Effective Date: Nov. 29, 2017
Last Updated: Feb. 12, 2021
Walsworth complies with applicable data protection regulations and is committed to GDPR compliance across its relevant services effective May 25, 2018. We also work closely with our customers and partners to meet contractual obligations for our procedures, products and services.
Data We Process
Data We Automatically Collect
When you access our Services, whether by computer, mobile phone or other device, we automatically collect certain data about your use of our Websites and Services using technologies such as cookies. This data may include without limitation:
- geographical location and IDs of your computer, mobile or other device;
- bandwidth used;
- system and connection performance;
- browser type and version;
- operating system;
- referral source;
- length of visit;
- page views;
- your mobile carrier; and
- IP address or other unique identifier for your computer, mobile phone or other device.
When you download and use our Mobile Apps, we may also collect additional data about your mobile device, including the hardware model, operating system and version, mobile network data and time zone.
This data is not linked to personal data (called “PII”) except your IP address, which may be personally identifying.
Your PII That We Process
In some situations you or someone else may provide us with your PII. Such PII could include:
- your name;
- street address;
- telephone number;
- email address;
- photographic image that includes facial or other distinguishing characteristics; and
- any other data we collect about you that by itself is not PII but if combined with PII could be used to personally identify you.
Your PII may be provided to us when you or someone else:
- submits content to our Services;
- registers for certain services, or registers an account or profile to access, visit, or use certain portions of our Services;
- requests technical or customer support;
- any other transactions occurring on or in relation to our Services.
A “cookie” is a small file stored on your computer that contains data about you, your computer, or your use of our Services. By showing how and when visitors use the Services, cookies help us identify how many unique users visit us, save user preferences, and track user trends and patterns. We use session cookies, which are cookies that are deleted when you leave our Services and persistent cookies, which are cookies that remain after you leave our Services so that you are recognized when you return.
How We Use Your PII
Walsworth Will Use Data We Automatically Collect To:
- improve your experience on our Services;
- count users who open our HTML-formatted email messages;
- improve the delivery of our Services;
- to help us better manage content on our Services by informing us what content is effective; and by helping to measure traffic on our Services.
More specifically, Walsworth May Use IP Addresses To:
- help diagnose problems with our web servers;
- administer our servers;
- analyze trends;
- track users’ movement;
- gather broad demographic information for aggregate use in order for us to improve the Services; and
- deliver customized content.
Walsworth Will Use PII To:
- Respond to your inquiries, and/or other requests or questions;
- enable your use of the Services; and
- print and distribute yearbooks based on behalf of, and under the instruction of, Walsworth’s client.
You may opt to receive email marketing communications relating to our business which we think may be of interest to you, email messages containing company news, product or service information, and certain email marketing communications relating to third parties such as our affiliates and/or carefully-selected third parties.
Lawful Basis of Processing
Walsworth processes PII on the basis of your consent, as provided by you to Walsworth’s client. You have the right to object to our processing of your PII done on this basis, by revoking your consent. To do this, please contact Walsworth’s client to whom you provided your consent initially.
Sharing PII with Service Providers
We may use third parties to perform certain services on our behalf. We may share your PII, including payment card information if applicable, with these third parties solely to enable them to perform the services for us.
Such third parties include those:
- hosting our Services;
- managing the functionality of our Services;
- providing marketing automation or analytics software as a service;
- providing cloud storage.
We require that those third party vendors maintain at least the same level of confidentiality, integrity, and availability that we maintain for such PII. Walsworth remains liable for the protection of your PII that we transfer to our service providers, except to the extent that we are not responsible for the event giving rise to any unauthorized or improper processing.
Other Disclosure of PII
We may disclose your PII (i) to the extent required by law or if we have a good-faith belief that such disclosure is necessary in order to comply with official investigations or legal proceedings initiated by governmental and/or law enforcement officials, or private parties, including but not limited to: in response to subpoenas, search warrants, or court orders or (ii) if we sell or transfer all or a portion of our company’s business interests, assets (or both), or in connection with a corporate merger, consolidation, restructuring, or other company change or (iii) to our subsidiaries or affiliates only if necessary for business operational purposes.
Considering that Walsworth processes PII for purposes that include printing and distributing yearbooks on behalf of Walsworth’s clients, all PII that is submitted to the Services may be made public.
If we must disclose your PII in order to comply with official investigations or legal proceedings initiated by governmental and/or law enforcement officials, we may not be able to ensure that such recipients of your PII will maintain the privacy or security of your PII.
We reserve the right to use, transfer, sell, and share aggregated, anonymous data, which does not include any PII, about our Services’ users as a group for any legal business purpose, such as analyzing usage trends and seeking compatible advertisers, sponsors, clients, and customers.
Walsworth’s most important concern is the protection and reliability of customer data. Our services are hosted in the AWS cloud, giving our infrastructure the most rigorous physical security controls available today. Scans are performed regularly to ensure that any software vulnerabilities are quickly found and patched. Application penetration tests are performed monthly by Walsworth and annually by an independent third-party. All services have failover points and redundant hardware with daily backups. Access to systems is restricted to specific individuals who have a need-to-know access requirement and who are bound by confidentiality obligations. Access is monitored and audited for compliance.
Walsworth uses the current Transport Layer Security (TLS) encryption algorithms (also known as HTTPS) for all transmitted data. This includes the transmission of usernames and passwords on our applications. Deprecated encryption technologies are continually scanned and flagged for replacement.
Walsworth has implemented and follows commercially reasonable measures to protect against unauthorized access to, and unlawful interception or processing of, PII. Unfortunately, data transmission over the Internet is never 100% secure so we cannot guarantee the security of any data you transmit to us or from our Websites and Services; therefore, you use our Websites and Services at your own risk.
If you register on our Websites and/or Services you are responsible for protecting the security of your username and password. You are responsible for any transaction made using your username and password.
PII processed in the Services is retained for as long as is necessary for us to perform our obligations under the contract entered into between Walsworth and the institution that has engaged Walsworth. PII collected via the Websites is retained for as long as we have a legitimate interest in the processing of such PII. Note that we keep backup copies of our databases as part of our disaster recovery/business continuity plans, and it may not be reasonably possible for us to delete data from such backups.
Posting In Public Areas of Our Websites
You may choose to participate in our message boards and other public areas (together “Public Spaces”) where you can engage in social networking, interact with others, and submit writings, computer graphics, pictures, questions, comments, testimonials, suggestions or other content, including PII. If there is data that you do not wish to disclose to third parties, we suggest that you not post it. Others will be able to view and access such data and they may be able to use it and share it with third parties at their sole discretion.
We may select and post customer testimonials on our Websites, which may contain PII such as your name and the city, state and country in which you live. We will obtain your consent prior to posting any testimonial with your name.
If you would like us to remove or delete your name or testimonial from our Websites, you may contact us at email@example.com.
Note that copies of data that you have updated, modified, or deleted may remain viewable in cached and archived pages of our Websites for a period of time.
Access, Review & Opting Out
To the extent that the Services include such ability, you may login at the applicable Walsworth Service to view, edit, or delete your PII from our records. Alternatively you may submit your request to view, edit, or delete your PII directly to the relevant Walsworth client.
You are responsible for maintaining the accuracy of the PII you submit to us, such as your contact information provided as part of registration.
Please note that if you opt out of promotional/marketing emails, you may continue to receive certain communications from us, such as administrative and services announcements and messages about your account/profile.
When you edit or delete your PII, the PII that you remove may remain in our databases or backup media because it is not always possible to completely remove or delete data from those locations. Similarly, once PII has been published in hardcopy (e.g., in yearbooks) it becomes public information and cannot be corrected, edited, or deleted from such yearbooks.
Our Websites, Mobile Apps and Services are not directed at, or intended for use by, children under the age of 13. Children should always get permission from a parent or guardian before sending PII over the Internet. If you believe your child may have provided us with PII, you can contact the institution that has engaged Walsworth to lodge your request that the PII be deleted.
Questions or Concerns, Contact Us
Attn: Director of Technology
Walsworth Publishing Company, Inc.
306 North Kansas Ave.
Marceline, MO 64658
We will respond within four weeks of receiving your inquiry. If you need to communicate with us regarding your credit card or other payment information please contact us by phone at 1-800-369-2646. If you are not 13 years of age or older, you must have your parent or legal guardian’s permission to call this number.