Last Update: December 4, 2023
When accessing the Website, the Company will learn certain information about you, both automatically and through voluntary actions you may take, during your visit. This policy applies to information we collect on the Website and in email, text, or other electronic messages between you and the Website.
Personal Identification Information
We may collect personal identification information from Users in a variety of ways, including, but not limited to, when Users visit our site, register on the site, subscribe to the newsletter, and in connection with other activities, services, features or resources we make available on our Site. Users may be asked for, as appropriate, email addresses. Users may, however, visit our Site anonymously. We will collect personal identification information from Users only if they voluntarily submit such information to us. Users can always refuse to supply personal identification information, except that it may prevent them from engaging in certain Site-related activities.
Non-personal Identification Information
We may collect non-personal identification information about Users whenever they interact with our Site. Non-personal identification information may include the browser name, the type of computer and technical information about Users means of connection to our Site, such as the operating system and the Internet service providers utilized and other similar information.
Web Browser Cookies
How We Use Collected Information
Company may collect and use Users’ personal information for the following purposes:
- To improve customer service: Information you provide helps us respond to your customer service requests and support needs more efficiently
- To personalize the user experience
- We may use information in the aggregate to understand how our Users as a group use the services and resources provided on our Site
- To send periodic emails: We may use the email address to send User information and updates pertaining to their order. It may also be used to respond to their inquiries, questions, and/or other requests. If User decides to opt-in to our mailing list, they will receive emails that may include company news, updates, related product or service information, etc. If at any time the User would like to unsubscribe from receiving future emails, we include detailed unsubscribe instructions at the bottom of each email or User may contact us via our Site.
How We Protect Your Information
We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorized access, alteration, disclosure or destruction of your personal information, username, password, transaction information and data stored on our Site.
Sharing Your Personal Information
We do not sell, trade, or rent Users personal identification information to others. We may share generic aggregated demographic information not linked to any personal identification information regarding visitors and users with our business partners, trusted affiliates and advertisers for the purposes outlined above.
Users may find advertising or other content on our Site that links to the sites and services of our partners, suppliers, advertisers, sponsors, licensors and other third parties. We do not control the content or links that appear on these sites and are not responsible for the practices employed by websites linked to or from our Site. In addition, these sites or services, including their content and links, may be constantly changing. These sites and services may have their own privacy policies and customer service policies. Browsing and interaction on any other website, including websites which have a link to our Site, is subject to that website’s own terms and policies.
Your Acceptance of These Terms
By using this Site, you signify your acceptance of this policy. If you do not agree to this policy, please do not use our Site. Your continued use of the Site following the posting of changes to this policy will be deemed your acceptance of those changes.
Children Under the Age 13
Our Website is not intended for children under 13 years of age. No one under age 13 may provide any information to or on the Website. We do not knowingly collect personal information from children under 13. If you are under 13, do not use or provide any information on this Website or on or through any of its features/register on the Website, make any purchases through the Website, use any of the interactive or public comment features of this Website or provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or user name you may use.
If we learn we have collected or received personal information from a child under 13 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 13, please contact us at your email.
Additional information about Layton & Co., Inc.’s Data Privacy and Data Security practices, including Intellum’s commitments with regard to the General Data Protection Regulation (GDPR), can be found at the bottom of this page.
Information we collect about you
When you access the Website, the Company will learn certain information about you during your visit. Information You Provide To Us. The Website provides various places for users to provide information.
We collect information that users provide by filling out forms on the Website, communicating with us via contact forms, responding to surveys, search queries on our search feature, providing comments or other feedback, and providing information when ordering a product or service via the Website.
We use information you provide to us to deliver the requested product and/or service, to improve our overall performance, and to provide you with offers, promotions, and information.
Information We Collect Through Automatic Data Collection Technology. As you navigate through our Website, we may use automatic data collection technologies including Google
See currently available opt-outs for the web from Google.
OPT OUT OPTIONS
Information Gathering, Processing and Usage
In connection with operation of the websites and providing our services to you, we may collect the following types of user information (“Information”):
- Personal Information. We collect personal information (“Personal Information”) from you and those individuals to whom you have given Website access. This Personal Information is used for billing purposes, account management purposes and for you to utilize the features of the websites to which you have purchased access. Examples of Personal Information we might collect include but are not limited to: first name, last name, email address, mailing address, etc. We also collect Personal Information provided to us via any emails you send to us and via any user information added by you to the website (including Personal Information for users other than yourself).
- Browsing Information. We collect information about your computer hardware and software and browsing activity.
- Training Information. We collect information on learning/training activities within the Learning Management System (“LMS”)
- Survey Information. We collect responses to any Layton & Co., Inc.-sponsored website surveys.
We collect and process this Information for the following general purposes: products and services provisioning, billing, identification and authentication, website improvement, contacts, and research.
Layton & Co., Inc. may disclose your Information to third parties under the following circumstances:
- Disclosure to Successors. We may disclose your Information to any actual or potential successor-in-interest of ours, such as a company that is seeking to acquire us or the website(s).
- Third-Party Service Providers. We may use third-party partners to help us operate and maintain our websites and deliver our products and services. We may also share your Information with our service providers and other third parties (“Affiliated Parties”) that provide products or services for or through the websites or for our business (such as website or database hosting companies, CRMs, email service providers, analytics companies, credit card processing companies and other similar service providers that use such information on our behalf or at the direction of your employer). Third-party service providers are contractually restricted from using or disclosing the Information, except as necessary to perform services on our behalf or to comply with legal requirements. Information may be processed in the European Union or the United States depending upon contractual requirements and in accordance with legal jurisdictions for the region(s) to which Intellum is subject.
- Other Disclosure. We may disclose your Information to prevent an emergency, to protect or enforce our rights, to protect or enforce the rights of a third party, or as required or permitted by law (including, without limitation, to comply with a subpoena or court order).
Pages of our services or our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags and single-pixel gifs) that permit us, for example, to count users who have visited those pages or opened an e-mail and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).
Layton & Co., Inc. uses third party vendors and hosting partners to provide some of the necessary hardware, software, networking, storage, and related technology required to run the websites. Although Intellum owns the code, databases, and all rights to the websites, you retain all rights to your data.
Protecting Personal Information
We understand the importance of safeguarding your Information. We employ administrative, physical, and electronic measures designed to protect your Information from unauthorized access. We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, taking into account technological reality, cost, the scope, context and purposes of processing weighted against the severity and likelihood that the processing could threaten individual rights and freedom. Despite our efforts, we cannot guarantee the security of your Information. Accordingly, we assume no liability for any disclosure of data due to errors in transmission, unauthorized third-party access or other acts of third parties, or acts or omissions beyond our reasonable control.
Cross Border Data Transfers
Layton & Co., Inc. is a global company with its headquarters located in the United States of America. Sharing data across borders may be essential in the performance of the services which we provide, and as a result, your Personal Information may be collected, transferred to and stored by us and our affiliates outside your jurisdiction, including outside the European Economic Area (EEA), and in countries that are not subject to an adequacy decision by the European Commission and that may not provide for the same level of data protection as your jurisdiction.
We will, subject to applicable law, rely upon legally permitted data transfer mechanisms in order to transfer, process and store your Personal Information in a jurisdiction outside of your home jurisdiction. We ensure that the recipient of your Personal Information offers an adequate level of data protection and security. For instance, for transfers of Personal Information originating from the EU, we may rely on adequacy decisions of the European Commission where available, on standard data protection clauses, intra-company data protection agreements entered into among our affiliates, or derogations for specific situations as set forth in Articles 46 and 49 of the GDPR, such as your explicit consent to such transfer; to perform a contract with you; or to fulfill a compelling legitimate interest of the Company in a manner that does not outweigh your rights and freedoms.
Third Party Websites
We are committed to protecting the privacy of children. Our solutions are not intended for anyone under the age of 13. If you are under 13, do not use or provide any information on or through our solutions. If we learn we have collected or received Personal Data from a child under 13 without verification of parental consent, we will delete that information. If you are a parent or guardian or otherwise believe we might have any information from or about a child under 13, please contact us so that we can delete the child’s information. Our services will never knowingly accept, collect, maintain or use any information from a child under the age of 13. If a child whom we know to be under the age of 13 sends Personal Data to us online, we will only use that information to respond directly to that child or notify parents.
Layton & Co., Inc. Data Privacy & Data Security Statement
This Data Privacy & Data Security Statement (the “Statement”), is provided by Layton & Co., Inc. (“Layton & Co., Inc.”) to its Clients (each, a “Client”) and to users of Intellum’s Services affiliated with the Clients (“Users”). This Statement describes Layton & Co., Inc.’s commitments with regard to data privacy and data security. Layton & Co., Inc. may update this Statement from time to time. Updated versions will be published on Layton & Co., Inc.’s website.
- “Authorized Persons” means Layton & Co., Inc.’s employees, agents, and contractors that have a need to know or otherwise access User Data to enable Layton & Co., Inc. to provide the Services.
- “Controller” means a controller as defined under the GDPR.
- “Data Protection Laws” means all international, federal, national and state privacy and data protection laws and regulations to the extent applicable to Layton & Co., Inc. and the Services.
- “Data Breach” means any loss or unauthorized access, acquisition, theft, destruction, disclosure or use of User Data that occurs while such User Data is in the possession of or under the control of Intellum.
- “GDPR” means the EU General Data Protection Regulation 2016/679.
- “Personal Data” means information relating to an identified or identifiable natural person. An identifiable natural person is a natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
- “Process” or “Processing” means any operation or set of operations that are performed upon User Data, whether or not by automatic means, such as collection, accessing, processing, use, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure, dissemination, transmittal, alignment or combination, blocking, erasure, destruction or otherwise used as set out in the applicable Data Protection Laws.
- “Processor” means a processor as defined under the GDPR.
- “Services” means Layton & Co., Inc’s services, solutions and products.
- “Sub-Processor” shall mean an entity engaged by Intellum to assist it in Processing the User Data in fulfillment of its obligations with regard to the Services.
- “Third Party” is any person or entity other than Layton & Co., Inc. and Client and Client’s Users.
- “User Data” means all data relating to a User that is (i) provided to Layton & Co., Inc. by Client or User or (ii) otherwise obtained, accessed, developed, or produced by Layton & Co., Inc. User Data may include Personal Data.
- Data Privacy
- 2.1. Compliance with Laws. Layton & Co., Inc. is committed to complying with its obligations under all Data Protection Laws. For purposes of the GDPR, Client is considered the Controller and Intellum is its Processor; if Client is considered a Processor for purposes of the GDPR, then Layton & Co., Inc. is considered its Sub-Processor.
- 2.2. Distribution of User Data. Users should provide Layton & Co., Inc. only with Personal Data that is requested by Layton & Co., Inc. or that is otherwise necessary for Layton & Co., Inc. to provide the Services. Layton & Co., Inc. is not responsible for any other Personal Data. Client will not provide Layton & Co., Inc. with Personal Data unless Client has obtained all required consents from Users.
- 2.3. Limitations on Use of Personal Data. Layton & Co., Inc. shall not Process User Data other than for the purposes specified by Users. Layton & Co., Inc. shall not Process User Data for the benefit of any Third Party. Layton & Co., Inc. shall access only the User Data that it needs to perform the Services (i.e., no more than necessary). Layton & Co., Inc. will not store User Data longer than necessary to achieve the permitted purposes specified by User. Layton & Co., Inc. does share aggregate or anonymous data (including personal data that has been stripped of personally identifying characteristics) with third parties. Personal Information does not include information that has been aggregated or made anonymous such that it can no longer be reasonably associated with a specific person or directly identify you. This policy in no way restricts or limits our collection and use of aggregate information, and we may share aggregate data about our users with third parties for various purposes.
- 2.4. Restrictions. Except with a User’s prior, written approval, on a case-by-case basis, Layton & Co., Inc. will not: (a) use User Data other than as necessary for Layton & Co., Inc. to provide the Services, (b) disclose, sell, assign, lease or otherwise provide User Data to Third Parties (other than to its affiliates or Sub-Processors) except to the extent required or permitted by Data Protection Laws, or (c) merge User Data with other data, modify or commercially exploit any User Data.
- 2.5. Sensitive Personal Data. Clients and Users are advised never to provide Layton & Co., Inc. with Sensitive Personal Data. “Sensitive Personal Data” means (a) information that reveals a natural person’s racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade-union membership, (b) information or data concerning a natural person’s health or sex life or sexual orientation; or (c) genetic data or biometric data about a natural person.
- Layton & Co., Inc. may engage Sub-Processors in connection with the provision of the Services, provided, however, that Intellum may not provide a Sub-Processor with access to User Data unless the Sub-Processor has: (i) a business need to know / access the relevant User Data, as necessary for the purposes of the Services; (ii) signed a written obligation of confidentiality or are under professional obligations of confidentiality; and (iii) implemented technical, operational, physical, and organization safeguards to protect User Data against accidental or unlawful destruction or alteration and unauthorized disclosure or access.
- Data Subject Rights; Cooperation
- You may have certain rights relating to your Personal Information, subject to local data protection law. Whenever you use our services, we aim to provide you with choices about how we use your personal data. We also aim to provide you with access to your Personal Information. If that information is wrong, we strive to give you ways to update it quickly or to delete it – unless we have to keep that information for legitimate business or legal purposes. Subject to applicable law, you may obtain a copy of Personal Information we maintain about you or you may update or correct inaccuracies in that information by contacting us. To help protect your privacy and maintain security, we will take steps to verify your identity before granting you access to the information. In addition, if you believe that Personal Information we maintain about you is inaccurate, subject to applicable law, you may have the right to request that we correct or amend the information by contacting us as indicated in the How to Contact Us section below.
- The European Union’s General Data Protection Regulation (“GDPR”), and corresponding legislation in the United Kingdom and Switzerland, provide European, Switzerland and United Kingdom residents with certain rights in connection with Personal Data you have shared with us. If you are resident in the European Economic Area, you may have the following rights:
- The right of access. You have the right to request a copy of your Personal Data which we hold about you.
- The right of correction: You have the right to request correction or changes of your Personal Data if it is found to be inaccurate or out of date.
- The right to be forgotten: You have the right to request us, at any time, to delete your Personal Data from our servers and to erase your Personal Data when it is no longer necessary for us to retain such data. Note, however, that deletion of your Personal Data will likely impact your ability to use our services.
- The right to object (opt-out): You have the right to opt-out of certain uses of your Personal Data, such as direct marketing, at any time.
- The right to data portability: You have the right to a “portable” copy of your Personal Data that you have submitted to us. Generally, this means your right to request that we move, copy or transmit your Personal Data stored on our servers / IT environment to another service provider’s servers / IT environment.
- The right to refuse to be subjected to automated decision-making, including profiling: You have the right not to be subject to a decision and insist on human intervention if the decision is based on automated processing and produces a legal effect or a similarly significant effect on you.
- The right to lodge a complaint with a supervisory authority.
- You may also have the right to make a GDPR complaint to the relevant Supervisory Authority. A list of Supervisory Authorities is available here: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.
- Return or Destruction of User Data
- Upon the written request of a User, Layton & Co., Inc. will return User Data to the User in a commonly readable format or securely delete User Data as soon as reasonably practicable. If you completely delete all such information, then your account may become deactivated. We may retain an archived copy of your records as required by law, to comply with our legal obligations, to resolve disputes, to enforce our agreements or for other legitimate business purposes.
- Data Security
- 6.1. Security Program Requirements. Layton & Co., Inc. will maintain a security program that contains administrative, technical, and physical safeguards appropriate to the complexity, nature, and scope of its activities. Layton & Co., Inc.’s security program shall be designed to protect the security and confidentiality of User Data against unlawful or accidental access to, or unauthorized processing, disclosure, destruction, damage or loss of User Data. At a minimum, Layton & Co., Inc.’s security program shall include: (a) limiting access of User Data to Authorized Persons; (b) implementing network, application, database, and platform security; (c) means for securing information transmission, storage, and disposal within Intellum’s possession or control; (d) means for encrypting User Data stored on media within Layton & Co., Inc.’s possession or control by using modern acceptable cyphers and key lengths, including backup media; (e) means for encrypting User Data transmitted by Layton & Co., Inc. over public or wireless networks by using modern acceptable cyphers and key lengths; and (f) means for keeping firewalls, routers, servers, personal computers, and all other resources current with appropriate security-specific system patches.
- 6.2. Regular Reviews. Layton & Co., Inc. shall ensure that its security measures are regularly reviewed and revised to address evolving threats and vulnerabilities.
- Data Breach Procedures
- 7.1. Notification. Layton & Co., Inc. shall notify Client and any affected User of any Data Breach as soon as practicable and without undue delay after becoming aware of it. Such notification shall at a minimum: (i) describe the nature of the Data Breach, the categories and numbers of Users concerned, and the categories and numbers of Personal Data records concerned; (ii) communicate the name and contact details of Intellum’s data protection officer or other relevant contact from whom more information may be obtained; and (iii) describe the measures taken or proposed to be taken to address the Data Breach.
- 7.2. Remedial Actions. In the event of a Data Breach for which Layton & Co., Inc. is responsible, Layton & Co., Inc. will use commercially reasonable efforts to: (a) remedy the Data Breach condition, investigate, document, restore the Services, and undertake the required response activities; (b) provide regular status reports to Client on Data Breach response activities; (c) assist Client with the coordination of media, law enforcement, or other Data Breach notifications; and (d) assist and cooperate with Client in its Data Breach response efforts.
- Cross-Border Transfers
- 8.1. Location. Layton & Co., Inc. systems and Layton & Co., Inc.’s Processing of User Data will occur within the following jurisdictions: United States of America, and Canada (the “Processing Jurisdictions”). Layton & Co., Inc. will not transfer any User Data outside of the Processing Jurisdictions except as directed by or with the consent of Client and/or User.
- 8.2. Sub-Processors. Before providing User Data of a European citizen to Sub-Processors, Layton & Co., Inc. will use commercially reasonable efforts to ensure that the Sub-Processors will execute EU-prescribed Standard Contractual Clauses.
Report a Vulnerability
If you believe you have found a security vulnerability on Layton & Co., Inc., please let us know right away. We will investigate all reports and do our best to quickly fix valid issues.
You can submit your report here- CHANGE – and our security team will respond as soon as possible.
How to Contact Us
Layton & Co., Inc.
3349 Monroe Avenue, #105
Rochester, NY 14618