Last Updated on 07/23/2020
Trusted Computing Group Administration respects your privacy and is committed to protecting it in accordance with this policy.
This policy outlines the way in which we manage any personal data obtained through www.trustedcomputinggroup.org (the “Website”) or otherwise provided by or about individuals (“you”, “your”) in the course of you joining or receiving the services under our membership or certification program, participating in our developers community, attending our events or subscribing to our mailing list (our “Services”).This policy explains:Please note that some of the provisions here will only apply if you are based in the EU.
You can navigate to the relevant sections of the policy by clicking the links below:
By continuing to use the Website and our Services, you agree to our use of your personal data on the terms outlined in this policy.
For the purposes of applicable data protection laws, Trusted Computing Group Administration with its registered address at 3855 SW 153rd Drive, Beaverton, Oregon 97003 (“TCG”, “we”, “us” or “our”) is the controller of your data. This means that we are the primary entity who decides the purposes and means for dealing with your personal data.
Important: Work Groups
Although we are headquartered in the US, TCG is a global membership organization operated through various Work Groups and programs (such as the TCG Industry Liaison Program) which are run by our Members or their nominated representatives (“Members”). This means some of your personal data (primarily your member profile and the data you have provided) may be shared with the TCG community.
What information do we collect about you?
We collect several types of information from and about our Members, Website users, and email subscribers, including:
Personal data we collect directly from you:
You may also provide information to be published or displayed (“posted“) on areas of the Website, our affiliate websites (including the TCG Workspace hosted by Causeway) and Social Media Platforms that are visible to other Website users, Members, or other participants in your Work Groups (collectively, “User Contributions“). Your User Contributions are posted on and transmitted to others at your own risk. Although we limit access to certain pages, please be aware that no security measures are perfect or impenetrable. Additionally, although our Members are bound by confidentiality provisions, we cannot control the actions of our Members, Website users or Affiliate Partners with whom you may choose to share your User Contributions. Therefore, we cannot and do not guarantee that your User Contributions will not be viewed by unauthorized persons.
Why do we collect your personal data and on what grounds?
We will only use your personal data if we have a permitted lawful basis to do so. Generally we collect your personal data because is it necessary for:
You have the right to withdraw your consent to these activities at any time, which will mean (unless another lawful basis applies to your data) that we will cease to process the affected data after consent is withdrawn. However, please note this may result in us being unable to provide you with certain features of the Website and/or Services.
The primary purpose for which we collect information about you is to provide you with Services you have requested from us (i.e. to perform our contract with you). We also collect information about you for the following purposes:
To perform our contract with you
For our legitimate interests
To comply with our legal obligations
If you have signed up for our newsletter or opted to subscribe to the members email list when signing up for a member account on the Website, we will send you messages by email regarding information about the latest news and events from TCG. You can change your communication preferences at any time by adjusting your preferences in your member account or clicking on the “unsubscribe” link at the bottom of any marketing message or emailing [email protected]. Please note that you may still receive service messages related to your membership or the operation of the Website (e.g. server issues with the Website or important communications about your membership status).
Who do we share your information with?
We may disclose personal data that we collect or you provide as described in this privacy policy with the following third parties:
As our contacts database is based and hosted in the US, any personal data you submit to us will be held there. Additionally, TCG members are based in multiple different countries and may be affiliated with multiple, cross-border Work Groups.
If you are based in the EU or UK, this means your personal data may be transferred outside of the European Economic Area or UK to another jurisdiction. Where this is the case and we are responsible for making such a transfer, we will ensure that these are made subject to appropriate safeguards as required by applicable data protection laws, to ensure that a similar degree of protection is afforded to your personal data. These will include the use of recipients certified under the Privacy Shield regime, or the use of EU Commission approved standard contractual clauses or transfers of countries deemed to provide an adequate level of protection for personal data by the European Commission. You can obtain further information about the safeguards in place for your international transfers of personal data by contacting us at [email protected].
How long do you keep my personal data?
We keep your data for as long as it’s necessary to meet the relevant purposes for which we’ve collected your data, including for the purpose of satisfying any legal, accounting or reporting requirements.
To determine the appropriate length of time for holding your data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm, from unauthorised use or disclosure of your personal data, the purpose for which we process your data and whether we can achieve those purposes through other means, along with the applicable legal requirements.
Details of retention periods for different aspects of your personal data are available in our retention policy which you can request from us by contacting us at [email protected].
In some circumstances you can ask us to delete your data: see “Your rights in respect of your personal data” below for further information.
In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
Your rights in respect of your personal data
The following section applies only if you are based in the EU or UK.
In certain circumstances you have rights under data protection laws in relation to the personal data we hold about you. You can request to:
You can make all such requests via email to [email protected].
We will endeavour to respond to your requests within one month and free of charge. Please note that in respect of all these rights, we reserve the right to:
If we refuse your request to exercise these rights, we will give reasons for our refusal and allow you to challenge our decision.
If you have any concerns about how we handle your data, please contact us. If you are not satisfied after we’ve tried to resolve your issue, you’ll be entitled to lodge a complaint with the data protection regulator for your country of residence.
Security of your data
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. When you submit personal information, that information is encrypted and is protected with the best encryption software in the industry – Secure Socket Layer. While on a secure page, such as our account sign up page, the lock icon on the bottom of Web browsers such as Netscape Navigator and Microsoft Internet Explorer becomes locked as opposed to un-locked.
We also use a variety of security technologies and procedures to help protect your personal information from unauthorized access, use, or disclosure once we receive it. For example, we store the personal information you provide on limited access computer systems that are located in secured facilities. Trusted Computing Group’s employees are trained and kept up-to-date on our security procedures. If you have any questions about the security at our Web site, you can send an email to [email protected].
In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Cookies and other technologies
In common with many websites, we use “cookies” to help us gather and store information about visitors to our websites. A cookie is a small data file that our server sends to your browser when you visit the site. The use of cookies helps us to distinguish you from other users of the Website and assist your use of certain aspects of the site. You can delete cookies at any time or you can set your browser to reject or disable cookies, however if you do this you may not be able to access all or parts of our site. You can obtain information about how to manage cookies by clicking “help” on your browser’s menu or visiting www.aboutcookies.org. Details of the cookies that we set, or are set by third parties, on our websites can be found in our cookie policy. https://trustedcomputinggroup.org/privacy-policy/cookies-policy/
Third party links on the Website
The Website may contain links to other websites not owned and operated by TCG, for example, Social Media Platforms and Affiliate Partner websites. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.
We may from time to time review and amend this Privacy Policy to take into account changes in law, technology and our operations. We will post any changes to this Privacy Policy on the Website from time to time 30 days prior to implementing the change and, where appropriate, notify you by e-mail. Please periodically review this Privacy Policy before using the Website as continued use of the Website shall indicate your acceptance of any changes. All personal data held by us will be governed by the most recent Privacy Policy posted on the Website.
If you have any queries relating to this privacy notice (including any requests to exercise your legal rights in respect of your data), you can contact us at [email protected] or through the Contact Us page of our Website.