Privacy Policy

The Institutes for Behavior Resources, Inc. (“IBR”, “us”, “we”, “our”, “SAFTE-FAST”) is committed to protecting the privacy of the businesses, organizations and individuals that contract or register with us to utilize our software and services.

This privacy policy has been compiled to better serve those who are concerned with how their ‘Personally Identifiable Information’ (PII) is being used.  PII, as used in US privacy law and information security, is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context.  Please read our privacy policy carefully to get a clear understanding of how we collect, use, protect or otherwise handle your PII.

If you have questions or complaints regarding IBR’s Privacy Policy or associated practices or if you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact us at info@ibrinc.org

Privacy Shield

IBR has adopted the European – United States (EU-U.S.) Privacy Shield Framework as set forth by the U.S. Department of Commerce (the “Principles”).  IBR confirms that it is compliant with the Principles regarding personal information that is transferred from the EU to the U.S.  If a conflict between the terms in this Privacy Shield Policy and the Principles should arise over concerns regarding Personal Data received under the Privacy Shield, the Principles shall govern.  IBR is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission.

For more on Privacy Shield, see privacyshield.gov.

Notice & Choice

IBR may receive personal data in the form of work schedules from an organization, for the purpose of determining fatigue-related risks. IBR applications allow entry of proposed schedules and generate graphical predictions of performance along with tables of estimated effectiveness scores for objective comparison.  This data may include basic personal information about workplace personnel, such as names and/or employee identification number, however IBR only uses data relevant to the service provided and is processed only as permitted by the Principles.

Notice to individuals regarding the collection, use, and/or transfer of the personal data described above is provided in contracts or agreements.

If for any reason the data is to be used for a purpose that is materially different from the purpose for which it was originally collected or subsequently authorized, IBR will request your consent beforehand.

Individuals may have the right to limit the use and disclosure of their personal information as required by the Privacy Shield’s Principles, such as whether your personal information is disclosed to a third party or used for purposes materially different from the purpose for which the personal information was originally collected or subsequently authorized by you. If you wish to limit the use and disclosure of personal information in accordance with the Privacy Shield Principles, please contact us at info@ibrinc.org.

Accountability for Onward Transfer

IBR will not provide personal data to any third-party organizations without express permission. IBR will remain responsible and liable for the work provided by any such third-party organization. Contracts with third-party organizations are maintained and noted that the third party will apply the same level of protection for Personal Data as is required by the Privacy Policy Notice and Choice Principles.  The third-party organization also agrees to notify IBR if it can no longer meet its obligation.  If this determination is met, the third-party ceases processing or will take appropriate steps of remediation.

If the use of a third party is necessary, IBR will obtain consent through a contract/agreement, outlining the type of personal data collected and used.  IBR will provide information on the nature, type, or manner of the third-party organization(s).  Personal data will not be shared with a third-party organization without consent.  Additionally, disclosure of personal information may be necessary to meet a legal obligation or a lawful request by public authorities, including to meet national security or law enforcement requirements.

Security

IBR takes reasonable and appropriate measures to protect the personal data that it creates, maintains, uses, or disseminates to protect it from loss, misuse and unauthorized access, disclosure, alteration, and destruction.  These measures consider the risks involved in the processing and the nature of the personal data.

Data Integrity and Purpose Limitation

IBR collects and processes personal data only to the extent that is necessary to provide its services.  IBR will notify and obtain your consent if we use your personal data in any other manner.  IBR will take reasonable steps necessary to ensure that personal data is accurate, complete, current, and reliable for its intended use.

Access

Individuals whose personal data is held by IBR have the right to request access to the personal data to review, correct, update, suppress, or delete it if it is inaccurate or has been processed in violation of the Principles, except where the burden or expense of providing access would be disproportionate to the risks of the individual’s privacy, or where the rights of persons other than the individual would be violated.  Requests to review and correct the personal data can be made to info@ibrinc.org

Recourse, Enforcement and Dispute Resolution

IBR remains committed to resolve complaints about the use or disclosure of personal data, consistent with the Principles.  See contact information for inquiries or complaints.  If the issue remains unresolved or not addressed satisfactorily, you may contact JAMS at www.jamsadr.com/eu-us-privacy-shield JAMS provides an independent third-party dispute resolution body based in the United States, and they will investigate and assist you at no expense.  If the issue involves human resources personal data, IBR will adhere to the competent EU data protection authorities and comply with their advice.  You may have the option to invoke binding arbitration under the Privacy Shield Panel to address residual complaints.  See www.privacyshield.gov.

What personal information do we collect?

When obtaining schedules of our clients, as appropriate, we may receive additional information related to an employee such as email address, mailing address, phone number, company name, company size.

  • Basic contact information may be collected when an individual requests additional information from IBR or SAFTE-FAST websites
  • System use requirements and contact information may be collected when we are provided with contractual documents (Request for Proposal, Contract Agreement, Change Request, etc.)
  • We will collect scheduling, sleep, operational, or other data as provided by the customer (Customer Data) when provided with sample data for systems integration, testing, verification, support, or other research purposes
  • Standard internet technologies, such as cookies, are used to keep track of interactions with the website and web applications

When do we collect information?

We collect information through the normal course of business with our clients.

  • Customers may electronically submit data or information to our software or support services (“Customer Data”)
  • IBR will not review, share, distribute, or reference any such Customer Data except as defined in approved contractual documents, or as may be required by law. In accordance with IBR and the Customer’s contractual documents, IBR may access Customer Data only for the purposes of providing the services, preventing or addressing service or technical problems, at a Customer’s request in connection with customer support matters, or as may be required by law

How do we use your information?

Customer Data is used to determine risk associated with fatigue.  This data is analyzed and used to generate graphical predictions of performance along with tables of estimated effectiveness scores for objective comparison.

  • Information is collected to provide Customers with the software and services they may request
  • Collected information can be used to provide customers with additional information about our software, services, promotions, and events
  • Collected information can be used to improve our software and services
  • We do not share, sell, rent, or trade personally identifiable information with third parties for their promotional purposes. IBR may share information collected with other companies that work on IBR’s behalf
  • Robust security measures are used to protect information

How do we protect visitor information?

Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology.

We implement a variety of security measures when entering, submitting, or accessing information to maintain the safety of your personal information.

Communication Preferences

  • Marketing emails from IBR include instructions on how to opt out of receiving further marketing emails
  • Email is primarily used for direct customer communication. If alternate contact methods are requested by the Customer (phone, internet-based meetings, or chat), IBR will maintain primary contact method(s) as part of basic contact information

COPPA (Children Online Privacy Protection Act)

 The Children’s Online Privacy Protection Act (COPPA) requires websites that market to, serve, or attract children under thirteen (13) to engage in certain procedures to protect those children’s privacy and interest, including the provision of certain rights to parents. The Federal Trade Commission, the nation’s consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online. IBR does not market to, serve or attract children under thirteen (13).

Fair Information Practices

 The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.

To be in line with Fair Information Practices, should a data breach occur, we will notify the users via email within 1 business day.

CAN-SPAM Act

The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.

We collect your email address to:

  • Send information and respond to inquiries and/or other requests or questions
  • Process orders and send information and updates pertaining to orders
  • Send you additional information related to your product and/or service

To be in accordance with CAN-SPAM we agree to:

  • NOT use false, or misleading subjects or email addresses
  • Identify the message as an advertisement in some reasonable way
  • Include the physical address of our business or site headquarters
  • Monitor third party email marketing services for compliance, if one is used
  • Honor opt-out/unsubscribe requests quickly
  • Allow users to unsubscribe by using the link at the bottom of each email

If at any time you would like to unsubscribe from receiving future emails, you can email us at info@ibrinc.org and we will promptly remove you from ALL correspondence.

Contact

If you have any questions regarding IBR’s Privacy Policy, please contact IBR at:

Institutes for Behavior Resources, Inc. (IBR)
2104 Maryland Avenue
Baltimore, Maryland, 21218
USA

info@ibrinc.org

Last Edited on 2020-07-15

TERMS AND CONDITIONS OF USE OF THIS WEBSITE

PRIVACY
The use of the IBR’s website is governed by our Privacy Policy.

SECURITY
IBR’s web sites have reasonable security measures in place to protect against the loss, misuse and alteration of information under our control. These precautions include data encryption, firewall protection, and restricted server access. However, we cannot guarantee that unauthorized third parties will never be able to defeat those measures or use your personal information for improper purposes.

CHANGES TO PRIVACY POLICY
IBR reserves the right to change its privacy policies at any time. Any changes to the policy will be posted on this page. For members of IBR, this privacy policy is a supplement to, not a replacement for, any other agreements or terms provided by IBR to you.

COPYRIGHT
All content included on this site, such as text, graphics, logos, button icons, images, audio clips, digital downloads, data compilations, and software, is the property of IBR or its content suppliers and is protected by United States and international copyright laws. The compilation of all content on this site is the exclusive property of IBR and is protected by U.S. and international copyright laws.

You are not permitted to use this website other than for private, non-commercial purposes. Use of the website for any other purpose than the aforementioned private, non-commercial purposes is prohibited. Reuse of any data obtained from this website for commercial purposes is strictly prohibited this includes any automated tools to retrieve data from or enter data into this web site is also strictly prohibited.

TRADEMARKS
IBR and other marks indicated on this site are registered trademarks of IBR in the United States and other countries. IBR’s trademarks and trade dress may not be used in connection with any product or service that is not IBR’s, in any manner that is likely to cause confusion among customers, or in any manner that disparages or discredits IBR. All other trademarks not owned by IBR that appear on this site are the property of their respective owners, who may or may not be affiliated with or connected to IBR.

LICENSE AND SITE ACCESS
IBR grants you a limited license to access and make personal use of this site and not to download (other than page caching) or modify it, or any portion of it, except with express written consent of IBR. This license does not permit any resale or commercial use of this site or its contents; any collection and use of any product listings, descriptions, or prices; any derivative use of this site or its contents; any downloading or copying of account information for the benefit of another merchant; or any use of data mining, robots, or similar data gathering and extraction tools. No part of this site may be reproduced, duplicated, copied, sold, resold, visited, or otherwise exploited for any commercial purpose without express written consent of IBR. You may not frame or utilize framing techniques to enclose any trademark, logo, or other proprietary information (including images, text, page layout, or form) of IBR without express written consent. You may not use any meta tags or any other “hidden text” utilizing IBR’s name or trademarks without the express written consent of IBR. Any unauthorized use terminates the permission or license granted by IBR and may subject you to liability. You may not use any IBR logo or other proprietary graphic or trademark as part of a hyperlink without express written permission.

COPYRIGHT COMPLAINTS
IBR respects the intellectual property of others. If you believe that your work has been copied or used in a way that constitutes copyright infringement, please contact IBR using the contact information at the bottom of this page.

SECURITY
IBR’s web sites have reasonable security measures in place to protect against the loss, misuse and alteration of information under our control. These precautions include data encryption, firewall protection, and restricted server access. However, we cannot guarantee that unauthorized third parties will never be able to defeat those measures or use your personal information for improper purposes. As you wish, you may place any order by telephone, though it is possible that different prices will apply.

DISCLAIMER OF WARRANTIES AND LIMITATION OF LIABILITY
THIS SITE IS PROVIDED BY IBR ON AN “AS IS” AND “AS AVAILABLE” BASIS. IBR MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED, AS TO THE OPERATION OF THIS SITE OR THE INFORMATION, CONTENT, MATERIALS, OR PRODUCTS INCLUDED ON THIS SITE. YOU EXPRESSLY AGREE THAT YOUR USE OF THIS SITE IS AT YOUR SOLE RISK. TO THE FULL EXTENT PERMISSIBLE BY APPLICABLE LAW, IBR DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IBR DOES NOT WARRANT THAT THIS SITE, ITS SERVERS, OR E-MAIL SENT FROM IBR ARE FREE OF VIRUSES OR OTHER HARMFUL COMPONENTS. IBR WILL NOT BE LIABLE FOR ANY DAMAGES OF ANY KIND ARISING FROM THE USE OF THIS SITE, INCLUDING, BUT NOT LIMITED TO DIRECT, INDIRECT, INCIDENTAL, PUNITIVE, AND CONSEQUENTIAL DAMAGES. CERTAIN STATE LAWS DO NOT ALLOW LIMITATIONS ON IMPLIED WARRANTIES OR THE EXCLUSION OR LIMITATION OF CERTAIN DAMAGES. IF THESE LAWS APPLY TO YOU, SOME OR ALL OF THE ABOVE DISCLAIMERS, EXCLUSIONS, OR LIMITATIONS MAY NOT APPLY TO YOU, AND YOU MIGHT HAVE ADDITIONAL RIGHTS.

APPLICABLE LAW
By using any materials on IBR’s website, you agree that the laws of the State of Maryland, without regard to principles of conflict of laws, will govern these Terms and Conditions of Use and any dispute of any sort that might arise between you and IBR.

CONTACTING IBR
Institutes for Behavior Resources, Inc. (IBR)
2104 Maryland Avenue
Baltimore, Maryland, 21218
USA

info@ibrinc.org

Last Edited on 2017-09-01