Last updated: April 21st, 2023
Liongard complies with the HIPAA Standards for Privacy, Electronic Transactions and Security (including the HITECH Act and the Omnibus Rule of 2013). We have implemented policies, processes, and procedures designed to comply with Federal security laws, regulations, and rules, and we monitor ongoing compliance efforts and maintain various reporting mechanisms that are required by law or requested by our customers. We recognize that it is a key responsibility for our business and will continue to provide all of our various programs and services in accordance with the relevant requirements of all federal laws and regulations, including, as applicable, HIPAA.
Questions regarding our HIPAA policies or compliance may be directed to:
Liongard
Attn: Data Privacy
4201 Main St.
Suite 200-102
Houston, TX 77002
You may also contact the Data Privacy Team via our support email at compliance@liongard.com.
Last updated: October 30, 2024
Our Commitment to GDPR
The General Data Protection Regulation (GDPR) became effective May 25, 2018, with the purpose of strengthening security and regulation of data protection across the European Union, giving people greater rights to access and control their personal information. Liongard is committed to providing the best customer service and security to our customers, while also ensuring compliance with all laws and regulations. As part of that commitment, we would like to provide you with the following information in accordance with GDPR.
GDPR Data Processing Policy
Liongard recognizes that strict protections are in place to protect the handling of EEA (European Economic Area) personally identifiable information. Due to the importance of GDPR, Liongard has established the following GDPR Data Processing Policy.
This policy is meant to explain the following: (a) the entity that is collecting personal data; (b) the purposes for which personal data is collected; (c) how and why personal data will be used; (d) the period during which data will be retained; and (e) how you can contact Liongard regarding your data.
This policy supplements the existing Liongard Privacy Policy and unless specifically defined in this policy, defined terms in this policy have the same meaning as they do in the Privacy Policy.
Data Processor/Controller Role
Per GDPR definitions, a data controller has knowledge of why and how data is processed. Whereas a data processor processes the data on behalf of the controller.
With respect to customer data collected on our websites via forms, email, and other communication methods, Liongard is considered the data controller. In these instances, our customers provide their information to sign up for our services. We may utilize compliant third-party data processors for this data, such as HubSpot.
With respect to customers’ data hosted on our Roar platform and our portfolio of solutions sold to customers, Liongard has minimal knowledge about data collected by its customers, and Liongard only processes data in accordance with customers’ instructions. In these instances, Liongard is considered a data processor, and our customers are considered data controllers.
GDPR Roles and Employees
Liongard has a data privacy team to continuously improve security and compliance. The team is responsible for promoting awareness of the GDPR across the organization and improving GDPR policies and procedures.
Liongard understands that continuous employee awareness and understanding is vital to the continued compliance of the GDPR and have involved our employees in our preparation plans.
If you have any questions about our GDPR compliance policies, please contact our Data Privacy Team using one of the methods below:
Liongard
Attn: Data Privacy
1301 Fannin, Ste. 2440
Houston, TX 77002
You may also contact the Data Privacy Team via our support email at compliance@liongard.com.
Categories of Data Subjects and Data Processed
Liongard collects data from users who join or engage with, the Liongard websites and products. The Liongard Privacy Policy describes the categories of data that Liongard may receive in this instance and how we protect that data. The types of data we may collect when you join or engage with, the Liongard website and products may include: (a) name, (b) postal address, (c) e-mail address, (d) telephone number, or any other information that is defined as personal or personally identifiable information under any applicable law or any other identifier by which you may be contacted online or offline. We may also use analytics, tracking, and marketing platforms to process data, including Google Analytics, Intercom, MixPanel, Beamer, and LinkedIn.
Additionally, Liongard serves in the role of a data processor for our customers. In this role, we may receive personally identifiable information of our customers, their employees, and their customers or other parties, including: (a) name, (b) postal address, (c) e-mail address, (d) telephone number, or any other information the Liongard products collect that is defined as personal or personally identifiable information under any applicable law or any other identifier by which you may be contacted online or offline.
Depending on which services you choose to use, Liongard may require additional information, such as a company name, billing information (including billing address, phone number, credit card information), a mobile telephone number, a physical mailing address, and/or payment information. Liongard may require information such as your social security number, or the equivalent, applicable tax ID, date of birth, bank account information and/or credit card information to verify your identity and provide this service to you.
Basis for Processing
Liongard processes data based on (a) consent of the user or customer; and (b) the necessity of the data for providing the services that users are contracting for when they become members of the Liongard websites and products. IF YOU DO NOT CONSENT TO THE PROCESSING OF YOUR DATA OR YOUR CUSTOMERS’ DATA IN ORDER TO ACCESS AND USE THE LIONGARD WEBSITES AND PRODUCTS, PLEASE DO NOT USE, OR ENGAGE WITH, THE LIONGARD WEBSITES OR PRODUCTS.
We offer our customers a GDPR-compliant Data Processing Addendum (DPA), enabling you to comply with GDPR contractual obligations.
Cross-Border Transfer
Data centers hosting Liongard’s data and our customers’ data, including user data, are located within the United States and the European Union. Accordingly, as an EU citizen, to access the services and content provided by Liongard, your data may be transferred outside of the EU. By using the Liongard websites and products, you consent to the cross-border transfer of your data to receive access to the Liongard websites and products.
Where sub-processors are located outside of the EU, Liongard confirms that such sub-processors: (i) are located in a third country or territory recognized by the EU Commission to have an adequate level of protection; or (ii) have entered into Model Contractual Clauses with Liongard; or (iii) have other legally recognized appropriate safeguards in place, such as the EU-US Privacy Shield or Binding Corporate Rules.
Data Subject Rights
We are happy to provide easy-to-access information via our website and customer support processes of an individual’s right to access any personal information that Liongard processes about them and to request information about:
Sub-Processors
We do not provide your data or your customers’ data to any third parties that do not require access to support our products and services. Third parties who may receive your data so that Liongard can provide services include our cloud infrastructure provider (Amazon Web Services).
All sub-processors who process personal data in the provision of the services to the customer must comply with the obligations of Liongard set out in our DPA.
Use of Data
Liongard measures and analyzes visits, engagement, and requests of content on our sites and software. This allows us to improve user experiences and scope of marketing communications for the user. In addition, we may process personal data for our customers as part of our suite of tools to perform cloud, network, and on-premise discovery, documentation, detection, and assessment services. These services include logging and monitoring of our customers’ data in IT environments, which may include personally identifiable information of users in our customers’ IT environments.
Data Retention
Liongard will retain customer information for as long as the customer account is active or as needed to provide services. If you no longer want Liongard to use your information to provide you services, you may follow the “Withdrawal of Consent/Erasure” provision below. After closing your account, Liongard will solely use your information as necessary to comply with any applicable legal obligations.
How We Protect Your Data
Liongard takes the privacy and security of individuals and their personal information very seriously and takes every reasonable measure to protect and secure the personal data that we process. We have information security policies and procedures in place to protect personal information from unauthorized access, alteration, disclosure or destruction.
We implement a variety of security measures and processes to protect your personal information. We offer the use of a secure server. All information you provide is transmitted via Transport Layer Security (TLS) and stored securely by our third-party providers. Only authorized personnel are allowed access to the data and required to keep the information confidential.
We commit to having physical and logical controls to ensure the information we collect is limited to authorized users only.
We also rely on you (our customers) to implement best practice IT security safeguards, including password protection and use of strong passwords for your account. We also assign our customers sole responsibility for the data quality, legality and accuracy, and assurance that they have obtained any and all necessary permissions and authorizations necessary to permit Liongard, its affiliates, and sub-processors, to execute their rights or perform their obligations under our DPA.
Withdrawal of Consent/Erasure
If, at any point, you no longer wish to have your personal data processed by Liongard, simply send an email to compliance@liongard.com with the phrase “consent withdrawn” or “erase” in the subject line. Your request should include your name, company name, email address and physical address. Liongard will move expeditiously to stop the processing of your personal data and to remove your personal data from its systems. Please understand that, without access to your personal data, Liongard may not be able to provide certain services.
Right to Correct, Access or Portability of Data and Associated Procedure
You have the right to have any inaccurate data corrected by a data controller or processor. You also have the right to request access to your data or request that Liongard makes your data portable. To request such action, you should send the request to compliance@liongard.com. Your request should include your name, company name, email address and physical address. Liongard will attempt to correct the data or to provide you your data in a simplistic and easily readable format as quickly as possible but in no more than thirty (30) days.
Last updated: November 19th, 2024
To protect the privacy of our customers’ personal information in their use of our Software-as-a-Service offerings (“SaaS Offerings”), Liongard complies with the EU-U.S. Data Privacy Framework, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (DPF), as established by the United States Department of Commerce (collectively referred to as the “Governing Framework Principles”). The Governing Framework Principles govern the collection, use, and retention of personal information received by Liongard through its SaaS Offerings, that is transferred from the European Union (EU), Switzerland, and the United Kingdom (UK), including Gibraltar, to the United States (US). In the event of a conflict between the terms in this policy and Governing Framework Principles, the Governing Framework Principles govern.
Liongard is currently in the process of obtaining certification from the U.S. Department of Commerce and adheres to the Governing Framework Principles. To maintain Liongard’s commitment to the privacy standards under the Governing Framework Principles, Liongard will re-certify annually with the U.S. Department of Commerce. To learn more about the Governing Framework Principles, and to view Liongard’s certification, please visit https://www.dataprivacyframework.gov.
Contact Us:
Liongard
Attn: Data Privacy
4201 Main St.
Suite 200-102
Houston, TX 77002
You may also contact the Data Privacy Team via our support email at compliance@liongard.com.
Amazon AWS EU Data Protection information: https://aws.amazon.com/compliance/eu-data-protection/
HubSpot Data Privacy: https://legal.hubspot.com/data-privacy
Google Analytics/Google Data Protection: https://privacy.google.com/businesses/compliance/
Intercom GDPR Compliance: https://www.intercom.com/terms-and-policies#eu-us
Highlight Compliance & Security: https://www.highlight.io/docs/general/company/compliance-and-security
LinkedIn GDPR Compliance: https://privacy.linkedin.com/gdpr
Liongard Privacy Policy: https://www.liongard.com/privacy-policy/