LAST UPDATED—May 29, 2019
Quality Validation Associates (“QVA”) cares about your privacy. For this reason, we collect and use personal data only as it might be needed for us to deliver to you our services and website.
If at any time you have questions about our practices or any of your rights described below, you may reach us at firstname.lastname@example.org.
We comply with the European/U.S. Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of Personal Data from European Economic Area (“EEA”) member countries.
Welcome to Quality & Validation Associates! We are a GMP/ISO consultant company doing business under the California corporation known as Quality & Validation Associates, Inc., with its principal place of business at 1537 4th Street #167, San Rafael, California 94901 in the United States (“QVA,” “us,” “we” or “our”). We are a company dedicated to helping manufacturing companies with GMP and ISO systems, audits and training.
QVA’s services are presented online on the Quality & Validation website. Services include, without limitation, quality management systems, ISO/GMP audits, ISO/GMP training, and GMP Validations, and are collectively referred to as our “Services”.
If you are resident in the EEA or Switzerland, Quality & Validation Associates, Inc. is the responsible party with respect to Personal Data collected through the Services.
If you have any questions or concerns at any time, please do not hesitate to contact us at email@example.com or the mailing address below.
We collect information so that we can provide the best possible experience when you utilize our Services. Much of what you likely consider personal data is collected directly from you when you:
(1) Request assistance from us; or
(2) Complete contact forms or request information from us;
The Personal Data we may collect includes, without limitation:
- Your name
- Your address
- Your phone number
- Your email address
- Any other information that enables Users to be personally identified
We may also collect additional information when delivering our Services to you to ensure necessary and/or optimal service. These methods of collection may not be as obvious to you, so we wanted to highlight and explain below a bit more about what these might be (as they vary from time to time) and how they work:
Data about usage of Services is automatically collected when you use and interact with our Services, including metadata, log files, cookie/device IDs and location information. This information includes specific data about your interactions with the features, content and links (including those of third-parties, such as social media plugins) contained within the Services, Internet Protocol (IP) address, browser type and settings, the date and time the Services were used, information about browser configuration and plugins, language preferences and cookie data, information about devices accessing the Services, including type of device, what operating system is used, device settings, application IDs, unique device identifiers and error data, and some of this data collected might be capable of and be used to approximate your location.
If you provide us personal information about others, or if others give us your information, we will only use that information for the specific reason for which it was provided to us.
We strongly believe in both minimizing the data we collect and limiting its use and purpose to only that (1) for which we have been given permission, (2) as necessary to deliver the Services you purchase from QVA, or (3) as we might be required or permitted for legal compliance or other lawful purposes.
We will likely contact you directly regarding services you have purchased from us, such as necessary to deliver transactional or service-related communications. We may also contact you with offers for additional services we think you’ll find valuable if you give us consent, or where allowed based upon legitimate interests. You don’t need to provide consent as a condition to purchase our services. These contacts may include:
- Text (SMS) messages
- Telephone calls
If we have collected your email to receive our e-newsletter or other pertinent information, you may also update your subscription preferences with respect to receiving said communications from us by unsubscribing through the link at the bottom of each email you receive from us or by requesting to do so by emailing us directly (see Contact Info below).
We may use your Personal Data for internal business purposes, including without limitation, to help us improve the content and functionality of the Services, to better understand our Users, to improve the Services, to create targeted offers (such as Facebook or Google ads), to protect against, identify or address wrongdoing, to provide you with customer service, and to generally manage the Services and our business.
Where it is in accordance with your marketing preferences, we may use your Personal Data to contact you in the future for our marketing and advertising purposes, including without limitation, to inform you about services or events we believe might be of interest to you, to develop promotional or marketing materials and provide those materials to you, and to display content and advertising regarding Services that we believe might be of interest to you. See “Opt Out from Electronic Communications” below on how to opt out of QVA’s marketing communications.
We are not in the business of selling any Personal Data as we consider this information to be a vital part of our relationship with you. Therefore, we will not sell your Personal Data to third parties, including third party advertisers.
We may share your Personal Data with our contractors and service providers who process Personal Data on behalf of QVA to perform certain business-related functions. These companies may include our marketing agency, webmaster, email service provider and others. When we engage another company to perform such functions, we may provide them with information, including Personal Data, in connection with their performance of such functions.
You can ask us to correct, update or delete any Personal Data that we may have of yours. We will consider and respond to all requests in accordance with applicable law.
Personal Data obtained by us through any email address based opt in offer, is maintained by a third party email service provider. Should you request that we correct, update or delete your Personal Data held on their servers, we agree to use our best efforts to notify the email service provider and direct them to correct, update or delete your Personal Data.
We do not retain any Personal Data within any QVA website database. Personal Data will only reside on the personal computers of the QVA owner or in our company email marketing service. You may request that we remove, or assist you in removing, your Personal Data from any third party site, however we are not responsible for third party websites so you may need to contact the third party website to be removed. Even if we delete your Personal Data, it may persist on backup or archival media for an additional period of time for legal, tax or regulatory reasons or for legitimate and lawful business purposes.
We may use a technology commonly known as a “cookie,” which is a small data file our server places on your computer or mobile device to recognize your device and provide personalized features and advertisements. Cookies are widely used by website owners in order to make their websites work, or to work more efficiently, as well as to provide reporting information. Through cookies, we are able to collect information that we use to improve our website, improve your overall experience, and personalize your experience and advertisements.
For example, through cookies, we can keep count of return visits to our website or our advertisers’ or partners’ websites, collect and report on aggregate statistical information, authenticate your login credentials, and manage multiple instances of our website in a single browser.
We may also collect other data through cookies, such as the page or website that referred you to us, the date and time you visited us, and your current IP address. The cookies we place on your hard drive are known as “first-party cookies” and any cookies placed by third parties are called “third party cookies.” Third party cookies enable third party features or functionality to be provided on or through the website (e.g., advertising, interactive content and analytics). The parties that set these third party cookies can recognize your computer both when it visits the website in question and also when it visits certain other websites.
We also may collect information through the use of “pixel tags” on our websites and in e-mail messages we may send to you that may be placed by us or third parties with whom we partner. “Pixels,” also known as “Web beacons,” are tiny graphic files or code snippets, not visible to the human eye, that can be included in HTML-encoded e-mail messages and web pages.
When such a message is opened in an HTML-capable e-mail program, the recipient’s computer or device will communicate with our server to retrieve the pixel tag file, allowing us to record and store, along with the recipient’s e-mail address, the date and time the recipient viewed the e-mail message, the fact that the recipient’s e-mail client is capable of receiving HTML-encoded e-mail, and other standard logging information. The pixel tag may also see or read cookies. We may use pixel tags in order to measure and understand traffic better, improve site performance, track visitor behavior to improve user experience, and for tracking promotional and marketing campaign response, among others.
You have several choices available when it comes to your Personal Data:
You can browse the Services without providing any Personal Data (other than Automatic Data to the extent it is considered Personal Data under applicable laws) or with limiting the Personal Data you provide. If you choose not to provide any Personal Data or limit the Personal Data you provide, you may not be able to use certain functionality of the Services.
Where it is in accordance with your marketing preferences, QVA may send you electronic communications marketing or advertising the Services themselves. You can also “opt out” of receiving these electronic communications by clicking on the “Unsubscribe” link at the bottom of any such electronic communication. In addition, you may also manage your email preferences at any time by emailing us at the email indicated in Contact Info below.
We currently do not participate in any “Do Not Track” frameworks that would allow us to respond to signals or other mechanisms from you regarding the collection of your Personal Data.
Our website may contain links to other websites not operated or controlled by us (the “Third Party Sites”). The policies and procedures we described here do not apply to the third party sites. The links from the Services do not imply that we endorse or have reviewed the third party sites. We suggest contacting those sites directly for information on their privacy policies.
Notice to California Residents: As Provided by California Civil Code section 1798.83, a California resident who has provided Personal Data, as defined under California Civil Code section 1798.83, to a business with whom he/she has established a business relationship for personal, family, or household purposes (a “California Customer”) may request information about whether the business has disclosed personal information to any third parties for the third parties’ direct marketing purposes. In general, if the business has made such a disclosure of Personal Data, upon receipt of a request by a California Customer, the business is required to provide a list of all third parties to whom Personal Data was disclosed in the preceding calendar year, as well as a list of the categories of Personal Data that were disclosed. California Customers may request further information about our compliance with this law by e-mailing us at the email address indicated in the Contact Info section below. Please note that we are required to respond to one request per California Customer each year, and we are not required to respond to requests made by means other than through this email address.
For Personal Data we receive from the EEA, Quality & Validation, Inc. (DBA Quality & Validation Associates) fully intends to comply to the EU-US Privacy Shield as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data from the European Union countries.
If you have a complaint about QVA privacy practices you should write to us at:
1537 4th Street #167, San Rafael, CA 94901 USA, or by email at firstname.lastname@example.org. We will take reasonable steps to work with you to attempt to resolve your complaint.
In May 2018, a new data privacy law known as the EU General Data Protection Regulation (or the “GDPR”) became effective. The GDPR requires us to provide Users with more information about the processing of their Personal Data.
Here is what you need to know:
The GDPR requires us to tell you about the legal ground we’re relying on to process any Personal Data about you. The legal grounds for us processing your Personal Data for the purposes set out above will typically be because:
- you provided your consent; and
- to provide you with customer service.
As our corporation operates in the U.S., we may need to transfer your Personal Data outside of the country from which it was originally provided. This may be intra-group or to third parties that we work with who may be located in jurisdictions outside the EEA, Switzerland and the UK, which have no data protection laws or laws that are less strict compared with those in Europe. Whenever we transfer Personal Data outside of the EEA, Switzerland or the UK, we take legally required steps to make sure that appropriate safeguards are in place to protect your Personal Data.
We retain your Personal Data for as long as necessary to provide you with our Services.
Data protection law provides you with rights in respect of Personal Data that we hold about you, including the right to request a copy of the Personal Data, request that we rectify, restrict or delete your Personal Data, object to profiling and unsubscribe from marketing communications.
As we do not maintain a Customer database on our website, it is not possible to log in and visit your account page. If you need assistance or have a question regarding your Personal Data, please contact us at the email address indicated in Contact Info below. Please note that requests to exercise data protection rights will be assessed by us on a case-by-case basis. There may be circumstances where we are not legally required to comply with your request because of the laws in your jurisdiction or because of exemptions provided for in data protection legislation.
If you have a complaint about how we handle your Personal Data, please contact us to explain. If you are not happy with how we have attempted to resolve your complaint, you may contact the relevant data protection authority.
EU data protection law makes a distinction between organizations that process Personal Data for their own purposes (known as “data controllers”) and organizations that process Personal Data on behalf of other organizations (known as “data processors”). If you have a question or complaint about how your Personal Data is handled, these should always be directed to the relevant data controller since they are the ones with primary responsibility for your Personal Data.
We may act as a data controller, but never a data processor, in respect of your Personal Data, depending on the circumstances.