Effective date: November 1, 2014
The DRM Institute (“DRM Institute”) – a non-profit entity and its corresponding website (the “DRM site”), has been created to facilitate a dialog and the exchange of ideas with leading business leaders, risk officers, technology and security professionals, to create best practices in the area of Digital Risk Management (“DRM”).
Information Collection and Use
You may submit and provide to us contact information, such as your name, title, company name, address, phone number, and e-mail address, and other information that may be used to identify you personally (collectively referred to as “Profile Information”) while visiting the DRM Site, to receive material such as white papers, publications and other digital content; or to complete a survey, or to become a member of the DRM Institute, and other scenarios in which you provide information to the DRM Institute. We will use this Profile Information only as directed or consented to by you, which may include: (1) to provide you with information about the expanding field of Digital Risk Management and facilitate discussion; or (2) to update you on trends and events in the category of digital risk management. Information you provide to us that does not identify you personally, such as answers to survey questions that create the DRM Scorecard, input about the industry, or other such information, may be used and disclosed by the DRM Institute or our founding sponsor and technical advisor, Waverley Labs LLC (“Technical Advisor”) for other purposes, such as generating publicly available benchmarks.
Some visitors may be asked to register to receive some of the material that is listed above separate and apart from membership (“Registered User”). Registered Users and DRM Institute members, may request from us – and we will grant such Registered Users and DRM Institute members – reasonable access to their own personal information that the DRM Institute holds about them. In addition, the DRM Institute will take reasonable steps to permit individuals to correct, amend, or delete information that is demonstrated to be inaccurate or incomplete. Please contact firstname.lastname@example.org to change your personal information gathered on the DRM Site or elsewhere this policy applies.
Please be aware that Registered Users who are also DRM Institute members may have two accounts. You may resign from DRM Institute membership and may still retain your status as a Registered User.
Additionally, at some point you may take advantage of our reserved resources. To do so, you must have a LinkedIn account. LinkedIn is not affiliated with, and does not sponsor or endorse, DRM Institute, but the reserved resources created by entities working closely with the DRM Institute are built using the LinkedIn API. We do not store your LinkedIn information when you use it and do not collect information from your LinkedIn account. All information provided to the DRM Institute is provided directly by you. The DRM Institute does not use spiders, crawlers, or illegal bots to comb information from sites.
Regardless of how you choose to interact with the DRM Site, and what information you are required to share, except as outlined here (please see the “Third Party Use” section below) or explicitly stated at the time we request the information, we do not disclose to third parties the Profile Information you provide.
Through various automated technologies, some of which are defined below, the DRM Institute may also collect certain information that does not identify you personally, such as that pertaining to web pages viewed, to analyze trends, track users’ movements, provide a better website experience and gather broad demographic information for aggregate use. This information is also used to help diagnose technical problems, and to administer the DRM Site in order to constantly improve the quality of DRM Site.
Like most websites, we use “cookies” to collect visitor information. Cookies are alphanumeric identifiers that we transfer to your computer’s hard drive through your Web browser and are used whether you’ve registered with the DRM Site or are just browsing. Cookies make it possible for us to recognize your browser when you visit the DRM Site and to tell us whether DRM Institute Members, Registered Users, and visitors have visited the DRM Site previously. If you are a DRM Institute Member or Registered User, we may link that information back to the cookie and be able to determine who you are while you are on the DRM Site. This information may be used to provide you with information about DRM, or information Waverley Labs believes to be relevant to you based on your actions on the DRM Site.
Third-Party Tracking Technologies
We use commercially reasonable efforts to comply with Federal Can-Spam laws. If you receive commercial communications from the DRM Institute via email and do not wish to further receive these communications, follow the instructions contained in the email to unsubscribe from our email server. Please note that if you unsubscribe from our email server but remain a Registered User or DRM Institute Member, you will continue to receive updates that are administrative in nature. If you receive a phone solicitation from one of our authorized third parties based upon information you provided, you may tell that individual you do not wish to receive further calls.
The Technical Advisor manages the operations of the DRM Institute. As such, the Profile Information you provide will be accessible by the Technical Advisor. It’s use will be governed by this policy. The Technical Advisor will not use Profile Information other than as directed or consented to by you and will not contact you unless you specifically consent to such contact. Additionally, we may use third party subcontractors, affiliated with DRM Institute through contract, to provide services to the DRM Institute, which may involve incidental access to Profile Information. We make commercially reasonable efforts to ensure that any third party contracted to receive personal information provided by our Registered Users and DRM Institute members transferred to third parties are governed by this Policy. These companies are authorized to use your personal information only as necessary to provide these services to us and may not otherwise use your personal information unless separately consented to by you.
Third Party Requests
We respond to subpoenas, court orders, or legal process, or to establish or exercise our legal rights or defend against legal claims;
Blogs/Chat Rooms/Public Forum Features
The DRM Site may make available various public or semi-private forum features that allow you to post unsolicited information. Should you choose to engage in any forum offered on the DRM Site, be aware that information you submit may be read by third parties and used outside of our control. To request removal of your personal information from our blog, contact us at email@example.com. In some cases, we may not be able to remove information, in which case we will let you know if we are unable to do so and why.
We follow generally accepted industry standards to protect the personal information submitted to us, both during transmission and once we receive information. No method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee its absolute security.