find out more about how we use sensitive information below in the “Non Public Information” section.
- Any other information that you choose to share with us: for example, any information that you provide via correspondence, when you fill out our survey(s), that you share via our website or social media accounts linked to our website, or any information that you choose to provide in person at events, meetings, or over the phone.
- Mobile application: Although still in development, when you download and use PAASTGEN based mobile applications, we automatically collect information on the type of device you use, your geo location, and your operating system version.
Some of Genesis’ products and services collect information about system and product data. We use this information to manage and administer our products and services, to issue updates and new versions, for the testing and monitoring services that we provide, enhancing our products and services, and improving and targeting our communications with you.
For PAASTGEN, technologies such as cookies, beacons, tags, local storage, and scripts are used by us, and other companies, such as third party technology service providers. These technologies make it easier for you to navigate our website and to help us manage the content on our website and are used to analyze trends, administer the sites, track users’ movements around the site (including which site you clicked from to arrive at our site), and gather demographic information about our user base. However, we currently do not subscribe to Google or Adobe analytic platforms so the information collected is basic at best.
Once developed and available, our mobile apps may collect information about your geo-location data in order to provide you with relevant content for your region. You will be able to switch off geo-location functionality for our mobile apps on your device.
In certain circumstances, we will receive information about you from other sources, including third parties. For example, we may receive personal information from any of the following, who may be based inside and/or outside the EU:
- Other website users.
- Event attendees.
- Your agents or representatives who are acting on your instructions.
- Commercial contact lists that we acquire from other organizations.
- Organizations that we acquire or merge with.
- Organizations with whom we provide co-branded events, websites, products, and services.
- Fraud detection agencies.
- Your current and former employers, recruitment agencies, and referees.
- Service providers including our website developers, IT support providers, cloud services providers, payment services providers, billing service providers, contractors, consultants, advertising agencies and platforms, digital performance monitoring and management providers, advertising analytics providers, marketing and sales service providers, user experience testing platforms, B2B contact databases, recruitment agencies, survey tool providers, customer relationship and customer support service providers, event ticket retailers, event management platform service providers, customer identity account management providers, HR service providers, couriers, instant messaging service providers.
- Social media plugins. By providing your social media account details you are authorizing that third-party provider to share with us certain information about you.
- Publicly available sources such as LinkedIn.
We might also receive information about you from other third parties if you have indicated to such third parties that you would like to hear from us.
Special categories of particularly sensitive personal information require higher levels of protection. This Non Public Information (“NPI”) may include details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union memberships, information about your health and genetic and biometric data. It may also include personally identifiable information such as your social security, tax identification, driver’s license or passport number. Depending on the circumstances, we may also collect information about criminal convictions and offenses.
We need to have further justification for collecting, storing and using this type of personal information. We process NPI in the following circumstances:
- in limited circumstances, with your explicit written consent
- where it is necessary to carry out our legal obligations or exercise rights in connection with employment
- where it is necessary for reasons of substantial public interest, such as for equal opportunities monitoring
- where it is necessary in relation to legal claims
- where it is necessary to protect your interests (or someone else’s interests) and you are not capable of giving your consent
- where you have already made the information public.
For example, we will collect NPI:
- when you apply to work for us (for diversity and equal opportunities records, to support your needs and facilitate access to our premises, and to carry out background checks);
- when you attend our events, visit our premises, or
- when we engage you for services such as tax payment and planning, litigation support, or audits.
Any information identified and classified as NPI will follow a strict set of controls assuring their confidentiality and integrity as identified in our internal information security policy.
In almost every circumstance, any NPI collected was done so as a condition of employment or as means to provide products or services requested of us. Outside of these scenarios should we have a need to collect and use this information we will request your written consent to allow us to use NPI data.
If we do request your written consent, we will provide you with full details of the information that we would like and the reason we need it, so that you can carefully consider whether you wish to consent.
Using Personal Information
We will use your information for the following purposes:
- To provide access to our client portal in a manner that is convenient and optimal, and in order to be able to carry out contracted services requested from us.
- To process and facilitate transactions and payments, and recover money owed to us (on the basis of performing our contract with you, and on the basis of our legitimate interest to recover debts due).
- To monitor your account and use of services to ensure compliance with our end-user agreements and prevent and identify unlawful content use and violations (on the basis of our legitimate interests to operate a safe and lawful business, or where we have a legal obligation to do so).
- To enable you to communicate with other website users and clients (on the basis of your consent where we have requested it, or on the basis of performing our contract with you).
- To conduct business with you or your employer, including to contact you and manage and facilitate our business relationship with you and your employer (on the basis of performing our contract with you, and our legitimate interest in running our business).
- To provide customer service and support, like dealing with inquiries or complaints about the website, which may include sharing your information with our website developer, IT support provider, and payment services provider as necessary (on the basis of performing our contract with you, our legitimate interest in providing the correct products and services to our website users, and to comply with our legal obligations).
- For recruitment, including to process any job applications you submit to us, whether directly or via an agent or recruiter including sharing your information with our third party recruitment agencies (on the basis of our legitimate interest to recruit new employees or contractors).
- To carry out marketing and let you know about our news, events, new website features products or services that we believe may interest you, including sharing your information with our marketing services providers (either on the basis of your consent where we have requested it, or our legitimate interests to provide you with marketing communications where we may lawfully do so).
- To interact with users on social media platforms (on the basis of our legitimate interest in promoting our brand and communicating with interested individuals).
- To conduct data analytics to improve our website, products/services, marketing, customer relationships and experiences (on the basis of our legitimate interests in defining types of customers for our website and services, to keep our website updated and relevant, to develop our business, to provide the right kinds of products and services to our customers, and to inform our business and marketing strategy).
- To carry out marketing research and user testing to assess the levels of satisfaction of existing and proposed products and services (on the basis of our legitimate interest in carrying out research, providing the right kinds of products and services to our customers).
- To protect, investigate, and deter against fraudulent, unauthorized, or illegal activity (on the basis of our legitimate interests to operate a safe and lawful business, or where we have a legal obligation to do so).
- To enable us to comply with our policies and procedures and enforce our legal rights, and to protect the rights, property or safety of our employees and share your information with our technical and legal advisors (on the basis of our legitimate interests to operate a safe and lawful business, or where we have a legal obligation to do so).
We will use your information for the purposes listed above either on the basis of:
- your consent (where we request it);
- performance of your contract with us and the provision of our services to you;
- where we need to comply with a legal or regulatory obligation; or
- our legitimate interests or those of a third party (see “Legitimate Interests” section below for more information).
As outlined above, in certain circumstances we may use your personal information to pursue legitimate interests of our own or those of third parties. Where we refer to our “legitimate interests”, we mean our legitimate business interests in conducting and managing our business and our relationship with you, including the legitimate interests we have specified in the previous section above.
Where we use your information for our legitimate interests, we make sure that we consider any potential impact that such use may have on you. Our legitimate interests don’t automatically override yours and we won’t use your information if we believe your interests should override ours unless we have other grounds to do so (such as your consent or a legal obligation). If you have any concerns about our processing please refer to details in the “Your Rights” Section below.
We consider your personal information to be a vital part of our relationship with you and do not sell your personal information to third parties. There are, however, certain circumstances in which we may share your personal information with certain third parties, as follows:
- Sponsors, partners and collaborators, including sponsors of our events, products or services, and organizations with whom we host co-branded events.
- Our service providers who are acting as processors and who assist us with our administrative or business functions, or in the provision of any of our products/services to you.
- Regulators and governmental bodies like the IRS, FDIC, and other authorities and regulators acting as processors or joint controllers who require reporting of processing activities in certain circumstances.
- Marketing parties which are any selected third party that you consent to our sharing your information with for marketing purposes.
- Any prospective buyer of our business or assets, only in the event that we wish to sell any part of our business or assets.
- Other third parties including legal, professional or other advisors, regulatory authorities, courts, law enforcement agencies and government agencies) where necessary to enable us to enforce our legal rights, or to protect the rights, property or safety of our employees or where such disclosure may be permitted or required by law.
We use administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personal data against loss, misuse and unauthorized access, disclosure, alteration, and destruction. Where possible, we will continue looking for opportunities to minimize the amount of personal information we hold about you. The safeguards we use include:
- ensuring the physical security of our offices, data centers, warehouses, or other sites
- ensuring the physical and digital security of our equipment and devices by using appropriate password protection and encryption
- using standard security protocols and mechanisms (such as secure socket layer (SSL) encryption) to transmit sensitive data such as credit card details
- maintaining an information security policy for, and delivering data protection guidance and training to, our employees
- limiting access to your personal information to those who need to use it in the course of their work
If you have any questions about the security of your personal information, please contact us using the methods outlined in the “About Us” section above.
We will keep your information for as long as is necessary to provide you with the services that you have requested from us or for as long as we reasonably require to retain the information for our lawful business purposes, such as for the purposes of exercising our legal rights or where we are permitted to do. We operate a data retention policy and look to find ways to reduce the amount of information we hold about you and the length of time that we need to keep it.
Please contact us using the methods outlined in the “About Us” section above if you would like to obtain details of our retention periods for different aspects of your personal data.
You can also play a part in keeping your information safe by:
- choosing a strong account password, changing it regularly, and using different passwords for different online accounts
- keeping your login and password details confidential
- logging out of the website and closing the browser each time you have finished using it, especially when using a shared computer
- informing us if you know or suspect that your account has been compromised, or if someone has accessed your account without your permission
- keeping your devices protected by using the latest version of your operating system and maintaining any necessary anti-virus software
- being vigilant to any fraudulent emails that may appear to be from us. Any emails that we send will come from an email address ending in either: @paast.com (PAAST, P.L.), @genesis-consulting.net (Genesis Systems Consulting, LLC), @systemmonitor.us (Genesis Systems Consulting, LLC)
PAAST, P.L. and Genesis Systems Consulting, LLC are both based in the United States of America. We do not currently transfer or share any information internationally with anyone. Although we transact business throughout the world and have operations, processes and systems that cross borders, our offices and our servers are located in the United States.
- If necessary for the services you have engaged us for and with your consent, we will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission;
- where we use providers based in the US, we may transfer data to them if they are part of the EU-US Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US; or
- where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe (the so-called European Commission’s Standard Contractual Clauses).
You have certain rights in respect of the information that we hold about you, including:
- the right to ask us not to process your personal data for marketing purposes
- the right to request access to the information that we hold about you
- the right to request that we correct or rectify any information that we hold about you which is out of date or incorrect
- the right to object to our using your information on the basis of our legitimate interests (refer to section 2 above to see when we are relying on our legitimate interests) (or those of a third party)) and there is something about your particular situation which makes you want to object to processing on this ground
- the right to receive a copy of any information we hold about you (or request that we transfer this to another service provider) in a structured, commonly-used, machine readable format, in certain circumstances
- in certain circumstances, the right to ask us to limit or cease processing or erase information we hold about you
- the right to lodge a complaint about us to the UK Information Commissioner’s Office (https://ico.org.uk/) as well as a right to lodge a complaint with the relevant authority in your country of work or residence
You may exercise your rights above by contacting us using the methods outlined in the “About Us” section above and we will comply with your requests unless we have a lawful reason not to do so.
In the case of preventing processing for marketing activities, you can opt out of marketing communications by following the opt-out instructions included in each newsletter or communication or by contacting us using the methods outlined in the “About Us” section above.
Although we are not currently subscribed to use either, you can opt out of Google Analytics data collection by using the tools available here, and you can also opt out of Adobe Analytics by using the tools available here.
Please note that your objection to processing (or withdrawal of any previously given consent) could mean that we are unable to provide you with our services. Even after you have chosen to withdraw your consent we may continue to process your personal information when required or permitted by law, in particular in connection with exercising and defending our legal rights, or meeting our legal and regulatory obligations.
We may need to request specific information from you to help us confirm your identity and to enable you to exercise the rights set out above. This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
You will not have to pay a fee to exercise the rights set out above. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances. We will try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
Our website is not intended for children. We do not knowingly collect or maintain the personal information of children under the age of 13, and in some jurisdictions under the age of 16. If you are under the age of 13, please do not access our website at any time or in any manner. If we learn that we have collected personal information of children under the age of 13 or 16 (as applicable), we will take appropriate steps to delete that data.
Please be responsible with personal information of others when using our website and the services available on it. We are not responsible for your misuse of personal information, or for the direct relationship between you and others that takes place outside of the website or our services.
California law requires us to let you know how we respond to web browser Do Not Track (DNT) signals. DNT is a way for users to inform websites and services that they do not want certain information about their webpage visits collected over time and across websites or online services. We do not respond to or honor DNT signals or similar mechanisms transmitted by web browsers at this time.
Please note that this Policy may change from time to time. We will not reduce your rights under this Policy without your consent. If we make any material changes we will notify you by email or by means of a notice on our corresponding websites as identified in the “About Us” section prior to the change becoming effective. You can also view prior versions of the Policy by viewing the links in section 11 below.
Our firm is a member of the American Institute of Certified Public Accountants (“AICPA”), Private Companies Practice Section of the AICPA and the Florida Institute of Certified Public Accountants.