Book&Ver and its global affiliates and subsidiaries (collectively, “Book&Ver”) value your privacy. This Privacy Policy (“Policy”) describes how Book&Ver, stores, uses, and discloses your Personal Data. This Policy is issued on behalf of Book&Ver, so a reference to “we”, “us”, or “our” in this Policy is a reference to the relevant company in Book&Ver that is responsible for processing your Personal Data.
Additional privacy information may be provided in offer descriptions, contractual terms, supplemental privacy statements or notices provided prior to or at the time of data collection. Certain Book&Ver products and services may have additional specific privacy notices. In case of conflict, such specific privacy notices shall derogate from this general policy.
Please note that this Policy only governs Book&Ver collection and processing of your Personal Data in the context of your direct interactions with Book&Ver as an individual Data Subject. Where you are the end-user of a Book&Ver procured by your Organization, then your Organization’s own privacy policy is applicable to your use of that Product, and Book&Ver will process your Personal Data in that context pursuant to the terms of the Data Processing Agreement in place between your Organization and Book&Ver.
What Information Do We Collect About You and Why?
We may ask you to provide us with Personal Data about yourself in order to provide services to you. If you choose not to provide Personal Data that we have asked for, it may delay or prevent us from providing services to you. “Personal Data” means any information relating to an identified or identifiable individual (including “Personal Information” in the meaning of the California Consumer Privacy Act, “CCPA”, as defined in Subdivision (o) of the California Civil Code § 1798.140) We may collect the following different categories of Personal Data about you:
- personal and business identifiers and contact information such as name, job title, company name, contact, shipping and billing information, phone number, email address;
- internet or other electronic network activity, i.e. technical data such as domain name, browser type and operating system, web pages you view;
- links you click; your device’s IP address;
- login data e.g. username, account number, password; the length of time you visit our Site and/or use our services;
- the URL or the webpage that led you to our Site;
- performance and usage data about your use of our products and services;
- data you provide to us to receive technical assistance or during customer service interactions;
- your personal or professional interests, demographics, experience with our products and contact preferences;
- and commercial information, i.e. transactional data including credit card and payment data, transaction history.
Personal Data may be required to determine access eligibility for certain restricted parts of our Site or services. Personal Data about you collected on-line may be combined with information provided off-line or collected from trusted third party sources.
Information We Collect Directly From You or a Third Party. We collect Personal Data about you when you visit our website (“Site”), register or subscribe for our services, order our products or services, create an account on our Site, request marketing or publications to be sent to you, give us feedback on our services or our Site. We also may collect Personal Data about you from third party sources, such as someone authorized by you to act on your behalf, third party services that you use that utilize or interact with our services, or where Personal Data has been provided by you at an event. We may also collect your Personal Data from other sources as and when permitted by applicable laws, such as public databases, joint marketing partners, and social media platforms.
Information We Collect Automatically, including via Cookies and Similar Tracking Technologies. We may automatically collect information about your use of our Site or services through cookies, web beacons, and other technologies. We may combine this information with other information that we have collected about you such as your user name. Please see our Cookie Policy at the link below for more information.
How Do We Use Your Information?
We use the information collected about you as appropriate and relevant for the following commercial purposes:
- to register you as a new customer;
- to enable you to order products or services, download software updates; to provide services to you, including programs, online services and customer support;
- to allow you to make requests, and register for customized communications programs;
- to customize the content and information that we may send or display to you to administer the careers portion of the Site and process your job application;
- for marketing and promotional purposes;
- to assist us in advertising our products and services on third party websites;
We use the information collected about you as appropriate and relevant for the following business purposes:
- to better understand how users access and use our Site, products, and services and for other research and analytical purposes, including data analysis, audits, fraud monitoring and prevention, developing new products, enhancing, improving or modifying our Site, identifying usage trends, determining the effectiveness of our promotional campaigns and operating and expanding our business activities;
- to manage our relationship with you which will include notifying you about changes to our terms or this Policy;
- as we determine it to be necessary and appropriate, including:
- under applicable law, including laws outside your country of residence;
- to comply with legal process;
- to enforce our terms and conditions;
- to protect our operations or those of any of our affiliates;
- to defend our legal claims;
- to protect our rights, privacy, safety, security, property, and/or that of our affiliates, you or others.
We will only process any special categories of Personal Data (“Sensitive Personal Data”) relating to you for specific purposes outlined above or in relevant supplemental notices, because either: 1. You have given us your explicit consent to process that information; or 2. The processing is necessary to carry out our obligations under employment, social security or social protection law; 3. The processing is necessary for the establishment, exercise or defense of legal claims; or 4. You have made the information public.
Legal Basis of Processing
In order to collect, use and otherwise process your Personal Data for the above listed commercial and business purposes, we may rely on the following legal bases as appropriate and relevant in the specific context:
Our legitimate interest in providing its websites and making the Services available to you, provided our interest is not outweighed by the risk of harm to your rights and freedoms.
Your consent, where we have obtained your consent to process your Personal Data for certain activities. You may withdraw your consent at any time by using the contextual preference tools available in the communications or in the user interfaces of the products and services we provide to you. Absent those, please contact us as explained below. However, please note that your withdrawal of consent will not affect the lawfulness of any use of your Personal Data by Book&Ver based on your consent prior to withdrawal.
To fulfill any contractual obligations, such as where you have purchased a product or service from Book&Ver. For example, we may require your contact details in order to deliver your order if you have purchased a product from us.
For compliance with Book&Ver legal obligations where applicable laws require us to process your Personal Data.
If you have any questions or would like more information regarding the legal basis on which we collect your Personal Data, please review the supplemental privacy notice(s) of the products or services concerned, or contact us as explained below.
The Personal Data we process for the prevention of Fraudulent Payment Transactions include, without limitation:
- Information related to electronic means of payment and related entitlements;
- Information related to electronic payment transactions;
- Contextual signals and indicators of suspected fraud;
- Verification information to confirm or dispel suspected fraud;
- and Evidence of suspected, detected and/or confirmed fraud.
The Personal Data we process for network and information security purposes include, without limitation, network traffic data related to Cyber-Threats such as:
- sender email addresses (e.g., of sources of SPAM);
- recipient email addresses (e.g., of victims of targeted email cyberattacks);
- reply-to email addresses (e.g., as configured by cybercriminals sending malicious email);
- filenames and execution paths (e.g., of malicious or otherwise harmful executable files attached to emails);
- URLs and associated page titles (e.g., of web pages broadcasting or hosting malicious or otherwise harmful contents);
- and/or IP addresses (e.g., of web servers and connected devices involved in the generation, distribution, conveyance, hosting, caching or other storage of Cyber-Threats such as malicious or otherwise harmful contents).
Depending on the context in which such data is collected, it may contain Personal Data concerning you or any other data subjects. However, in such cases, we will process the data concerned only to the extent strictly necessary and proportionate to the purposes of detecting, blocking, reporting and mitigating the Fraudulent Payment Transaction or Cyber-Threat of concern to you, and to all organizations relying on our products and services to secure their payment transactions, and information networks and systems. When processing Personal Data in this context, we will only seek to identify data subjects:
to the extent that it is an inherent part to the services that our customers hire us to perform for them, and as such it is strictly indispensable to the prevention of the fraud and/or the remediation of the Cyber-Threat concerned, or if and as required by law.
If you believe that your Personal Data was unduly collected or is unduly processed by Book&Ver for such purposes, please refer to the “Your Rights” and “Contact Us” sections below. Please be aware that if it is determined that Personal Data concerning you is processed by Book&Ver because it is critical for the prevention of Fraudulent Payment Transactions, or the detection, blocking or mitigation of Cyber-Threats, then in certain cases the legitimate interest to pursue such processing may be compelling enough to override access, objection, rectification or erasure requests related to the data concerned.
Automated Individual Decision-Making And Profiling
Where Book&Ver processes payment transaction security or network traffic data for the purpose of fraud prevention, respectively network and information security, automated decisions concerning particular payment transactions or cyber events may occasionally be made. This could involve in particular assigning relative payment fraud risk, respectively cybersecurity risk scores to ongoing or recent payment transactions, information network activities or system behaviors. Such automatically-assigned risk scores may be leveraged by you, by Book&Ver, by our partners and by other customers to detect, block and mitigate the detected Fraudulent Payment Transaction or Cyber-Threat. They could therefore result in said partners and customers blocking payment transactions they deem to be fraudulent, halting network traffic coming from or going to suspected or known malicious addresses. Such processing is not intended to produce any other effect than protecting you, Book&Ver, our partners and our other customers from fraudulent payment transactions, respectively Cyber-Threats. Should you nevertheless consider that such automated processing is unduly affecting you in a significant way, please contact directly the relevant data controller whose use of our products and services is thus impacting you. In case that data controller is Book&Ver, please refer to the “Your Privacy Rights” and “Contact Us” sections of this Policy to raise your concerns and to seek our help in finding a satisfactory solution.
To Whom Do We Disclose Your Information And Why?
Broadcom does not sell or share, within the meaning of the California Privacy Rights Act, your personal information. We only disclose your information as described in this Policy. Book&Ver processes your information for the purposes described in this policy, which include the above-listed commercial and business purposes in the meaning of the CCPA (see the “How Do We Use Your Information?” section above). We may disclose Personal Data collected about you as follows:
Book&Ver Users. Your user name and any information that you post to our Site, including, without limitation, reviews, comments, pictures and text will be available to, and searchable by, all users of the Site.
Affiliates or Subsidiaries. Data we collect from you may be disclosed to our affiliates or subsidiaries.
Unaffiliated Third Parties. Certain data about you may be disclosed to select resellers and/or distributors, particularly if you or your company have purchased through a third party before.
Service Providers. Data we collect from you may be disclosed to third party vendors, service providers, contractors or agents who perform functions on our behalf. We may disclose aggregate or de-identified information about users to third parties for marketing, advertising, research, or similar purposes.
Please be advised that personal data collected through and for the purposes of user-requested alerts and service notifications, including and not limited to short code text messages in the U.S. and Canada, will not be disclosed, shared, sold or rented to any affiliated or unaffiliated third parties for marketing purposes.
Business Transfers. Data we have collected from you may be transferred to another company as part of a merger or acquisition by that company.
If we disclose your Personal Data, to the extent reasonably practicable and permissible, we will require its recipients to comply with adequate privacy and confidentiality requirements, and security standards.
When you visit a Book&Ver website, third party targeting cookies, if any, will only be present if that is in accordance with our Cookie Policy, and in line with your cookie choices. If you do not wis Book&Ver to sell or share your data in the meaning of the California Privacy Rights Act with such third parties, you may use the Do Not Sell or Share button available in the website’s cookie management tool at any time.
What About Links To Other Websites?
Our Site and services may contain links to third party websites for your convenience. Any access to and use of such linked websites will cause you to leave the Site. Third party websites, even if potentially serving content co-branded by Book&Ver, are not governed by this Policy, but instead are governed by their own privacy statements/policies. We recommend that you check the privacy statements/policies of every third party website you visit before providing any Personal Data. We do not control those third party websites and are not responsible for their content or their privacy policies. Thus, we do not endorse or make any legal representations about them. If you decide to access any of the third party websites linked to our Site, you do so entirely at your own risk.
How Do We Secure Your Personal Data?
We have implemented administrative, technical, physical, electronic, and managerial procedures to safeguard and secure the information we collect from loss, misuse, unauthorized access, disclosure, alteration, and destruction and to help maintain data accuracy and ensure that your Personal Data is used appropriately. Book&Ver has an internal Global Customer Privacy Program. Its charter is to ensure appropriate privacy processes are in place in order to meet the practices outlined herein. Where Personal Data is processed by service providers on behalf of Book&Ver, we take steps to require those vendors to also comply with applicable data protection laws.
How Long Do We Retain Your Personal Data?
We will retain your Personal Data for the period necessary to fulfill the purposes outlined in this Policy and/or in applicable supplemental notices, unless a longer retention period is required by law.
Your Rights
Depending on where you live, you may have the following rights described below with respect to your Personal Data. In particular if the California Privacy Rigths Act (CPRA) applies to your information, we provide these disclosures and the tools described in this Policy so you can exercise your rights to receive information about our data practices, as well as to request access to and deletion of your information. To exercise your rights, you may:
- make use of the self-serve tools available in the products or services you are using;
- submit your privacy request via the Request Intake Form;
- or contact your customer support representative.
It is our legal obligation to validate any request we receive before responding. The Request Intake Form linked above is specifically designed to ensure reliable and auditable request validation. Therefore we will not respond to requests that are not submitted and cannot be validated through this channel. If it is impossible for you to use any of the methods listed above, please contact the Privacy Office as indicated below to find a resolution.
Email and Marketing. In most instances, we give you options with regard to the Personal Data you provide, including choices with respect to marketing materials. You may manage your receipt of marketing and non-transactional communications by: (i) clicking on the “unsubscribe” link located at the bottom of marketing emails; or (ii) checking certain boxes on our preference center which can also be found on certain forms we use to collect Personal Data.
Access. You may request information regarding Personal Data that we collect and hold about you and the source(s) of that information. To access your Personal Data, return to the product, service or web page where you originally entered it and follow the instructions in your user interface or on that web page. If you cannot access your information in this way, please submit your request through the appropriate Request Intake Portal indicated above. If none of these options applies, please contact us as described in the “How Can You Contact Us?” section below.
Please note that copies of information that you have updated, modified or deleted may remain viewable in cached and archived pages particularly of the Site for a limited period of time. If you request a change to or deletion of your Personal Data, please note that we may still need to retain certain information for record-keeping purposes, and/or to complete any transactions that you began prior to requesting such change or deletion (e.g., when you make a purchase, you may not be able to change or delete the Personal Data provided until after the completion of such purchase). Some of your information may also remain within our systems and other records where necessary for compliance with applicable law.
You can request a copy of any Personal Data we hold about you, and of which you don’t already have a copy. This service is usually free of charge, although we have the right to charge a ‘reasonable fee’ in some circumstances;
Rectification. You have the right to request that we rectify any inaccuracies in relation to the Personal Data we hold about you;
Erasure. In some circumstances, you have the right to request the erasure of your Personal Data or object to the further processing of your information;
Restriction of Processing. In some circumstances, you have the right to require us to restrict processing of your Personal Data;
Objection. You have the right to object to any direct marketing or to other processing of your Personal Data based on our or on third parties’ legitimate interests, unless such interests are compelling enough to override your objection;
Not to be discriminated against for exercising any of your other privacy rights. You may exercise any of your rights in this section without us discriminating against you in any way. Note however that you may be subject to differentiated treatment if and to the extent that the exercise of your rights materially impacts our ability to provide certain services to you (e.g. if you request the deletion of your account information or access credentials, then we may no longer be able to grant you access to restricted areas of our websites). Such differentiated treatment is objectively justified and does not constitute discrimination.
Withdraw Consent. You have the right to withdraw consent to us processing your Personal Data. This will not affect the processing already carried out with your consent;
Not to be subject to decisions based on automated processing. In some circumstances, you have the right not to be subject to decisions based solely on automated processing, and to obtain the human review of any such decisions that significantly affect you (please refer to the earlier section on automated decision making);
Complain. You have the right to lodge a complaint with a supervisory authority. We would, however, appreciate the chance to deal with your concerns before you approach our supervisory authority so please contact us in the first instance.
Competent Supervisory Authorities. We are a business that operates various activities across a number of jurisdictions.
What Choices Do You Have Regarding Our Use Of Your Personal Data?
We will not use or disclose your Personal Data in ways unrelated to the ones described above without first notifying you and offering a choice, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. Please note that we may process your Personal Data without your knowledge or consent where it is required, or to the extent it is permitted by law.
We will also provide you the opportunity to let us know if you wish to opt out at any time of certain or all contact from us, and we will do our utmost reasonably to honor such requests. This choice will be offered at the bottom of our on-line or off-line communications to you as well as on many of our web registration pages. If you have any difficulty exercising your choices, please contact us.
How Can You Contact Us?
You may exercise your access rights as described in the “Your Rights” section above, as well as by visiting our Data Subject Request Intake portals referenced above.
What About Children?
We do not knowingly collect Personal Data relating to children. If you believe that we may have collected Personal Data from someone under the age of thirteen (13), or under the applicable age of consent in your country, without parental consent, please let us know using the methods described in the Contact Us section and we will take appropriate measures to investigate and address the issue promptly.
What About Changes To This Privacy Policy?
This Privacy Policy is current as of the Effective Date set forth above. We may change this Policy from time to time, so please be sure to check back periodically. We will post any changes to this Policy on our Site. If we make any changes to this Policy that materially affect our practices with regard to the Personal Data we have previously collected from you, we will endeavor to provide you with notice in advance of such change by highlighting the change on our Site, or by sending you an e-mail message to the e-mail address you have provided.