To make use of certain features on our site (such as requesting a tour or program demo) visitors need to register and to provide certain information as part of the registration process. The information you supply will help us to contact you and to tailor our site tours to your interests and make them more useful to you.
Other Methods of Collecting Information
Our web pages may contain electronic images (called "single-pixel GIFs" or "web beacons") that allow us, and our vendors to count users who have visited pages or to access certain cookies. We may use these tools and other technologies to recognize which pages users visit, and which links they click on.
Browser Level Information and IP Addresses
Our web servers automatically collect limited information about your computer configuration when you visit our site, including the type of browser software you use, the operating system you're running, the resolution of your computer monitor, the website that referred you, and your IP address. (Your IP address is a numerical address that is used by computers connected to the Internet to identify your computer so that data (such as the web pages you want to view) can be transmitted to you. We also use IP address information for systems administration and troubleshooting purposes. Your IP address does not tell us who you are.) We use this information to deliver our web pages to you upon request, to tailor our site to the interests of our users, and to measure traffic within our site.
Use and Transfer to Third Parties (Vendors and Suppliers)
Without your permission, we will not share or sell the personally identifiable information you provide when registering on any of our sites with any of our vendors or suppliers, except as may be required in response to legal requests by public authorities, to meet national security or law enforcement requirements.
The disclosure of any PII in conjunction with Online Rewards’ corporate site or any client program sites is restricted to necessary functions only and is limited to the least amount of information necessary for our vendors and suppliers to perform its role effectively. For example, a program participant’s name and address may be required to be shared with a third-party shipping/fulfillment supplier. Information will not be disclosed to any vendor or supplier unless that third party entity has entered into a written agreement requiring strict privacy and security policies in place with Online Rewards.
Much of the information we collect is in the form of aggregated statistics, such as the traffic that visits various pages within our sites, and the habits and preferences of our audience. Such aggregated information does not include any information that would identify you personally. We may use such aggregated information and disclose it to third parties as we see fit.
Sites to Which We Link
Our sites may contain links or references to third-party websites, products, or services. Information collected by third parties is governed by their own privacy policies.
In the event of reorganization, merger, or sale, we may transfer any and all personal information to the relevant third party.
Clients may provide access to their program site to authorized internal individuals to perform administrative functions which may have access to participant PII. Assigned client program administrators will only have access to their assigned program and will not have any access to any other client’s data. Clients shall be held responsible for ensuring that their assigned program administrators that access the system complete will of Terms and Conditions of use set forth by Online Rewards and the client themselves. Each client may discontinue or suspend access to the system by any individual if discovery is made or there is reason to believe that said individual has violated the Terms and Conditions of Use or is otherwise using the system in an inappropriate manner.
Opt-In / Opt-Out Policies
Upon either completing a ‘Tour Request’ or ‘Contact Us’ online form on our corporate website or registering in one of our client program sites, an individual has the right to ‘opt-in’ to receive email notifications about Online Rewards or information pertaining to the program they are in. Should the individual wish to opt-out after voluntarily electing to receive email notifications, they may do so through the unsubscribe link contained directly within each electronic communication.
Individuals also have the right to ‘opt-out’ of their PII being transferred to third parties as necessary within the client program site, but the experience and/or participation in the program may then become limited.
Individual Access / Right to Change PII
Within client program sites, individuals can access their PII to review, chance or delete portions of their information via their account interface by utilizing their login credentials. Examples of PII that individuals can change may include shipping address information, email address, password, password security question/answer, and communication opt-in/opt-out preferences. Should PII data be communicated to Online Rewards through the client directly (i.e. unique account ID, first name, last name), changes would need to be requested by the individual to the client program administrator.
Information gathered on our corporate site (through the ‘Tour Request’ or ‘Contact Us’ online forms) is stored within third party database operated by SalesForce.com with servers located solely in the US. For more information, as to SalesForce.com privacy policies, please go to: http://www.salesforce.com/company/privacy/
For hosting of client program websites, Online Rewards uses Amazon Web Services (AWS). AWS’s privacy policies can be found at: https://aws.amazon.com/compliance/data-privacy-faq/ Amazon Web Services data centers are hosted at multiple locations across the US and are ISO 27001 certified and is a PCI DSS Level 1 Service Provider.
We take appropriate security measures to protect against unauthorized access to or unauthorized alteration, disclosure or destruction of data. These include internal reviews of our data collection, storage and processing practices and security measures, as well as physical security measures to guard against unauthorized access to systems where we store personal data.
Online Rewards recognizes all data for individual client-owned programs are the property of each respective client. All PII is treated as confidential information. All client PII data is stored in its own database, which is only accessible to Online Rewards’ staff that have been trained in accordance with strict security protocols.
Data transmissions in and out of each client program is encrypted, via VPN, over SSL. All data can be encrypted during transmission and stored as encrypted / uniquely contained data, only accessible to each client’s application exclusively. Database backups are encrypted in-transit with TLS/1.2 (see http://tools.ietf.org/html/rfc5246) and at-rest with AES-256 (see http://aesencryption.net/). Backed-up data is stored with Amazon S3/Glacier.
We restrict access to personal information to Online Rewards employees, contractors and agents who need to know that information in order to operate, develop or improve our services. These individuals are bound by confidentiality obligations and may be subject to discipline, including termination and criminal prosecution, if they fail to meet these obligations.
Attn.: Policy and Procedures
100 North Central Expressway
Richardson, TX 75080
When we receive formal written complaints at this address, it is Online Rewards' policy to contact the complaining user regarding his or her concerns. We will cooperate with the appropriate regulatory authorities, including local data protection authorities, to resolve any complaints regarding the transfer of personal data that cannot be resolved between Online Rewards and an individual.
Online Rewards has adopted this Privacy Shield Policy ("Policy") to establish and maintain an adequate level of Personal Data privacy protection. This Policy applies to the processing of Personal Data that Online Rewards obtains from clients located in the European Union and Switzerland.
Personal information regarding and/or received from clients is also subject to any specific agreement with, or notice to, the client, as well as additional applicable laws and professional standards.
In accordance to the EU-U.S. Privacy Shield principles, Online Rewards has a liability in cases of onward transfers to third parties and complies with the Notice and Choice principles for all data disclosed or transferred to a third party.
The Federal Trade Commission (FTC) has jurisdiction over Online Rewards’ compliance with the Privacy Shield. Online Rewards submits to being subject to the investigatory and enforcement powers of the Federal Trade Commission, the Department of Transportation, or any other U.S. authorized statutory body with regard to our self-certification and implementation of the principles. Online Rewards acknowledges the possibility, under certain conditions, for individuals to invoke binding arbitration in filing a complaint disputing Online Rewards’ adherence to these principles and practices. Individuals may invoke binding arbitration at no cost to the individual.
To learn more about the Privacy Shield program, and to view Online Rewards' certification, please visit http://www.privacyshield.gov
Changes to Our Privacy Policies
Online Rewards reserves the right to change our privacy policies at any time by providing updated information on this page. This policy was last modified on January 4, 2017.