Privacy Policy

Introduction

RiverStar provides customer service solutions to companies that need it. This includes development software used to develop applications to facilitate customer service, professional services (PS) work to develop custom web applications using that tool, and hosting of web applications developed by our customers or PS team. These custom web applications in turn sometimes collect personal information of our customer’s customers.

This privacy policy outlines our involvement in safe­guarding the privacy of these participants.

Our privacy policy has the intent to follow all applicable EU privacy laws. In doing so, we participate in the Privacy Shield program, a US Department of Commerce program that helps U.S. Organizations maintain compliance with EU privacy laws. To learn more about the Privacy Shield program, and to view RiverStar’s certification, please visit https://www.privacyshield.gov

RiverStar as a hosting provider

In a hosting context, RiverStar never shares hosted data with third parties unless required to by law, for example a court order. Responsibility for implementation of privacy policy to end customers rests with the developers of the web application hosted by us. RiverStar will take reasonable precautions to protect data at the server level from loss, misuse and unauthorized access, disclosure, alteration and destruction.

Custom Solutions developed by our Professional Services team

In a PS context we may be (partially or fully) developing the web application. In this case, we follow directives from our customer regarding privacy issues. We actively work with our customer to ensure that the U.S.­EU Privacy Shield Principles are followed in their environment if either:

  1. The customer is based in the EU
  2. The customer has specifically asked us to (if, for example, they also subscribe to the U.S.­EU Privacy Shield Privacy Principles)

U.S.­EU Privacy Shield Principles

Below we describe the Privacy Shield Principles that the RiverStar PS team uses when helping a customer comply with EU privacy regulations:

Notice

RiverStar will work with our customers to notify individuals about the purposes for which they collect and use information about them. This includes information about how individuals can contact the organization with any inquiries or complaints, the types of third parties to which it discloses the information and the choices and means the organization offers for limiting its use and disclosure.

Choice

RiverStar will work with our customers to give individuals the opportunity to choose (opt out) whether their personal information will be disclosed to a third party or used for a purpose incompatible with the purpose for which it was originally collected or subsequently authorized by the individual. For sensitive information, affirmative or explicit (opt in) choice will be given if the information is to be disclosed to a third party or used for a purpose other than its original purpose or the purpose authorized subsequently by the individual.

Onward Transfer (Transfers to Third Parties)

RiverStar will only provide onward transfer to third parties directly requested by our customer.  We will work with our customer to ensure that notice and choice principles are followed. We will also remind our customer of onward transfer requirements if we are a part of selecting third parties.

Access

RiverStar will help our customers satisfy access requirements under US­EU privacy principles. Individuals must have access to personal information about them that an organization holds and be able to correct, amend, or delete that information where it is inaccurate, except where the burden or expense of providing access would be disproportionate to the risks to the individual’s privacy in the case in question, or where the rights of persons other than the individual would be violated.

Security

RiverStar will take reasonable precautions to protect personal information from loss, misuse and unauthorized access, disclosure, alteration and destruction.

Data Integrity

RiverStar will help our customers satisfy Data Integrity requirements under the U.S.­EU Privacy Principles. Personal information must be relevant for the purposes for which it is to be used. An organization should take reasonable steps to ensure that data is reliable for its intended use, accurate, complete, and current.

Enforcement

RiverStar uses a self­-assessment approach to assure compliance with this privacy policy and periodically verifies that the policy is accurate, comprehensive for the information intended to be covered, prominently displayed, and completely implemented and accessible in conformity with the Principles. We encourage interested persons to raise any concerns using the contact information provided and we will investigate and attempt to resolve any complaints and disputes regarding use and disclosure of Personal Information in accordance with the Principles.  If a complaint or dispute cannot be resolved through our internal process, we agree to dispute resolution using BBB EU Privacy Shield as a third party resolution provider.

Amendments

This privacy policy may be amended from time to time consistent with the requirements of the Privacy Shield. We will post any revised policy on this website.

Contact Information

Questions, comments or complaints regarding RiverStar’s Privacy Shield Policy can be mailed or emailed to:

RiverStar Software

Attn: Security Officer
20 Danada Square West
Suite 260
Wheaton, IL 60189
security@riverstar.com

Privacy Complaints by European Union Citizens:

In compliance with the U.S.­EU Privacy Shield Principles, RiverStar commits to resolve complaints about your privacy and our collection or use of your personal information. European Union citizens with inquiries or complaints regarding this privacy policy should first contact RiverStar at:

RiverStar Software
Attn: Security Officer
20 Danada Square West
Suite 260
Wheaton, IL 60189
security@riverstar.com
RiverStar has further committed to refer unresolved privacy complaints under the U.S.­EU Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed by RiverStar, please visit the BBB EU PRIVACY SHIELD web site at https://www.bbb.org/EU-privacy-shield/file-a-complaint/ for more information and to file a complaint.

Contact Us

Ready to get started? Want to learn more? Either way, we want to hear from you.

MAILING ADDRESS

20 Danada Square West Suite 260 Wheaton, Illinois 60189