Collection of personal information
You may choose to provide personal information (for example your name, address, telephone number and email address) on this or other OCR websites, however not providing this may result in reduced functionality. OCR’s usage of this information will be consistent with this Policy or the policy associated with the applicable OCR site.
This website is not directed to children under the age of thirteen and we do not knowingly collect personal information from children under the age of thirteen on this site or other OCR sites. If we become aware that we have inadvertently received personal information from a visitor under the age of thirteen, we will delete the information from our records.
- Essential Cookies:
Some cookies serve an essential function and the websites cannot work properly without them. Where such essential cookies are used, they cannot be disabled.
- Browser and Flash Cookies:
Other cookies serve a functional purpose and improve the user experience of the websites. We use browser and Flash cookies to tell us, for example, whether you’ve visited us before, and to help us identify site features in which you may have the greatest interest. Browser and Flash cookies may enhance your online experience by saving your preferences while you are visiting a particular site so that you do not need to reset them each time you visit the website. Neither Browser nor Flash cookies can identify you as an individual. You can decline any Browser cookie through your browser however, without Browser cookies you may not be able to take full advantage of all our website features. Similar to Browser cookies, you may not be able to take full advantage of all website features once you have disabled Flash cookies.
- Web Beacons:
Some types of cookies collect aggregate information which help us to improve our websites by providing information, for example, on loading errors and the most visited webpages. Certain pages on our site may contain web beacons (also known as Internet tags, pixel tags and clear GIFs). OCR uses web beacons to help display content to visitors and to generate statistics regarding web traffic and trends. Web beacons cannot identify you as an individual.
Use of Personal Information
We may use the personal information collected about you for the following purposes:
- Provide, administer and communicate with you about products, services, events, surveys and promotions by OCR or our affiliates (including by sending you marketing communications);
We also may use personal information for other additional purposes. We will identify these additional purposes at the time of collection.
Sharing and Transferring of Your Personal Information
Sharing & Transfers
We do not sell or otherwise disclose personal information about our website visitors outside OCR and its affiliates, except as described here.
- We may share information provided by our visitors to this and other OCR sites with service providers we have retained to perform services on our behalf. These service providers are contractually restricted from using or disclosing the information except as necessary to perform services on our behalf or to comply with legal requirements.
- We may disclose information about you (i) if we are required to do so by law or legal process, (ii) to law enforcement authorities or other government officials as required to comply with a legitimate legal request, or (iii) when we believe disclosure is necessary to prevent physical harm or financial loss, or in connection with an investigation of suspected or actual illegal activity.
- We reserve the right to transfer any information we have about you in the event we sell or transfer all or a portion of our business or assets (including through bankruptcy).
We may transmit the personal information we collect on this site or other OCR sites to other countries where we do business, including for websites accessed in the European Union, to the US, but we will do so only for the purposes described herein.
How We Protect Your Information?
At OCR, our goal is to protect your personal information submitted to us through our sites. We maintain administrative, technical and physical safeguards to protect against unauthorized disclosure, use, alteration or destruction of the personal information you provide on this and other OCR websites. We also employ reasonable technologies to help keep the personal information you provide on this site secure.
Links to Other Sites
We provide links to other websites for your convenience and information. These sites may have their own privacy statements or policies in place, which we recommend you review if you visit any linked websites. We are not responsible for the content of linked sites or any use of the sites.
How to Contact Us and Update Your Personal Information
Mobile Information We Collect
- Personally identifiable information (e.g. Name, email address) we collect consists only of what you share with us. For example, certain products may ask for this type of information so that we may contact you by phone or email at your request. You choose what, how, and when you want to share.
- If you use any location-enabled products, you may be sending us location information. OCR does not store or use this information other than to provide the service you requested. For example, a mobile product may use GPS data to find a nearby restaurant you requested. Location-enabled features are opt-in and you have control over your participation and can turn these services off at any time.
- Some mobile applications will utilize Google Analytics (or similar tool) to help us better serve our customers through improved products, services, and revisions to the mobile applications. This collected information will not identify you to OCR. It may, however, let us know anonymously, which services and features you are using the most within the application, as well as device type and hardware features, country and language of download.
- Use of 3rd party services such as social sharing sites (e.g., Facebook & Twitter) is governed by the privacy practices of those services. OCR does not capture or store your login information or other personally identifiable information for these services, however session info or cookies may be stored.
Mobile How We Use Collected Information
- We use the information to personalize your experience with the application and to improve your overall experience including the development of new products, services, and features. We also use the information to provide customer support, and when applicable, register and administer your account. Additionally, we may use the information you provide to contact you about updates to our service.
- Information you provide may be used to fulfill the service(s) or carry out the transaction(s) you have requested or authorized. For example, if you authorize a purchase through a mobile eCommerce application, we will use provided information to ship and bill you.
Mobile Information sharing
- OCR does not share any collected information with 3rd parties with the following exceptions:
- OCR may provide some personal data to third-party partners that are providing services essential to your mobile user experience.
- All requests are sent through your mobile carrier’s network and your carrier may have access to it. Consult your carrier’s privacy policies for additional information.
- Certain mobile products and services and manufacturers allow you to interact and share your information with others. For example, you may want to Tweet or post to your Facebook page content from an OCR mobile application. Consult your mobile device manufacturer, or mobile product or application developer’s privacy policies for additional information.
OCR complies with the U.S.-EU Safe Harbor Framework and the U.S.-Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland. OCR has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement.
To learn more about the Safe Harbor program, and to view OCR’s certification, please visit http://www.export.gov/safeharbor/
OCR Services Inc. Privacy Shield (EU/Swiss – USA)
OCR Services Inc. (“OCR”) complies with the EU-U.S. Privacy Shield Framework and the Swiss – U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data from European Union member countries and Switzerland. OCR Services Inc. has certified to the Department of Commerce that it adheres to the Privacy Shield Principles of Notice; Choice; Accountability for Onward Transfer; Security; Data Integrity and Purpose Limitation; Access; and Recourse, Enforcement, and Liability. If there is any conflict between the terms in this OCR Services Inc. Privacy Shield Policy (“Privacy Shield Policy”) and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov.
- “Data Subject” means the individual to whom any given Personal Data covered by this Privacy Shield Policy refers.
- “Personal Data” means any information relating to an individual residing in the European Union and Switzerland that can be used to identify that individual either on its own or in combination with other readily available data.
- “Sensitive Personal Data” means Personal Data regarding an individual's racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, physical or mental health, or sexual life.
- “Data Controller” means a person (a individual, organization, other corporate or unincorporated bodies of persons) who, either jointly or in common with other persons, determines the purposes for which and that manner in which any personal data are, or are to be, processed.
- “Data Processor” means any person (other than an employee of the data controller) who processes personal data on behalf of the data controller.
Scope and Responsibility
This Privacy Shield Policy applies to Personal Data transferred from European Union member countries and Switzerland to OCR Services Inc.’s operations in the U.S. in reliance on the respective Privacy Shield framework and does not apply to Personal Data transferred over Standard Contractual Clauses of any approved derogation from the EU Directive.
Some types of Personal Data may be subject to other privacy-related requirements and policies. For example:
- Personal Data regarding and/or received from a client is also subject to any specific agreement with, or notice to, the client, as well as additionally applicable laws and professional standards.
This Policy does not cover data from which individual persons cannot be identified or situations in which pseudonyms are used. (The use of pseudonyms involves the replacement of names or other identifiers with substitutes so that identification of individual persons is not possible.)
All employees of OCR that have access in the U.S. to Personal Data covered by this Privacy Shield Policy are responsible for conducting themselves in accordance with this Privacy Shield Policy. Adherence by OCR to this Privacy Shield Policy may be limited to the extent required to meet legal, regulatory, governmental, or national security obligations, but Personal Data covered by this Privacy Shield Policy shall not be collected, used, or disclosed in a manner contrary to this policy without the prior written permission of OCR’s General Counsel.
Collection of Personal Data
OCR Services Inc. does not collect any personal data and is not a “Data Controller.”
Processing and Use of Personal Data
Data Processor includes several activities. The only activity that OCR does is to store personal data in Iland servers where Iland is a data sub processor who is also GDPR compliant. OCR customers transfer their personal data or enter their personal data in OCR’s software, EASE. Clients process the data in the way they seem fit using EASE.
Privacy Shield Principles
OCR commits to subject to the Privacy Shields’ Principles all Personal Data received by OCR in the U.S. from European Union member countries and Switzerland in reliance on the respective Privacy Shield framework.
- Notice OCR notifies Data Subjects covered by this Privacy Shield Policy about its data practices regarding Personal Data received by OCR in the U.S. from European Union member countries and Switzerland in reliance on the respective Privacy Shield framework, including the types of Personal Data it collects about them, the purposes for which it collects and uses such Personal Data, the rights of Data Subjects to access their Personal Data, the choices and means that OCR offers for limiting its use and disclosure of such Personal Data, how OCR’s obligations under the Privacy Shield are enforced, and how Data Subjects can contact OCR with any inquiries or complaints.
- Choice If Personal Data covered by this Privacy Shield Policy is to be used for a new purpose that is materially different from that for which the Personal Data was originally collected or subsequently authorized, OCR will provide Data Subjects with an opportunity to choose whether to have their Personal Data so used or disclosed. Requests to opt out of such uses or disclosures of Personal Data should be sent to: Samir.email@example.com.
OCR does not collect Sensitive Personal Data.
- Accountability for Onward Transfer OCR does not plan to transfer personal data to third parties that it processes in European member countries or Switzerland.
In the event that OCR does transfer personal data, except as otherwise provided herein, OCR discloses Personal Data only to Third Parties who reasonably need to know such data and such recipients must agree to abide by confidentiality obligations.
Such Third Parties must agree to use such Personal Data only for the purposes for which they have been engaged by OCR and they must either:
- comply with the Privacy Shield principles or another mechanism permitted by the applicable EU & Swiss data protection law(s) for transfers and processing of Personal Data;
- or agree to provide adequate protections for the Personal Data that are no less protective than those set out in this Policy;
OCR also may disclose Personal Data to Third Parties when a Data Subject has consented to or requested such disclosure. Please be aware that OCR may be required to disclose an individual's personal information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements. OCR is liable for appropriate onward transfers of personal data to third parties.
- Security OCR takes reasonable and appropriate measures to protect Personal Data covered by this Privacy Shield Policy from loss, misuse, and unauthorized access, disclosure, alteration, and destruction, taking into due account the risks involved in the collection and the nature of the Personal Data.
For example, electronically stored Personal Data is stored on a secure network with firewall protection, and access to OCR’s electronic information systems requires multi-level user authentication via password or similar means. OCR also employs access restrictions, limiting the scope of employees who have access to Personal Data. OCR personnel may access and use Personal Data only if they are authorized to do so and only for the purpose for which they are authorized.
- Data Integrity and Purpose Limitation OCR limits the processing of Personal Data covered by this Privacy Shield Policy to information that is relevant for the purposes of processing. OCR does not process such Personal Data in a way that is incompatible with the purposes for which it has been collected or subsequently authorized by the Data Subject.
OCR takes reasonable steps to ensure that such Personal Data is reliable for its intended use, accurate, complete, and current. OCR takes reasonable and appropriate measures to comply with the requirement under the Privacy Shield to retain Personal Data in identifiable form only for as long as it serves a purpose of processing, which includes OCR’s obligations to comply with professional standards, OCR’s business purposes and unless a longer retention period is permitted by law, and it adheres to the Privacy Shield Principles for as long as it retains such Personal Data.
- Recourse, Enforcement, and Liability OCR’s participation in the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework is subject to investigation and enforcement by the Federal Trade Commission.
In compliance with the Privacy Shield Principles, OCR commits to resolve complaints about your privacy and our collection or use of your Personal Data. Data Subjects with inquiries or complaints regarding this Privacy Shield Policy should first contact OCR at: Samir.firstname.lastname@example.org
OCR has further committed to refer unresolved privacy complaints under the EU-U.S. and Swiss-U.S. Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://www.bbb.org/EU-privacy-shield/for-eu-consumers for more information and to file a complaint. The services of BBB EU Privacy Shield Program are provided at no cost to you.
Data Subjects have the possibility, under certain conditions, to invoke binding arbitration for complaints regarding Privacy Shield compliance not resolved by any of the other Privacy Shield mechanisms. Please see Annex 1 in the following link for more information: https://www.privacyshield.gov/article?id=ANNEX-I-introduction.
OCR agrees to periodically review and verify its compliance with the Privacy Shield Principles, and to remedy any issues arising out of failure to comply with the Privacy Shield Principles. OCR acknowledges that its failure to provide an annual self-certification to the U.S. Department of Commerce will remove it from the Department’s list of Privacy Shield participants.
Changes to this Privacy Shield Policy
This Privacy Shield Policy may be amended from time to time consistent with the requirements of the Privacy Shield. Appropriate notice regarding such amendments will be given.