IRI Global Privacy Policy

Download Global Privacy Notice (PDF)  

Revised September 25, 2018

As the world around us grows more interconnected and technology-driven, protecting the proliferation of data that exists about each of us has become an important mission. Individuals expect companies to protect their personal information and to use and share such information in ways that are fair and ethical.

This Global Data Privacy Policy (the “Privacy Policy”) provides Information Resources, Inc. (“IRI”) and its subsidiaries (collectively, “IRI”, the “Company”, “we”, or “us”) a uniform process for governing the standards, procedures, and controls related to data privacy, while ensuring the proper implementation and maintenance of appropriate controls. This Privacy Policy applies to IRI, including all business units, departments, personnel, thirdparties and other service providers (non-employees) having a contractual arrangement with IRI that handle personal data.

Any questions concerning the material presented in this document can be addressed to the contacts listed below. General inquiries may also be submitted through the IRI privacy inbox, which can be found at Privacy.Officer@IRIWorldWide.com

Legal Department +1 312-474-8355 General.Counsel@IRIWorldWide.com
Privacy Office & Data Protection Officer +1 312-474-2662 Privacy.Officer@IRIWorldWide.com
Information Security Office +1 312-474-2865 InfoSecTeam@IRIWorldWide.com

IRI’s Global Code of Conduct

IRI’s Information Security Policy

IRI’s Privacy Shield Notice

IRI’s GDPR Privacy Notice

Various internal policies and procedures

IRI assesses privacy implications while developing its products and services and incorporates appropriate privacy protections and data minimization techniques. IRI takes into account the privacy principles and regulations that may apply in a certain jurisdiction (for instance the GDPR in Europe) or by industry.

In many jurisdictions organizations are required to establish a lawful basis for their use of personal data. IRI has established different lawful bases for different types of processing. In almost all cases, IRI’s basis for processing personal data will be Legitimate Interest, Performance of a Contract, or Consent.

Legitimate Interests. IRI may process personal data based on a legitimate interest in performing market research or other marketing services because the benefits of improving services to existing clients and offering services to new clients would likely outweigh the risk of any harm.

Performance of a contract. Many of IRI’s services are engaged in on the basis of a contract. IRI’s clients engage us contractually in order to perform analytics, offer access to data through our platforms, and to manage CRMs and panels on the client’s behalf.

Consent. IRI typically acts as a data processor, or service provider, to organisations known as data controllers. IRI relies on consent obtained by the data controller because it has a direct relationship with the individual and obtains consent.

IRI is committed to complying with applicable laws regarding the collection of data about children.

IRI has invested in and implemented a series of controls to ensure that personal information is maintained according to our overarching principles of confidentiality, integrity, and availability. Personal Information is housed in physically and electronically secure facilities with protections against intrusion. Protections include extensive physical security, multiple layers of firewalls, and intrusion detection at the network and host level. Additionally, systems, servers and networks are encrypted to prevent loss or unauthorized modification of data.

IRI GDPR Notice

Effective May 25, 2018

Information Resources, Inc. and its subsidiaries (collectively referred to as "IRI", the “Company”, "we", or "us") takes its data protection and privacy responsibilities under the General Data Protection Regulation ("GDPR") seriously.

This privacy notice explains how we collect, use and share personal information in the course of the business activities of our EU companies, and those of our non-EU companies which relate to the offering of goods and services to, or the monitoring of, individuals in the EU.

  • What personal information we collect and when and why we use it.
  • How we share personal information within IRI and with our service providers, regulators and other third parties
  • Explaining more about Direct Marketing. Profiling, and Automated Decision Making
  • Transferring personal information globally
  • How we protect and store personal information
  • Legal rights available to help manage your privacy
  • How you can contact us for more support

We may amend this notice from time to time to keep it up to date with legal requirements and the way we operate our business. Please regularly check these pages for the latest version of this notice.

You might find external links to third party websites on our website. This privacy notice does not apply to your use of any third party site.

Important information about IRI:
The IRI entity responsible for your personal information will be the IRI company that originally collects information from or about you. This will often be apparent from the context - for example, if you represent an IRI customer and are used to dealing with our local affiliate in (for example) the UK or Italy. This may also be explained in separate notices made available when your personal information are first collected by that IRI entity, for example where you or the business you work for engages us to provide a service.

You can find out more about IRI at www.iriworldwide.com or by contacting us using the information in the contact us section.

In this section you can find out more about

  • the types of personal information we collect
  • when we collect personal information
  • how we use personal information
  • the legal basis for using personal information

We collect information about you if you:

  • use our websites;
  • do business with us as a representative of one of our customers or suppliers;
  • apply for a position with IRI - in which case, you should refer to our separate privacy notices for applicants
  • contact us with any form of query or complaint;
  • visit an IRI office or site;
  • subscribe to marketing communications from us; or attend an IRI event, collectively ("you").

We also process personal information on behalf of our customers when we provide our services to them.

When we do this, we act as a "data processor" under relevant data protection laws, whilst our customer (or potentially a third party) will be the relevant "data controller". If you have concerns or questions about our processing of your personal information in the contexts of IRI's services, you should contact our customer. Please note that if you contact us directly, we may need to disclose your request to the relevant customer.

Depending on the context in which we interact with you, the information we collect is likely to include:

  • your name;
  • your contact details;
  • profile / log-in details;
  • your marketing preferences;
  • CCTV images or identification details (such as in a visitor signing-in book) which may be captured if you visit an IRI office or site;
  • any other personal information you provide in correspondence with us, for example where this is relevant to a complaint or query.

Through your use of our websites, we will also collect information - such as IP address and browser generated information (browser type, operating system), as well as information about your browsing session. We do not use this information to identify you as an individual, but in order to tailor or enhance your browsing experience, or in aggregate with data of other users for statistical purposes.

Your personal information will be used for the purposes listed in the table below. We will only collect, use and share your personal information where we are satisfied that we have an appropriate legal basis to do this. We have also described the legal bases which we rely in the table. The legal basis we rely upon will impact which rights you have in relation to your personal information (see section below for more details):

Purpose Legal Basis
Market our products and services Legitimate interest in contacting customers and potential customers to promote our products and services; or (where required by law) Consent.
Interact with you at events. Legitimate interest in networking with business contacts and promoting our products and services.
Do business with our partners and suppliers (for example, maintaining CRM records, contacting you about your business with IRI, invoicing). Legitimate interest in contacting our partners and suppliers; or Compliance with a legal obligation.
Resolve customer queries and complaints Legitimate interest in resolving queries and complaints; or Compliance with a legal obligation.
Provide you with access to all parts of our websites, personalize your experience on our websites, and ultimately improve the functionality of the websites for the benefit of all users. Legitimate interest in providing an enhanced, customer friendly website by understanding how our website is used.
Manage recruitment. Legitimate interest in selecting appropriate candidates and Consent directly from the applicant to retain data for future opportunities. Please refer to our separate applicant privacy notices
Protect our employees and guarantee the security and safety of our sites. Legitimate interest in protecting our employees and preventing crime; or Compliance with a legal obligation.
Process hashed or pseudonymized loyalty card numbers, loyalty transaction data, and survey panelist personal data on behalf of our clients in the capacity of a Data Processor. Performance of a contract with our clients and Consent obtained by our client’s acting as Data Controllers.

In this section you can find out more about how we share personal information:

  • within IRI
  • with third parties that help us provide our products and services; and
  • our regulators; and other third parties.

We share your information in the manner and for the purposes described below:

  • within IRI, where such disclosure is necessary to provide our customers with our services or to manage our business;
  • with third parties who help manage our business and deliver services. These third parties have agreed to confidentiality restrictions and use any personal information we share with them or which they collect on our behalf solely for the purpose of providing the contracted service to us. These include IT service providers who help manage our IT and back office systems, marketing automation providers and events companies;
  • with our regulators, such as data protection supervisory authorities, to comply with all applicable laws, regulations and rules, and requests of law enforcement, regulatory and other governmental agencies.
  • we may share in aggregate, statistical form, non-personal information regarding the visitors to our website, traffic patterns, and website usage with our partners, affiliates or advertisers.
  • If, in the future, we sell or transfer some or all of our business or assets to a third party, we may disclose information to a potential or actual third party purchaser of our business or assets.

In this section you can find out more about

  • how we use personal information to keep you up to date with our products and services.
  • how you can manage your marketing preferences
  • when and how we undertake profiling and analytics
  • when and how we carry out automated decision making

We may use personal information to let you know about IRI products and services that we believe will be of interest to you. We may contact you by email, post, or telephone or through other communication channels that we think you may find helpful. In all cases, we will respect your preferences for how you would like us to manage marketing activity with you.

To protect privacy rights and to ensure you have control over how we manage marketing with you:

  • we will take steps to limit direct marketing to a reasonable and proportionate level and only send you communications which we believe may be of interest or relevance to you;
  • you can ask us to stop direct marketing at any time - you can ask us to stop sending email marketing, by following the 'unsubscribe' link you will find on all the email marketing messages we send you.
  • Alternatively you can contact us at Privacy.Officer@IRIWorldWide.com. Please specify whether you would like us to stop all forms of marketing or just a particular type (eg email); and
  • you can change the way your browser manages cookies, which may be used to deliver online advertising, by following the settings on your browser.
  • We recommend you routinely review the privacy notices and preference settings that are available to you on any social media platforms as well as your preferences within your IRI account.

In this section you can find out more about:

  • how we operate as a global business and transfer data internationally.
  • the arrangements we have in place to protect your personal information if we transfer it overseas.

IRI operates on a global basis. Accordingly, your personal information may be transferred and stored in countries outside of the EU, including in particular in the United States of America, that are subject to different standards of data protection. IRI will take appropriate steps ensure that transfers of personal information are in accordance with applicable law and carefully managed to protect your privacy rights and interests and transfers are limited to countries which are recognized as providing an adequate level of legal protection or where we can be satisfied that alternative arrangement are in place to protect your privacy rights.. To this end,:

  • transfers to IRI in the United States are covered by the EU-US Privacy Shield Scheme. More information about our adherence to this scheme and the rights available to you under the Scheme can be found in our Privacy Shield Notice;
  • where we transfer your personal information outside IRI or to third parties who help provide our products and services, we obtain contractual commitments from them to protect your personal information. Some of these assurances are well recognized certification schemes like the EU - US Privacy Shield or contractual mechanisms such as the Standard Contractual Clauses; or
  • where we receive requests for information from law enforcement or regulators, we carefully validate these requests before any personal information are disclosed

You have a right to contact us at Privacy.Officer@IRIWorldWide.com for more information about the safeguards we have put in place (including a copy of relevant contractual commitments) to ensure the adequate protection of your personal information when this is transferred as mentioned above.

In limited circumstances, transfers of your personal information may be based on context specific derogations which permit transfers in the absence of safeguards, such as where a transfer is necessary for the establishment, exercise or defense of legal claims

Security

We have implemented and maintain appropriate technical and organisational security measures, policies and procedures designed to reduce the risk of accidental destruction or loss, or the unauthorised disclosure or access to such information appropriate to the nature of the information concerned. Measures we take include placing confidentiality requirements on our staff members and service providers; limiting access to personal information; and destroying or securely restricting or anonymising personal information if it is no longer needed for the purposes for which it was collected. As the security of information depends in part on the security of the computer you use to communicate with us and the security you use to protect (where relevant) user names and passwords please take appropriate measures to protect this information.

Storing your personal information

We will store your personal information for as long as is reasonably necessary for the purposes for which it was collected, as explained in this notice. In some circumstances we may store your personal information for longer periods of time, for instance where we are required to do so in accordance with legal, regulatory, tax, accounting requirements.

In specific circumstances we may store your personal information for longer periods of time so that we have an accurate record of your dealings with us in the event of any complaints or challenges, or if we reasonably believe there is a prospect of litigation relating to your personal information or dealings.

Subject to certain exemptions, and in some cases dependent upon the processing activity we are undertaking, you have certain rights in relation to your personal information. More detailed information about your rights is included further below.

Please note that, as explained above, we do not legally control personal information which we process in the context of providing services to our customers. Consequently, if you wish to exercise any rights in respect of this information, you should contact our customer, who will work with us to ensure that your rights are satisfied.

  • The rights potentially available to you are:
  • To access personal information
  • To rectify / erase personal information
  • To restrict the processing of your personal information
  • To transfer your personal information
  • To object to the processing of personal information
  • To object to how we use your personal information for direct marketing purposes
  • To obtain a copy of personal information safeguards used for transfers outside your jurisdiction
  • To lodge a complaint with your local supervisory authority

We may ask you for additional information to confirm your identity and for security purposes, before disclosing the personal information requested to you. We reserve the right to charge a fee where permitted by law, for instance if your request is manifestly unfounded or excessive.

You can exercise your rights by contacting us at Privacy.Officer@IRIWorldWide.com. Subject to legal and other permissible considerations, we will make every reasonable effort to honour your request promptly or inform you if we require further information in order to fulfil your request.

We may not always be able to fully address your request, for example if it would impact the duty of confidentiality we owe to others, or if we are legally entitled to deal with the request in a different way.

Right to access personal information

You have a right to request that we provide you with a copy of your personal information that we hold and you have the right to be informed of; (a) the source of your personal information; (b) the purposes, legal basis and methods of processing; (c) the data controller’s identity; and (d) the entities or categories of entities to whom your personal information may be transferred.

Right to rectify or erase personal information

You have a right to request that we rectify inaccurate personal information. We may seek to verify the accuracy of the personal information before rectifying it.

You can also request that we erase your personal information in limited circumstances where:

  • it is no longer needed for the purposes for which it was collected; or
  • you have withdrawn your consent (where the data processing was based on consent); or
  • following a successful right to object (see right to object); or
  • it has been processed unlawfully; or
  • to comply with a legal obligation to which IRI is subject

We are not required to comply with your request to erase personal information if the processing of your personal information is necessary:

  • for compliance with a legal obligation; or
  • for the establishment, exercise or defence of legal claims;

Right to restrict the processing of your personal information

You can ask us to restrict your personal information, but only where:

  • its accuracy is contested, to allow us to verify its accuracy; or
  • the processing is unlawful, but you do not want it erased; or
  • it is no longer needed for the purposes for which it was collected, but we still need it to establish, exercise or defend legal claims; or
  • you have exercised the right to object, and verification of overriding grounds is pending.

We can continue to use your personal information following a request for restriction, where:

  • we have your consent; or
  • to establish, exercise or defend legal claims; or
  • to protect the rights of another natural or legal person.

Right to transfer your personal information

You can ask us to provide your personal information to you in a structured, commonly used, machine readable format, or you can ask to have it transferred directly to another data controller, but in each case only where:

  • the processing is based on your consent or on the performance of a contract with you; and
  • the processing is carried out by automated means.

Please note that it is unlikely that we will carry out processing as a data controller which comes within the scope of this right, except potentially in relation to data processed for direct marketing purposes.

Right to object to the processing of your personal information

You can object to any processing of your personal information which has our legitimate interests as its legal basis, if you believe your fundamental rights and freedoms outweigh our legitimate interests.

If you raise an objection, we have an opportunity to demonstrate that we have compelling legitimate interests which override your rights and freedoms.

Right to object to how we use your personal information for direct marketing purposes

You can request that we change the manner in which we contact you for marketing purposes.

You can request that we not transfer your personal information to unaffiliated third parties for the purposes of direct marketing or any other purposes.

Right to obtain a copy of personal information safeguards used for transfers outside your jurisdiction

You can ask to obtain a copy of, or reference to, the safeguards under which your personal information is transferred outside of the European Union.

We may redact data transfer agreements to protect commercial terms.

Right to lodge a complaint with your local supervisory authority

You have a right to lodge a complaint with your local supervisory authority if you have concerns about how we are processing your personal information.

We ask that you please attempt to resolve any issues with us first, although you have a right to contact your supervisory authority at any time.

CONTACT US

The primary point of contact for all issues arising from this privacy notice, is our Global Data Protection Officer, who can be contacted at: Privacy.Officer@IRIWorldWide.com

If you have any questions, concerns or complaints regarding our compliance with this notice and the data protection laws, or if you wish to exercise your rights, we encourage you to contact us first. We will investigate and attempt to resolve complaints and disputes and will make every reasonable effort to honour your wish to exercise your rights as quickly as possible and in any event, within the timescales provided by data protection laws.

To contact your data protection supervisory authority

You have a right to lodge a complaint with your local data protection supervisory authority (i.e. your place of habitual residence, place or work or place of alleged infringement) at any time. We ask that you please attempt to resolve any issues with us before your local supervisory authority.

IRI US Privacy Notice

Effective January 2020

This privacy notice explains how Information Resources, Inc. (“IRI”, “we”, “our” or “us”) collects, uses, and shares information in the course of our United States business activities, including the offering of goods and services to businesses, and the processing of data about individuals in the U.S.

This privacy notice supplements the information contained in the IRI Global Privacy Policy and its affiliated processes and procedures. This notice is intended to comply with U.S. privacy laws. Any terms defined in the CCPA have the same meaning when used in this notice.

We receive deidentified information about individuals and households from third parties, including retailers, data partners, manufacturers, and U.S. data providers (“Data Providers”). In some cases, we use third parties, like Experian and LiveRamp, to link data from these Data Providers into an IRI internal dataset, all of which remains deidentified to IRI (“US Consumer Data”).

We utilize the US Consumer data, along with our consulting services and technology products, to provide our business clients with insights into the purchasing behavior and preferences of their consumers.

We do not collect, process, sell, or disclose directly identifiable information such as real names, account numbers, social security numbers, or personal contact information.

The consumer data we collect and maintain is generally de-identified data, and includes:

  • Identifiers, such as [a unique identifier that we assign, or that is assigned by our data providers; we are not able to associate this identifier is name, contact information or other directly identifying or identifiable data];
  • Commercial information, including records of products or services purchased or considered;
  • Internet and other electronic activity information;
  • Inferences drawn from the above that reflect preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, or aptitudes. 2
  • We may work with third party providers, such as Experian and LiveRamp, to de-identify and enhance the consumer information we collect or to help us reach individuals with more relevant online advertising on behalf of our customers. These third-party providers may be able to identify a consumer; however, IRI is not.

While the consumer information we collect may be associated with unique identifier (a “pseudonym”), we are not able to nor do we take steps to identify you from this information, and we have implemented safeguards to prevent us from re-identifying this consumer information.

We may use or disclose the information we collect for one or more of the following business purposes:

IRI Lift and Measurement Services

IRI measurement services help our clients understand the effectiveness of their advertising content. These services require that we work with our Data Providers, publishers, and advertising agencies to analyze exposure data (data that shows whether a deidentified media user encountered or engaged with an advertisement) by linking purchase behavior from the US Consumer Data with the exposure data.

The exposure data is collected by Data Providers using technology that gathers information about the advertising content the device identifiers associated with a household is exposed to. The IRI Lift and Measurement Services produce reports that contain aggregated data only and do not identify individuals or households.

IRI Audiences

IRI Audiences utilize the US Consumer Data to create and offer segmentation services. These services include groupings of households that exhibit certain behaviors, either observed from the US Consumer Data or modeled by IRI, that can help our clients deliver more relevant and insightful advertisements without utilizing additional directly identifiable information about a household.

The audience that we create is deidentified and no one at IRI can directly identify an individual or household from within the audience. To activate an audience, our clients utilize a third party, like LiveRamp, to match unique IRI IDs to the device IDs of the ad recipient.

Other IRI Products and Services

We utilize the US Consumer Data in other products, including but not limited, to Gateways, Shopper Loyalty, and ProScores. These IRI products utilize and produce deliverables that are completely deidentified or aggregated and do not involve the third-party linkage of exposure data or household IDs.

The California Consumer Privacy Act (the “CCPA”) provides consumers (California residents) with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.

Opt-Out of the Sale of Personal Information

California residents have the right to opt out of the sale of their personal information As defined by the CCPA, we may sell deidentified information when we create an audience for targeted advertising. But because IRI never holds directly identifiable information about a consumer or household we are unable to opt a consumer or household out of the sale of this deidentified information.

If you would like to opt out of targeted advertising, you should opt out directly with the retailers and other first party data collectors that you interact with. You may opt out of targeted advertising directly with LiveRamp by visiting the LiveRamp privacy page found here: https://liveramp.com/opt_out/

You can learn more about online advertising and opt out of interest-based advertising from online advertising companies that are also members of applicable self-regulatory organizations by visiting their opt-out links below.

  • Network Advertising Initiative (NAI) – http://optout.networkadvertising.org/
  • Digital Advertising Alliance (DAA) – http://optout.aboutads.info/
  • DAA AppChoices page – http://www.aboutads.info/appchoices

Deletion of Personal Information

California residents also have the right to request the deletion of personal information that a business has collected from them and retained, subject to certain exceptions. Because IRI only collect deidentified information, we are unable to delete this deidentified information. Consumers should direct requests for deletion to the retailers and first party data collectors that they interact with.

Access to Personal Information

California residents also have the right to request disclosure of personal information collected about them.

Again, because IRI only collects deidentified information about consumers and households, we are unable to respond to consumer requests for access to their personal information.

We reserve the right to amend this privacy notice at our discretion and at any time. When we make changes to this privacy notice, we will notify you by email or through a notice on our website homepage.

If you have any questions or comments about this notice, our Global Privacy Policy, the ways in which we collect and use information, your choices and rights regarding such use, or wish to exercise your rights, please do not hesitate to contact us at:

Phone: 312.762.1221
Website: www.IRIWorldWide.com
Email: Privacy@IRIWorldWide.com
Postal Address: 150 N Clinton, St. Chicago, IL 60661
Attn: Privacy Office

IRI Privacy Shield Notice

Effective May 25, 2018

This Privacy Shield Notice (the “Privacy Notice”) applies to Information Resources, Inc. (“IRI”) and all of its global subsidiaries (collectively referred to as "IRI", the “Company”, "we", or "us").

IRI complies with the EU-U.S. and the Swiss-US Privacy Shield Framework (the “Frameworks”) regarding the collection, use, and retention of Personal Information in order to provide adequate safeguards for the transfer of personal information to the United States from the European Economic Area (“EEA”) and Switzerland. IRI adheres to the principles of the Frameworks (“Principles”) with respect to personal data submitted by IRI`s clients for processing and IRI employee data (collectively “Personal Information”).

Specifically, IRI certifies compliance with the Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability. If there is any conflict between the Privacy Notice and the Privacy Shield Principles, the Privacy Shield Principles shall govern. IRI’s Privacy Shield certifications applies to Information Resources, Inc.

If there is any conflict between this Policy and the Principles, the Principles will govern. To learn more about the Frameworks please visit www.privacyshield.gov. You can view our certification at www.privacyshield.gov/list

IRI’s services may involve processing personal data we receive from our client’s shopper loyalty programs, customer relationship management databases, and shopper survey panels. When IRI provides products or services for data analysis for our clients relating to shopper purchasing behaviour, the shopper data IRI receives is typically provided using a loyalty or other program identifier number, not a data subject’s name. That number is assigned a unique identifier. This process is called pseudonymization and is one of the most secure ways to separate sensitive elements from a personal data set.

When IRI provides CRM tools or provides Customer Data for use with CRM tools, we are typically processing data our customer has provided and instructed us to process on their behalf. If IRI manages a CRM directly, we are committed to protecting Data Subject rights.

IRI may also process personal data pursuant to various agreements with our clients. Our services may be deployed on-demand or on-site, and clients may also engage us for professional services and customer support. To fulfil our contractual obligations, IRI may access Customer Data to provide services, to correct and address technical or service problems, to follow instructions of the customer who submitted the data, or in response to contractual requirements.

When providing services to its business customers pursuant to contracts, IRI also collects personal data such as names, business titles, email addresses, and contact information login credentials, IP addresses, and information about how and when they use our services. IRI also has the personal data of its own employees.

IRI also processes employee data and the data of individuals who apply for employment with IRI. IRI must maintain the personal data of its employees in order to evaluate employee performance, process payroll, administer bonuses and process benefits claims. Third party vendors may be involved in these processes. For instance, IRI uses payroll software vendors in many countries, it uses the services of insurance companies to provide health and life benefits to its employees and it may provide retirement benefits through a third party.

IRI may store and process personal data in the United States or any other country in which IRI or its subsidiaries, affiliates or service providers maintain facilities. If you are located in the European Union or other regions with laws governing data collection and use that may differ from U.S. law, please note that we may transfer information, including personal information, to a country and jurisdiction that does not have the same data protection laws as your jurisdiction, and you consent to the transfer of information to the U.S. or any other country in which we or our parent, subsidiaries, affiliates or service providers maintain facilities and the use and disclosure of information about you as described in this Privacy Policy.

IRI may provide personal data to third parties and vendors that act as agents, business partners, consultants, and contractors to perform tasks on behalf of and under our instructions such as technical support, client education, billing, analytics, and communication. Such Third Parties must agree to use such personal data only for the purposes for which they have been engaged by IRI.

IRI recognizes potential liability in cases of onward transfer to third parties. IRI will not transfer any personal information to a third-party without first ensuring that the third-party adheres to the Privacy Shield principles.

IRI may be required to disclose Customer or HR Data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

IRI employs procedural and technological measures that are reasonably designed to help protect Customer Data from loss, unauthorized access, disclosure, alteration, or destruction. For example, among other measures, we have implemented physical security measures at our premises (e.g., key cards) and we have established technical safeguards such as firewalls and security patches. However, despite our efforts, please be aware that no data security measures can guarantee security.

If you are an individual based in the EU or Switzerland and we process your personal data for our own purposes, you may request access to your personal data. You also have the right to update, correct or delete your personal data. Also, the Frameworks require that participants offer data subjects a choice to opt out of uses and disclosures of their data that are materially different from the purposes for which that data was originally collected or subsequently authorized. Individuals who would like to access their personal information may contact us via our website under the Privacy tab or by emailing IRI’s Data Protection Office at Privacy.Officer@IRIWorldWide.com.

Please note that IRI has limited ability to access data submitted by its customers to the IRI Products and does not have any personal relationship with the individuals whose personal data it processes on behalf of its customers. If you wish to request access to, correct or delete, or to limit the use or disclosure of your personnel data please provide us the name of the IRI customer who has submitted your data into the IRI Product. We will refer your request to that customer and will support our customer as needed in responding to your request.

IRI will cooperate with EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) and comply with the advice given by such authorities with regard to HR data transferred from the EU and Switzerland.

If you have any questions or concerns, please write to us at the address listed below. If you are an EEA or Swiss resident, we will investigate and attempt to resolve reasonable complaints and disputes regarding our use and disclosure of Personal Information in accordance with the Principles. If an issue cannot be resolved via our internal dispute resolution mechanism, EEA and Swiss individuals may contact or submit a complaint, at no cost, to JAMS, our US-based third party dispute resolution provider. To find out more, go to https://www.jamsadr.com/eu-usprivacy-shield.

The Federal Trade Commission (FTC) is the investigatory and enforcement authority for your IRI’s Privacy Shield certification. Under certain circumstances detailed in the Privacy Shield, Data Subjects may be able to select binding arbitration for the resolution of complaints. For more information on binding arbitration, see U.S. Department of Commerce’s Privacy Shield Framework: Annex I (Binding Arbitration).

Changes to this Privacy Shield Policy. This Privacy Notice may be amended from time to time consistent with the requirements of the Privacy Shield.

If you have any questions about this Privacy Notice or would like to request access to your EU personal data, please contact us at Privacy.Officer@IRIWorldWide.com or by mail addressed to the following:

Information Resources, Inc.

Attn: Global Data Protection Officer
Legal Dept. 150 N Clinton St.
Chicago, IL 60661

IRI Website Use Terms and Conditions

Effective May 25, 2018

This page (together with the documents referred to on it) tells you the terms of use on which you may make use of our website www.iriworldwide.com and all its local country versions (our site), whether as a guest or a registered user. Please read these terms of use carefully before you start to use the site. By using our site, you indicate that you accept these terms of use and that you agree to abide by them. If you do not agree to these terms of use, please refrain from using our site.

Our site is operated by Information Resources, Inc. and its subsidiaries (collectively referred to as “IRI”, the “Company”, "we", or “us”) a Delaware Corporation with its principal place of business at 150 N Clinton St., Chicago, IL 60661.

Access to our site is permitted on a temporary basis, and we reserve the right to withdraw or amend the service we provide on our site without notice (see below). We will not be liable if for any reason our site is unavailable at any time or for any period and we do not guarantee that our site, or any content on it, will always be uninterrupted.

From time to time, we may restrict access to some parts of our site, or our entire site, to users who have registered with us. If you choose, or you are provided with, a user identification code, password or any other piece of information as part of our security procedures, you must treat such information as confidential, and you must not disclose it to any third party. We have the right to disable any user identification code or password, whether chosen by you or allocated by us, at any time, if in our opinion you have failed to comply with any of the provisions of these terms of use.

You are responsible for making all arrangements necessary for you to have access to our site. You are also responsible for ensuring that all persons who access our site through your internet connection are aware of these terms, and that they comply with them.

We are the owner or the licensee of all intellectual property rights in our site, and in the material published on it.
Those works are protected by copyright laws and treaties around the world. All such rights are reserved. You may print off one copy, and may download extracts, of any page(s) from our site for your personal reference and you may draw the attention of others within your organisation to material posted on our site.

You must not modify the paper or digital copies of any materials you have printed off or downloaded in any way, and you must not use any illustrations, photographs, video or audio sequences or any graphics separately from any accompanying text.

Our status (and that of any identified contributors) as the authors of material on our site must always be acknowledged. You must not use any part of the materials on our site for commercial purposes without obtaining a licence to do so from us or our licensors. If you print off, copy or download any part of our site in breach of these terms of use, your right to use our site will cease immediately and you must, at our option, return or destroy any copies of the materials you have made.

Commentary and other materials posted on our site are not intended to amount to advice on which reliance should be placed. We therefore disclaim all liability and responsibility arising from any reliance placed on such materials by any visitor to our site, or by anyone who may be informed of any of its contents.

We aim to update our site regularly, and may change the content at any time. If the need arises, we may suspend access to our site, or close it indefinitely. Any of the material on our site may be out of date at any given time, and we are under no obligation to update such material.

The material displayed on our site is provided on an "as is" basis, without any guarantees, conditions or warranties as to its accuracy. To the extent permitted by law, we, other members of our group of companies and third parties connected to us hereby expressly exclude all conditions, warranties and other terms which might otherwise be implied by statute, common law or the law of equity.

Any liability for any direct, indirect or consequential loss or damage incurred by any user in connection with our site or in connection with the use, inability to use, or results of the use of our site, any websites linked to it and any materials posted on it, including, without limitation any liability for:

loss of income or revenue, loss of business, loss of profits or contracts, loss of anticipated savings, loss of data, loss of goodwill, wasted management or office time, and for any other loss or damage of any kind, however arising and whether caused by tort (including negligence), breach of contract or otherwise, even if foreseeable.
This does not affect our liability for death or personal injury arising from our negligence, nor our liability for fraud or fraudulent misrepresentation, nor any other liability which cannot be excluded or limited under applicable law.

We process information about you in accordance with our privacy policy available at www.iriworldwide.com. By using our site, you warrant that all data provided by you is accurate.

You are prohibited from posting or transmitting to or from our site any material: that is threatening, defamatory, obscene, indecent, seditious, offensive, pornographic, abusive, liable to incite racial hatred, discriminatory, menacing, scandalous, inflammatory, blasphemous, in breach of confidence, in breach of privacy or which may cause annoyance or inconvenience; or for which you have not obtained all necessary licences and/or approvals; or which constitutes or encourages conduct that would be considered a criminal offence, give rise to civil liability, or otherwise be contrary to the law of or infringe the rights of any third party, in any country in the world; or which is technically harmful (including, without limitation, computer viruses, logic bombs, Trojan horses, worms, harmful components, corrupted data or other malicious software or harmful data).

You must not misuse our site by knowingly introducing viruses, trojans, worms, logic bombs or other material which is malicious or technologically harmful. You must not attempt to gain unauthorised access to our site, the server on which our site is stored or any server, computer or database connected to our site. You must not attack our site via a denial-of-service attack or a distributed denial-of service attack. By breaching this provision, you may be liable for a criminal offence under the Computer Misuse Act 1990. We will report any such breach to the relevant law enforcement authorities and we will co-operate with those authorities by disclosing your identity to them. In the event of such a breach, your right to use our site will cease immediately.

We will not be liable for any loss or damage caused by a distributed denial-of-service attack, viruses or other technologically harmful material that may infect your computer equipment, computer programmes, data or other proprietary material due to your use of our site or to your downloading of any material posted on it, or on any website linked to it. Users are advised to undertake routine checks of our site for latest content and to take appropriate protective measures against viruses and other malicious objects.

We will determine, in our discretion, whether there has been a breach of these terms by you and, in such cases, we may take such action as we deem appropriate, including without limitation, withdrawal of your right to use our site, legal proceedings or legal action against you, and/or disclosure of such information to law enforcement authorities as we reasonably feel is necessary.

You may link to our home page, provided you do so in a way that is fair and legal and does not damage our reputation or take advantage of it, but you must not establish a link in such a way as to suggest any form of association, approval or endorsement on our part where none exists. You must not establish a link from any website that is not owned by you.

Our site must not be framed on any other site, nor may you create a link to any part of our site other than the home page. We reserve the right to withdraw linking permission without notice. The website from which you are linking must comply in all respects with the content standards set out above.

If you wish to make any use of material on our site other than that set out above, please address your request to marketing@IRIWorldWide.com

Where our site contains links to other sites and resources provided by third parties, these links are provided for your information only. We have no control over the contents of those sites or resources, and accept no responsibility for them or for any loss or damage that may arise from your use of them.

The English courts will have non-exclusive jurisdiction over any claim arising from, or related to, a visit to our site.
These terms of use are governed by English law.

We may revise these terms of use at any time by amending this page. You are expected to check this page from time to time to take notice of any changes we made. Continuing to browse our site following any amendment to these terms of use constitutes your agreement to the amended terms. Some of the provisions contained in these terms of use may also be superseded by provisions or notices published elsewhere on our site.

Thank you for visiting our site.