PRIVACY POLICY
Established in 2003, The Response Group (TRG) is the industry leader in Crisis Management and Emergency Response with a wide spectrum of experience in the oil and gas, chemical, and emergency response industries for both private and public sector. We provide quality products with a suite of emergency response software and services from plans to actual response support.
We are TRG The Response Group, LLC (Referred to in this document as We, Us, Our and TRG). Our offices are;
Houston Headquarters
13939 Telge Rd, Cypress, TX 77429
+1 281 880 5000
New Orleans Office
108 Innwood Dr, Covington, LA 70433
+1 985 400 5444
Baytown Office
8111 FM 3246, Baytown, TX 77523
+1 281 880 5000
Anchorage Office
880 H St #200, Anchorage, AK 99501
+1 907 240 2234
Introduction
This notice sets out how The Response Group use the personal information collected through this website (www.responsegroupinc.com), via contact to our support teams by any channel or when you use any of our services as a customer.
We have developed this notice to ensure that you are aware of;
-
the personal data we collect about you
-
what we do with your information
-
what we do to keep your information secure
We will only use your information as set out in this notice. If we need to use your personal information for any other purpose, we will take steps to tell you and we will update this notice.
The personal data we collect
We only collect personal information that we genuinely need. The type of personal information that we will collect directly from you when you interact with our services will include your;
-
Name
-
Work Telephone Number
-
Work Email Address
-
Job Title or Position
-
Location (site/office/ field you work at for emergency response purposes)
-
IP (Internet Protocol) Address
We will also collect additional information that will help us to deal with your query; for example, additional information about the product or service you are interested in and your company.
We also hold information on our customer’s behalf for the provision of our service. This may include data relating to employees, badge ID numbers, photographs, and emergency contacts. This will depend on what information our customers choose to collect within the system they are using. If you are an employee of an organization that uses our services, please refer to your internal privacy notice for further information.
We collect limited technical information about your visit to our site, this helps us to better understand how our customers move around, and interact with, this website.
Lawful basis for processing your personal data
We will only ever process your personal data if we have a lawful basis to do so. The lawful bases we rely on are;
-
Contract – This is where we process your information to fulfil a contractual arrangement, we have made with you.
-
Consent – This is where we have asked you to provide permission to process your data for a particular purpose. Please note, if we are relying on your Consent, you can withdraw your consent at any time by contacting us or using the opt out link in any emails that we send to you.
-
Legitimate Interests - This is where we rely on our interests as a reason for processing, generally this is to provide you with the best products and service in the most secure and appropriate way.
-
Legal Obligation – This is where we have a statutory or other legal obligation to process the information, such as for the investigation of crime.
How we use your personal data
We will use your personal information to;
Answer any questions that you have or to follow up with you on any enquiries
If you contact us through email, phone, through our website or via any our software or apps in case of an emergency we will use your information to answer your questions and to correspond with you.
Fulfil your request
If you submit a request to us through our website such as a product demo, for assistance in setting up a web app or help with an emergency we will process your information to manage your request. This information will also be transferred to a member of our team who will fulfil the request directly.
Manage our relationship with you
Once you are added as a client in our systems, we will use your information to
-
stay connected with you about the service,
-
notify you of any changes to our terms or this privacy notice.
Manage and improve our business and our interactions with you
We will use certain personal and technical information to;
-
Analyse and understand our consumer base
-
Understand the effectiveness of our advertising campaigns
-
Develop new products and services
-
Secure our network
-
Investigate and respond to service or security issues
-
To administer our website, software service and applications
-
To meet our legal and regulatory obligations
Manage and maintain information on the products or services you have purchased
We maintain a record of the services or products you/your company have purchased.
To promote our products and services
We will use your information to send you promotional material that we believe will be relevant to you. You can unsubscribe from these communications at any time using the unsubscribe link in our emails or by contacting us.
How long we retain your personal data
We retain a record of your personal information in order to provide you with a high quality and consistent service and to evidence the actions we have taken on your behalf.
We only keep your personal information for the length of time we need it to;
-
Deliver our services to you
-
Meet our business needs
-
Meet our legal obligations
Who we share your personal data with?
We do not sell your personal data.
In some circumstances we may need to share your personal data with third parties in order to;
-
Provide you with the service that you have asked for
-
Meet our legal obligations
-
Run and manage our business
We may share your personal information with;
-
Law Enforcement or other public authorities that require us to release information
-
To any organization where it is necessary for us to establish a legal claim or to defend ourselves against such a claim
-
Our Professional advisors including accountants, legal professionals, or insurers
-
Payment services providers who process payments on our behalf
-
Providers of ancillary business support services such as Information Technology, Contacts Centre, or Marketing service providers (on our behalf)
-
Our contractors that assist in responding to any emergencies
-
Any organization in the event of the sale, merger, reorganization, dissolution, or disposal of our business. We will inform you of any such transfer or disclosure as required by law.
In all cases we
-
Only provide the minimum personal information that each party needs to carry out their duties
-
Only disclose personal information to organizations who we have a contractual relationship with or have an overriding legal requirement to hold the information
Court Orders or Legal Requests for Personal Data/Customer Content
The Response Group makes the following commitments regarding how it will handle court orders, agency actions or other legal or regulatory requirements to disclose personal data or customer content.
Where customer notification is not legally prohibited, The Response Group will:
-
Notify the Customer: Notify customers of any demand for disclosure of personal data or customer content.
-
Refer Government Agency to the Customer: Inform the relevant government authority that The Response Group is a service provider acting on the customer's behalf and all requests for access to customer's personal data and content should be directed in writing to the contact person the customer has identified to us, or the customer's legal department.
-
Limit Access: Only provide access to customer's content with the customer's authorization.
In the event The Response Group is legally prohibited from notifying the customer, The Response Group will:
-
Evaluate Legal Validity: The Response Group will evaluate the demand for disclosure to determine whether it is legally valid and binding.
-
Challenge Unlawful Requests: The Response Group will challenge the order if it reasonably believes the order does not comply with the applicable law.
-
Limit Scope of Disclosure: The Response Group will limit the scope of any disclosure to only the information we are required to disclose and will disclose the information in accordance with applicable law.
How we protect your personal data
Data security is of significant importance to us and to protect your data we have put in place suitable physical, electronic, and managerial procedures to safeguard and secure any information that we control.
At a high level we have put the below measures in place:
-
Limiting access to our buildings to those that we have determined are entitled to be there
-
Implementing access controls to our information technology
-
All our employees and agents who have access to or are involved in the processing of personal information are contractually obliged to protect the confidentiality of personal information
-
All transmitted data are encrypted during transmission via HTTPS (Hypertext Transfer Protocol Secure) with TLS (Transport Layer Security) 1.2 required as a minimum.
-
All data are encrypted at rest using a AES256 bit encryption.
-
TRG maintains the NIST 800-53 security compliance standard created by the U.S. Department of Commerce and the National Institute of Standards in Technology.
-
NIST 800-53 consists of 18 control families that allow TRG meet the challenge of selecting the appropriate security controls, policies and procedures to protect information security and privacy.
Our websites may include links to external websites operated by other organizations. They may collect personal information from visitors to their site. We cannot guarantee the content or privacy practices of any external websites and does not accept responsibility for those websites.
We have put in place procedures to deal with any suspected personal data or security breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone. Once we have received your information, we will use strict procedures and security features to prevent unauthorized access.
Where we store Your Personal Information
The personal data that we hold about you will be stored in the USA. For instances where we hold data on behalf of our clients based in the UK/EEA, we will use specific contracts (known as Standard Contractual Clauses) approved by the United Kingdom and/or the European Commission to ensure it has appropriate safeguards applied when transferred to us.
How we Use Cookies
When you first visit our site, you will be asked for your permission for us to use some types of cookies.
We have separated our cookies into four categories.
Strictly Necessary Cookies
These cookies will always be placed. Strictly Necessary cookies are necessary for our website to operate so cannot be switched off. The Cookies include those that ensure our site is secure, operates as you would expect and remembers your privacy preferences.
Marketing/Performance Cookies
With your permission we use Performance Cookies to measure and improve the performance of our site. These cookies are used to track advertising effectiveness to provide a more relevant service and deliver better ads to suit your interests. If you do not allow these cookies, you will see less targeted adverts from us. You may however see generic advertisements from or about us on social media or around the web.
Functional Cookies
With your permission we use functional cookies that enable this website to provide enhanced functionality and personalization. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies, then some or all of these services may not function properly.
Analytics Cookies
With your permission we use analytics Cookies. These cookies help us to understand how visitors interact with our website, discover errors, and provide better overall analytics.
Cookies help us provide you with a better experience, by enabling us to monitor which pages customers find useful and those which they do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
Social media buttons
We use plugins on our website from social media networks such as Facebook, LinkedIn, and Twitter. You can recognize these plugins by their logos. Our plugins will not collect personal data about you unless you click on these logos. If you click on them, these plugins are activated and automatically transmit data to the plugin provider.
We do not have any influence over which data these providers collect from you. If you would like more information about their data processing, this can be found in the respective privacy policies on the websites of these providers.
California Users/Visitors
If you reside in California, we are required to provide additional information to you about how we use and disclose your information, and you may have additional rights about how we use your information. We have included this California-specific information below.
Consistent with the "The Personal Data We Collect” section above, we collect certain categories and specific pieces of information about individuals that are considered "Personal Information" in California. As detailed above, we may collect this Personal Information from you and other third parties. We collect, share, and disclose Personal Information for the business and commercial purposes described in the "How we use your personal data" and "Who we share your information with" sections above.
We do not "sell" your Personal Information, as this term is defined under California law. Given the divergent practices of organizations that offer browsers and the lack of a standard in the marketplace, we do not respond to Do Not Track signals at this time.
Subject to certain exceptions, as a California consumer, you have the right to: (i) access your Personal Information and (ii) obtain deletion of your Personal Information. To the extent permitted by applicable law, we may be required to retain some of your Personal Information, and certain Personal Information is strictly necessary for us to fulfil the purposes described in this notice.
Should you wish to request the exercise of your rights as detailed above regarding your Personal Information, we will not discriminate against you by offering you different pricing, products, or services, or by providing you with a different level or quality of products or services, based solely upon this request. Please contact us as described below to exercise such rights.
If you are a California consumer and you wish to exercise your rights as outlined in this section, you may need to provide information such as name and e-mail so that we can verify your identity. We will use the information you provide when exercising your rights for no other purpose other than to verify your identity.
You also have the option of designating an authorized agent to exercise your rights on your behalf. For authorized agents sending requests on behalf of California residents, please contact us as described below, with any evidence you have that you have been authorized by a California consumer to submit a request on their behalf.
Changes to this Notice
We may change this notice from time to time (for example, if the law changes). If the changes are material, we will take steps to inform you.
How to contact us
If you
-
have a question or a complaint about this notice, or
-
have a question or complaint about the way your personal information is processed
You can contact us via the Contact Us page on this website.
For EEA (European Economic Area) Residents: Please contact our EU (European Union) Representative at eurep@responsegroupinc.com. Alternatively, they can be reached by post (The DPO Centre, Alexandra House, 3 Ballsbridge Park, Dublin, D04C 7H2) or +353 1 631 9460.
For UK Residents: Please contact our UK Representative at ukrep@responsegroupinc.com. Alternatively, they can be reached by post (The DPO Centre Ltd, 50 Liverpool Street, London, EC2M 7PY) or +44 (0) 203 797 6340.
If you are based in either the UK or EEA, you may also contact us via the details above if you wish to exercise any rights available to you under the GDPR (General Data Protection Regulation). You may also contact your local supervisory authority with any concerns relating to our use of your information.