Irdeto USA, Inc. EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield Privacy Policy

Updated December 4, 2018

General

EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield

Irdeto USA, Inc. (for this ‘Irdeto USA, Inc. EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield Privacy Policy’ hereinafter referred to as “Irdeto”) participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework. We are committed to subjecting all personal data received from European Union (EU) member countries and Switzerland, respectively, in reliance on each Privacy Shield Framework, to the Framework’s applicable Principles. To learn more about the Privacy Shield Frameworks, and to view our certification, visit the U.S. Department of Commerce’s Privacy Shield List [https://www.privacyshield.gov].

Irdeto is responsible for the processing of personal data it receives, under each Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. Irdeto complies with the Privacy Shield Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions.

With respect to personal data received or transferred pursuant to the Privacy Shield Frameworks, Irdeto is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.

Under certain conditions, more fully described on the Privacy Shield website [https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint], you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.

Data processor

When applicable, Irdeto’s collection, transfer, and use of Personal Information are for the purpose of delivering or providing the solutions and services listed below to its customers; performing accounting functions related thereto; and conducting any other activities necessary or appropriate in delivering said solutions and services to its customers. When conducting these activities, Irdeto is a “data processor” and only manages Personal Information at the direction of its customers. It is Irdeto’s customers’ who act as the “data controller”. Irdeto does not control any Personal Information and/or access to, or use of such personal Data is incidental to completing its contractual requirements to its customers.

The Irdeto solutions and services which may give rise to the collection, transfer, and use of Personal Information are as follows:

  • Media Access & Management solutions and services to facilitate management, security, distribution, payment authorization and media player solutions for content via satellite, broadband and mobile networks to authorized end users of Irdeto’s customers.
  • Business support software and services to enable global pay media (cable, satellite and terrestrial) operators to effectively manage multi-play services. The solution also provides product management, provisioning, accounts receivable and inventory management features to streamline workflows and improve efficiency by cable, satellite and terrestrial operators.
  • Irdeto Piracy and Cybercrime Management solutions and services to enable intellectual property right infringement tracking and online service provider notifications of intellectual property right abuse. These services include but are not limited to Irdeto Consumer Insights.

Irdeto undertakes in its contracts with its customers to safeguard the confidentiality of any Personal Information to which Irdeto may have access, and not to use it for any purpose other than as required in order to provide the contracted services to its customers.

Data controller

In some aspects of reporting offered by Irdeto as part of Irdeto Piracy and Cybercrime Management, Irdeto processes data made available to the public by the applicable internet or network protocol in order to commercialize our findings based on content piracy trends identified.  Irdeto is responsible for determining the purposes and means for processing the data we collect from such protocols, and such data may include computer identifiers for purposes of understanding origination, including those that equate to personal data (namely the IP address).  Irdeto maintains a legitimate interest in the processing for the purposes of creating the reports in helping secure copyrighted material as a leading content security company in the marketplace. Any personal data stored for the purpose stated shall only be maintained for as long as necessary to accomplish such purpose. If you wish to request access, rectification, erasure, or portability of your personal data, or otherwise impose a restriction or objection to the processing, please submit your request in the contact-us section of this policy below.

Categories of individual data subjects

Irdeto may obtain Personal Information in the United States about several different types of individuals, including users of media players, customers of pay media operators and potential intellectual property right infringers or sharers of content. Irdeto’s practices with respect these types of individual data subjects are described below:

  • Media Protection and Multiscreen solutions and services: Irdeto may obtain Personal Data belonging to end-users of digital content providers (who are Irdeto’s customers) which may be stored incidental to the provisioning of security solutions for pay media services.
  • Business support software and services: Irdeto may have possible visibility into Personal Data belonging to its customer’s subscribers during the process of providing support and maintenance for its billing software.
  • Revenue Assurance solutions and services: Irdeto may obtain the following Personal Data regarding potential intellectual property right infringers or sharers of content: information generally broadcasted by a peer-to-peer client without modification, user IP address, server IP address, timestamp of detection, peer-to-peer client name and version, aliased username or ID (if provided), filename, file size, protocol hash of file, proportion of the file in possession, URL of potentially infringing content, file description (if provided), view count (if provided), and other URLs posted by user (if provided).

Tracking technologies

Technologies such as cookies, beacons, tags and scripts are used by Irdeto and our partners, affiliates, website analytics or service providers such as hosting providers and email service providers. These technologies are used in analyzing trends, administering the site, tracking users’ movements around the Website and to gather demographic information about our user base as a whole. We may receive reports based on the use of these technologies by these companies on an individual as well as aggregated basis.

Users can control the use of cookies at the individual browser level. If you reject cookies, you may still use our site, but your ability to use some features or areas of our site may be limited.

Passive collection

As is true of most websites, we gather certain information automatically. This information may include Internet protocol (IP) addresses, browser type, Internet service provider (ISP), referring/exit pages, the files viewed on our site (e.g., HTML pages, graphics, etc.), operating system, date/time stamp, and/or clickstream data to analyze trends in the aggregate and administer the site. the site.

Notice and choice

As a data processor, Irdeto processes Personal Information solely at the direction of its customers and has no right to use such Personal Information for any other purpose.

Onward transfers (transfers to third parties)

As a data processor, Irdeto has agreed with its customers who license the Irdeto solutions that Irdeto will not disclose or transfer to any person any Personal Information stored on Irdeto’s servers by such customers or their authorized users. In certain circumstances, it is possible that Personal Information may be subject to disclosure pursuant to judicial or other government subpoenas, warrants, or orders. If Irdeto transfers any Personal Information to a third party data processor, it will enter into a contract with the data processor to ensure that the data processor provides at least the same level of privacy protection as the EU-U.S. Privacy Shield. Transfers to subsequent third parties are covered by the service agreements with our customers.

Data security

Irdeto takes reasonable precautions to protect Personal Information from loss, misuse and unauthorized access, disclosure, alteration and destruction. Irdeto has put in place appropriate physical, electronic and managerial procedures with a view to safeguarding and securing the Personal Information from loss, misuse, unauthorized access or disclosure, alteration or destruction. No method of transmission over the Internet, or method of electronic storage, is 100% secure; therefore, we cannot guarantee its absolute security.

Data retention

Irdeto will retain Personal Information we process on behalf of our customers for as long as needed to provide services to our customers. Irdeto will retain and use the Personal Information only as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

Data integrity

As a data processor, Irdeto only processes Personal Information as requested by and at the direction of its customers. Irdeto will only process Personal Information in a way that is compatible with and relevant to the purposes for which it was collected or authorized by the individual. To the extent necessary for those purposes, Irdeto will take reasonable steps to ensure that Personal Information is accurate, complete, current and reliable for its intended use.

Access

Irdeto acknowledges that you have the right to access your personal information. As a data processor, Irdeto has no direct relationship with the individuals whose Personal Information it processes. An individual who seeks access to, or who seeks to correct, amend, or delete inaccurate data should direct his/her query to the Irdeto customer (the data controller) which has transferred such data to Irdeto for processing. The Irdeto customer should then provide access to the individual as determined under the applicable local privacy and/or data protection legislation.

In the unique instance of Irdeto acting as a data controller (for example, for information provided by you through this website to Irdeto), if your personally identifiable information changes, you may correct, update or delete inaccuracies within your information by contacting us at dataprivacy@irdeto.com. We will respond to your request to access within a reasonable timeframe, but in any case no longer than 30 days.

For questions about this Privacy Policy, contact us at:

website@irdeto.com

With a copy to:

Irdeto USA, Inc.
Attn: Osama Hussain, Data Protection Officer
5250 Lankershim Blvd., Suite 750
North Hollywood, CA 91601
Email: dataprivacy@irdeto.com

Special information related to piracy services

In the case of intellectual property right infringement (when copyrighted materials have been illegally downloaded from and/or uploaded to the internet) a notice of such infringement with information evidencing the infringement may be sent to an appropriate online service provider based upon the user’s IP address. The information in these notices is provided with details of why the online service provider received the notice. These notices are not promotional in nature, and the user may not opt-out from receiving them.

Amendments to this policy

Any amendments or updates to this Policy will be incorporated in an updated version of this Policy and posted on the Irdeto website at https://www.privacyshield.gov/list. If we make any material changes, we will notify you by means of a notice on the Irdeto website prior to the change becoming effective. Irdeto reserves the right to modify this Policy at any time, so please review it frequently.