In compliance with Regulation (EU) 2016/679, General Data Protection Regulation ('GDPR') and other applicable data protection laws, regulations, and policies, the IAOB has developed our IAOB website in accordance with appropriate and required data protection and privacy principles. To the full extent possible, the IAOB has implemented appropriate safeguards to ensure your personal data is collected only to the extent necessary to provide the product/services you request or require of us, and to reduce any personal risk to you in the unlikely event of a data breach. We do this through industry best practices, including encryption, tokenization, and more. The IAOB is also committed to providing transparent information regarding your rights related to the information we collect, including – whenever possible – the ability to review and amend any information you provide and any additional information we collected from you as a result of your use of our services.
The IAOB (referred to as 'we', 'us', 'our' in this policy) is the Data Controller of all personal information that is collected by or through our website and used for the benefit of the IAOB customers.
GDPR grants all EU natural persons several data protection rights. For more information about these rights, please visit our EU Data Protection Rights page. The policy below outlines how we will support you in exercising these rights.
Our websites and related services collect and process needed personal information for the following reasons:
We collect general aggregate telemetry data whenever anyone visits our website including:
Personal information, listed above, is processed in conjunction with your creation and use of an account with us. Without providing us with this personal data as requested/required, you will not be able to use (or successfully use) the products and services on this website; it is a requirement necessary (1) to enter into a contract with us, (2) for us to fulfill our contract with you, and (3) for us to meet our applicable statutory requirements.
In addition to allowing the proper functioning of this website, your information may be used or transmitted as follows:
If our company were to be sold or acquired, your personal data may be provided to the purchasing entity. However, your personal information will not be shared with (except as noted above) and will not be sold to third-parties.
We are located outside of the EU and Asia, and we operate servers in many countries around the world. Some of which are not in the European Economic Area (“EEA”) (such as Canada and USA) and your personal information may be transferred between these servers. While countries outside the EEA may not always have strong data protection laws, your data will be treated with the same high degree of safeguards (and in line with EU law on data protection), regardless of the country where we collect, store, or process your data. Our partners, including payment processors and those providing telemetry services, may also operate servers around the world, but our selection of these partners is based on their compliance with the same data protection principles and legal requirements we adhere to.
When you create an account on this website, this account will remain active until you indicate that you wish to close it. Data collected related to your use of products and services on this website will be retained and securely associated with your account. When you close your account with us, we must retain certain personal information for a period no less than seven (7) years to comply with legal and financial requirements imposed on us. We may also securely archive this information both to ensure compliance and for aggregate statistical analysis.
To the extent possible, notwithstanding limitations related to intellectual property and our legal requirements, we will provide you with access to the information you provide in our system through the 'Account' and/or 'Profile' section(s) of our websites. If you notice an error in the information you provide to us, or that we collected from you, we will either provide you with tools to directly correct this information through the aforementioned sections of our websites, or support you in the correction process when you contact our Customer Support Team (firstname.lastname@example.org).
You may request to have your account closed and personal information erased by contacting our Customer Support Team (email@example.com). Notwithstanding the aspects we must preserve for legal and financial reasons, as outlined above, we will promptly remove any/all unnecessary personal data from our system within 30 days.
Cookies are small text files that are transferred to your computer's hard drive through your web browser to enable us to recognize your browser and track visitors to our site. A cookie contains an identifier that allows us to recognize your computer and/or account when you travel around our site, helping you accomplish your purchase or task. Most Web browsers automatically accept cookies, but, if you wish, you can change these browser settings by accepting, rejecting and deleting cookies. The 'help' portion of the toolbar on most browsers will tell you how to prevent your browser from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether. If you choose to change these settings, you may find that certain functions and features will not work as intended. The cookies we use do not detect any information stored on your computer.
For more information about cookies and how to stop cookies being installed visit the following website: http://www.allaboutcookies.org. (NOTE: This is a third-party informational website not managed by the IAOB or its partners.)
If you have concerns related to our application of this policy and data protection principles, we invite you to contact us at firstname.lastname@example.org. We will make every effort to remedy the situation promptly and to our mutual satisfaction.
You will not have to pay a fee to access your personal information (or to exercise any of your legal rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.
In the unlikely event of a data breach that compromises some or all the personal information you provided on this website (including any breach that impacts processing organizations we rely on), we will notify you and applicable authorities within 72 hours of being made aware of the situation and make every effort to promptly rectify the situation. We do not store or process sensitive personal data (such as credit card details, or other categories outlined in Regulation (EU) No 2016/679 Article 9) on our servers.
This document may be updated periodically to further clarify our data protection policies and provisions. In the event we make a change to this document that significantly impacts the personal information we process or impacts your rights as it relates to this data, we will contact all account holders through the email address we have on file.