Last Update: 08 Apr 2019
Although you do not have to provide any of your personal information to us, if we ask you to do so and you refuse, we may be unable to provide you with the information, goods, or services you want from us.
OPSWAT complies with the EU-U.S and Swiss-U.S. Privacy Shield Frameworks which were designed by the US Department of Commerce and the European Commission and Swiss Administration to provide companies on both sides of the Atlantic with a mechanism to comply with data protection requirements when transferring personal data from the European Union and Switzerland to the United States in support of transatlantic commerce and with REGULATION (EU) 2016/679 of the European Parliament and of the council (GDPR).
OPSWAT has certified that it adheres to the Privacy Shield. To learn more about Privacy Shield please visit www.privacyshield.gov and to view our certification, please visit https://www.privacyshield.gov/.
Personal information (personal data) is anything that enables you to be identified or identifiable including but not limited to:
First and last name
Email address, postal and IP addresses
National identification/social security and national insurance numbers
Job titles and occupation
Any contact information
We do not intend to collect special category (also known as sensitive) personal information through our website(s) (unless we are legally required to do so). Examples of special category information are: race or ethnic origin; political opinions; religious or philosophical beliefs; trade union membership; physical or mental health; genetic data; biometric data; sexual life or sexual orientation; and criminal records.
We ask that you do not provide us with special category personal information when using Contact Us.
Cookies and similar technologies
Rights in relation to your information
You have the following rights regarding your Personal Data which you can invoke by going to https://go.opswat.com/myuserright and following the steps described there:
1. Right of Access.
You have the right to access your Personal Data that we hold about you, i.e. the right to require free of charge:
information whether your Personal Data is retained,
access to duplicates of the Personal Data retained,
Upon your request, along with a duplicate of the data we retained, we will provide you information related to – purpose of the processing, personal data we collect, entities to which we transferred them, time we keep your Personal Data, if possible, and the criteria we used to decide the period, your rights as European Union Citizen, unless the data was collected directly from you, the source of the data, and whether there is an automated decisional process,
If the effort of identifying data may be too much, or it may infringe the rights of other people, we have the right to refuse your request, in which case You may file a complaint with a supervisory authority or invoke a dispute resolution process as described below.
2. Right to Rectification.
When we process your Personal Data, we shall try to ensure that your Personal Data is accurate and up-to-date for the purposes for which it was collected. If your Personal Data is inaccurate or incomplete, you can change the information.
3. Right to suspend the processing
You have the right to request the termination of the processing with or without deletion of the data we have collected where one of the following applies:
the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data;
the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead;
the controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defense of legal claims;
the data subject has objected to processing pursuant to Article 21(1) pending the verification whether the legitimate grounds of the controller override those of the data subject.
4. Right to data portability
You have the right to receive the Personal Data concerning you, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance us.
5. Right to delete.
You have the right to obtain deletion by us of Personal Data concerning you.
If we delete your Personal Data, you may lose access to OPSWAT services which require creation and registration with us of a user account ("User Account") by you.
In some cases, deletion of Personal Data used to create the User Account, is complicated. Namely, if your User Account has a commercial business relationship with OPSWAT (in other words, a relationship where you are making payments to us or we are making payments to you), you will only be able to obtain deletion by us your Personal Data after you and OPSWAT have dissolved the commercial business relationship associated to that User Account. In some cases, considering the complexity and number of the requests, the period of time we take to delete your Personal Data may be extended, but for no longer than two further months after the dissolution of the commercial business relationship.
6. Right to Object.
When our processing of your Personal Data is based on legitimate interests according to Article 6(1)(f) of the GDPR, you have the right to object to this processing. If you object we will no longer process your Personal Data unless there are compelling and prevailing legitimate grounds for the processing as described in Article 21 of the GDPR; in particular, if the data is necessary for the establishment, exercise or defense of legal requirements.
You also have the right to lodge a complaint at a supervisory authority.
Our lead supervisory authority is the Romanian Data Protection Agency which may be contacted at:
Autorității Naționale de Supraveghere a Datelor cu Caracter Personal
B-dul G-ral. Gheorghe Magheru 28-30, sector 1, 010336, București,
Phones: +40.318.059.211, +40.318.059.212
You can also contact our data protection officer at the address below. Our European representative for data protection questions is:
OPSWAT Romania SRL
Again, if you would like to exercise these rights or determine what, if any, personal information we have about you, please go to https://go.opswat.com/myuserright and follow the steps as described.
Automated decision making
We will not use your personal information for automated decision making or profiling.
We understand the importance of protecting children's privacy and we never knowingly collect personal information about individuals under the age of 16. We adhere to laws regarding marketing to children.
Data We Collect / How We Use Your Data / Sharing of Your Data With Service Providers / Your Choices / Data Retention Policies With Respect To Contact Us
Data We Collect
How We Use Your Data
Service Providers With Which We Share Data
Data is retained for 26 months.
The third-party service providers identified above may use their own third-party subcontractors who have access to personal data (sub-processors). It is our policy to use only third-party providers that are bound to maintain appropriate levels of security and confidentiality, to process personal information only as instructed by us, and to flow those same obligations down to their sub-processors.
OPSWAT may disclose personal information to third parties under the following circumstances:
When explicitly requested by you
We may also disclose your personal information to law enforcement, regulatory and other government agencies, and to professional bodies and other third parties as required by and/or in accordance with applicable laws or regulations. This includes disclosures outside the country where you are located.
Finally, we will disclose personal information if required in urgent circumstances, to protect the personal safety of individuals or the general public, or to maintain the uptime or stability of Contact Us.
Security of personal information
Taking into account the state of the art, the costs of implementation, and the nature, scope, context, and purposes of processing your personal information, we have implemented technical and organizational measures to ensure a level of security appropriate to the risk of unauthorized or unlawful processing of personal data. These measures also help us guard against accidental loss, destruction of, or damage to personal data.
Only authorized persons are provided access to the personally identifiable information we have collected, and such individuals have agreed to maintain the confidentiality of this information.
We safeguard the security of the personal information provided to us with physical, electronic, and managerial procedures. Inside OPSWAT, data is stored in secure and controlled servers with limited access.
Where we share your personal information with third-party providers, they may use subcontractors that have access to your personal data (sub-processors). It is our policy to use only third-party providers that are bound to maintain appropriate levels of security and confidentiality, to process personal information only as instructed by us, and to flow those same obligations down to their sub-processors.
Note that your information may be stored and processed in the United States or any other country where OPSWAT, its subsidiaries, or service providers are located.
If you create a User Account to use services associated with Contact Us, we will retain your personal information while the User Account you’ve created remains active. We will also retain your information for as long as we have a legitimate business purpose to do so, and thereafter, for no longer than is required or permitted by law. This includes data you or others have provided to us, as well as data generated or inferred from your use of Contact Us .
Contacting OPSWAT and Privacy Shield dispute resolution
In compliance with the Privacy Shield Principles, OPSWAT, Inc. commits to resolve complaints about our collection, use, or sharing of your personal information. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact OPSWAT, Inc. by either going to https://go.opswat.com/myuserright or sending postal mail to: OPSWAT, P.O. Box 77878, San Francisco, CA, 94103.
OPSWAT, Inc. has further committed to refer unresolved Privacy Shield complaints to JAMs, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact or visit https://www.jamsadr.com/ or https://www.jamsadr.com/eu-us-privacy-shield for more information or to file a complaint. The services of JAMs are provided at no cost to you.
Further, OPSWAT, Inc. is subject to the investigatory and enforcement powers of the United States Federal Trade Commission (FTC).
And importantly, OPSWAT remains responsible for any onward transfer of your personal information to third parties including, for example, third parties performing external processing your personal information on our behalf, as identified in the “Sharing of Your Data with Service Providers” section.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily by any of the above described methods, please contact:
In UK: The Information Commissioner Office (ICO). The ICO can be contacted by the following means:
Telephone: 0303 123 1113 (local rate – calls to this number cost the same as calls to 01 or 02 numbers).
Post: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire
In Romania: The National Supervisory Authority for Personal Data Processing of Romania (http://www.dataprotection.ro/)
In Switzerland: The Swiss Federal Data Protection and Information Commissioner (https://www.edoeb.admin.ch/edoeb/en/home/the-fdpic/task.html).