RCS Business Group
Revised December 31, 2019
The RCS Business Group (“RCS Group”, “RCS”, “we”, “us”, or “our”) is committed to maintaining your confidence and trust as it relates to the privacy of your information. This policy describes how we collect, protect, share and use your information, both offline and online, including (as part of our websites), software, online services and apps (collectively, “Platforms”), and your rights and choices in connection with your information. When we ask you to provide certain information by which you can be identified when using our services, you can be assured that it will only be used in accordance with this Policy.
WHO WE ARE
Within this policy, “RCS” refers to our broadcast software business (RCS originally being an acronym for “Radio Computing Services”).
“RCS Business Group” (also “RCS Group”) is an umbrella group of businesses and companies, owned by iHeartMedia Management Services Inc. In the United States, these are: RCS, Media Monitors, Florical, TestAllMedia (TAM), RateTheMusic (RTM), Mediabase and Hit Predictor. In Europe and the European Union, subsidiaries of iHeartMedia Management Services Inc., include: Radio Computing Services (UK) Ltd, Radiojar, RCS Europe sarl and associated branch offices, RCS Europe SARL, Niederlassung Deutschland, RCS Europe SA, France, Filial Sverige and RCS Europe sarl (SP. Z O.O.) Oddzial W Polsce.
This policy applies to all RCS Group companies and businesses in the European Union and to iHeartMedia in the event that our companies should process personal data of individual persons located in the European Union.
All other RCS Group offices – including those outside Europe – also operate under this Policy. A full list of those non-European offices, together with relevant contact details, can be found here.
2) GDPR LEGAL BASIS
RCS asserts that it is in our legitimate interest to collect and store personal data from our customers. As a technology company serving broadcasting companies worldwide, RCS leverages robust, best practice methods to optimize communication between ourselves and our customers and their employees. At present, the immediate and universally supported communication method is email. It is in the legitimate interests of RCS to use email, cellphones and landlines to apprise customers and prospects regarding the status of their software and hardware purchases; to provide timely updates regarding the progress of support issues; to send advisories regarding account security or planned service outages; and to determine customer preferences and priorities in the marketplace.
Many RCS products support real-time, mission-critical processes at customer sites – most often, radio and television studios – and timeliness of communication is essential. RCS store a minimum amount of personal data necessary to accomplish this. Because many other companies use these techniques and tools, our users expect to hear from RCS Group businesses by email, cellphones and landlines throughout the lifetime of their relationship with us.
3) PERSONAL INFORMATION WE COLLECT
RCS (and the vendors we hire to perform business functions on our behalf) collect, receive and develop several categories of personal information about you based on the nature of your interactions with us.
Identifiers: We may collect your name, email address, phone number, mobile phone number, address, RCS account usernames and passwords. We also collect with which RCS client businesses you are affiliated and your title at each.
Purchase and Preference Information: We may collect records of your product activations, purchases, and notification subscriptions.
Payment Information: We collect your credit card or debit card details, including a billing address, when you make a purchase.
Browser, Usage, and Device Information: We, or our analytics providers, may use tracking tools like cookies to automatically collect information about your interactions with our Platforms, including your IP address, computer name, operating system and other hardware metrics of your device or computer.
INFORMATION COLLECTED BY ACTIVITY
Note that some information we collect from you varies based on the nature of your activity:
a. When you visit our websites or request information online
When you visit our websites, including RCSworks.com, RCSCommunity.com and RCSSupport.com, RCS may collect the IP address of your computer, the date and time of your visit, the names of any files you download, and the full text of support issues you submit and forum posts you create or to which you contribute.
If you request information by completing the Contact Us form, RCS may also store your employer name.
RCS web sites use Google Analytics for aggregated, anonymized website traffic analysis. In order to track your session, Google sets a cookie named _ga with a randomly-generated Client ID in your browser. This ID is anonymized and contains no identifiable information. RCS also sends Google your IP address. RCS uses Google Analytics to track aggregated website behavior, such as what pages you looked at and for how long. This information is important for us to maintain and improve our web site performance. Google Analytics cookies expire after two years. You can delete your _ga cookie as often as you wish. You may also request that RCS erase all your Google Analytics data if you visit our Privacy Request center here from the browser(s) from which you want to request erasure.
b. When you use RCS Internet Licensing
When you use RCS Internet Licensing, RCS may collect your username; the IP address of your computer, which may reveal your approximate location; the licensee and identity of the database or system being licensed; the name of the computer being licensed; the name of the computer contacting us; the operating system details of the computer being licensed; the existing expiration dates of any licenses already present. This information does not necessarily identify you personally unless the names of the database, computer or the username contain your name.
c. When you use RCS Data Exchange
When you use RCS Data Exchange to send a database, RCS may collect your username; the IP address of your computer, which may reveal your approximate location; the contents of the textual message you provide in the transmission; the identity and licensee of the database being sent. When receiving data, the IP address of the recipient is also collected which may reveal their approximate location.
End to end encryption of the database contents can be enabled by specifying a Private Password during transmission. Only the database contents are encrypted in transit, and not the accompanying information being transmitted.
RCS will maintain your messages and recipients’ information for up to one year. It is not shared with third parties other than our service providers. RCS may gather statistics about the frequency at which people use RCS Data Exchange or other statistics about the health and resources of the web servers used to run the service.
If your Data Exchange transmission is related to an ongoing support issue you report to RCS, we may keep your data for up to six months from the date your issue is marked as being resolved.
d. When you purchase RCS Academy courses
When you register for or purchase courses on RCS Academy, RCS and designated third parties may collect your name; email address; home address; employer; phone number; and credit card payment information. This information is retained for two years.
4) SOURCES OF PERSONAL INFORMATION
RCS (and the vendors we hire to perform business functions on our behalf) may collect or receive personal information from various sources:
Directly from you: We, along with our service providers, collect personal information from you when you use the Platforms, for example to create an account, update your information, subscribe to features or notifications, use certain features, create a profile, or indicate your preferences or settings.
When RCS customers engage with user forums at RCSCommunity.com or engage with support agents via email at RCSSupport.com, RCS will store the full text of any conversations or support tickets to which you contribute. This text may at times contain additional personal information that you provide.
When RCS users send data to other users via RCS Data Exchange, the information you provide in the accompanying message, if any, will be stored and kept by RCS as part of the transmission;
Automatically from your devices or computers: The computers or devices you use to connect to RCS Services and Platforms may send us information about which features and functions you use most frequently. This data will be anonymous and will not contain your personal information or any information about your product databases or settings. Collection of usage data can be disabled on demand inside the product. When you update your software license, the products may send us the names of your channels or stations and the name of your computer.
Vendors and service providers: We may receive information about you from our vendors and business directory providers that we hire to help us run our business, including those that host, protect or operate our Platforms; analyze data; collect debts for us; provide customer service; send emails for us; process payments; conduct surveys; fulfill orders; provide electronic coursework or training materials; or provide marketing or advertising services.
Combined information: Information obtained from various sources may be combined to identify patterns in various customer groups.
5) HOW WE USE THE INFORMATION WE GATHER
We may use personal information for the following purposes:
- To respond to your questions and requests;
- To provide customer service;
- To control your access to certain areas and features of the Platforms, such as product-specific support information, documentation and materials;
- To communicate with you about your account and activities on the Platforms, such as changes to any RCS policy;
- To notify you about updates to your open support issues including progress in resolving issues or changing the status of your issues;
- To administer the Platforms; diagnose problems with our services; and facilitate site navigation;
- For market research;
- To notify you about available software updates; service bulletins; planned network or service outages; or known software or service issues;
- To improve the Platforms, their features and usability;
- To track effectiveness of advertising (such as measuring how many people view or click an ad) and for advertising attribution, analytics and reporting;
- To personalize your RCS customer experience, including knowing your preferences for feature operation or notification messages;
- To send you marketing and promotional messages;
- To notify you of any security breaches involving your information;
- To protect against fraud, online threats, protecting the rights of our clients and subscribers; detecting illegal activity; and responding to legal or regulatory compliance obligations;
- To verify your identity; authenticate you and provide activation or communication services to you; and provide file downloads;
- To identify electronic classroom and training materials you have purchased and are entitled to access; and to send your certificate to you upon successful course completion;
- For other lawful purposes disclosed at the time we collect your information or otherwise with your consent.
6) SHARING YOUR INFORMATION
RCS may share personal information as described below:
6.1 Vendors and Service Providers: RCS may share some personal information with our service providers in order to facilitate, process or streamline our communications with you, deliver our products and services to you, and obtain information about your preferences or your satisfaction with our services and products.
6.2 A representative list of service providers to which RCS may disclose personal information is provided below (but note that our service providers may change from time to time, and there may be a delay before this list is updated to reflect such changes):
- Squarespace D/B/A Acuity
- Microsoft Office365
- Google (Analytics)
6.3 RCS does not sell personal information to third parties based on our understanding of the definition of “sell” under California law.
6.4 Business transfers: As we continue to develop our business, we may sell or purchase assets. If another entity acquires us or all or substantially all of our assets, or assets related to the Platforms, your information may be disclosed to such entity as part of the due diligence process and may be transferred to such entity as one of the transferred assets. Also, if any bankruptcy or reorganization proceeding is brought by or against us, all such information may be considered an asset of ours and as such may be sold or transferred to third parties.
Other disclosures: We may share personal information for other reasons we may describe to you from time to time as permitted by law.
Non-personal information: We may share information that has been de-identified or aggregated such that it does not identify or relate to you, with other parties for any lawful purpose. This may include aggregated user statistics about the Platforms or aggregated demographic information about our users.
7) SECURITY OF YOUR INFORMATION
We are committed to ensuring that your information is secure by using reasonable technical, administrative and physical security measures designed to protect your information. However, no electronic data transmission or storage of information can be guaranteed to be 100% secure. Please note that we cannot ensure or warrant the security of any information you transmit to us, and you use the Platforms and provide us with your information at your own risk.
RCS routinely performs penetration testing on network nodes to ensure the security technology and protocols are adequately protecting the network and stored information.
If a breach of security is discovered and the breach is likely to pose risk to the persons whose data is impacted, RCS will report the breach. The RCS IT department is instructed to identify and report any issues of data breach to the designated company officer, who will notify any relevant governing bodies within 72 hours. All impacted users will also be notified of any breach.
8) CONTROLLING YOUR PERSONAL INFORMATION
You may choose to restrict the collection or use of your personal information from your profile page when you login to RCSsupport.com.
Marketing Communications: If you do not want to receive promotional communications from us, including advertisements, surveys or other marketing announcements, you can unsubscribe by:
- Following the link inside the communications you receive to manage your contact preferences
- Contacting our Privacy Center at email@example.com
- Calling our Privacy Center at 1-877-774-1013
- Contacting us by mail at RCS, 445 Hamilton Avenue, White Plains NY 10601.
Please note that if you opt out of marketing oriented communications, we may still send you non-marketing communications such as those regarding your account or ongoing business relationships.
Do Not Track: Some browsers allow for the setting of a Do Not Track marker that conveys a request that the web site visited should not store information about the visitor during the course of their interaction with the web site. Because this is a non-uniform technology without support from most browsers, RCS does not observe the Do Not Track requests sent by browsers.
If you are an EU resident, you may request details of personal information that we may hold about you. If applicable, we will promptly correct any information found to be incorrect. Contact your local RCS office for assistance, or contact our Privacy Center at 1-877-774-1013 or firstname.lastname@example.org.
If you are a California resident, you have certain options and rights under the California Consumer Privacy Act (CCPA). See item 10 below for more information.
9) ACCOUNT DELETION
In accordance with routine data maintenance or housekeeping, RCS may delete certain records that contain personal information about you. We are under no obligation to store such personal information indefinitely and disclaim any liability arising out of, or related to, the destruction of such personal information.
RCS users may remove personal information from their accounts by invoking the “Request Account Deletion” button on the Profile page, which appears after you log in at the RCSSupport.com website. Upon activating the mechanism, your name, email address and phone number will be removed from RCS client database.
REMOVAL PROCEDURE FOR CALIFORNIA RESIDENTS
If you wish to request deletion under provisions of the CCPA for residents of California, you may request deletion of your data from the RCS Privacy Request center here or by calling the center at 1-877-774-1013.
10) PERSONAL INFORMATION AND YOUR RIGHTS
10.1 YOUR EUROPEAN UNION (EU) RIGHTS
The General Data Protection Regulation (GDPR) affords specific rights to users inside the European Union (EU). You have the right as an individual to manage the personal data we hold about you and make amendments to it if this is necessary and to withdraw any consent in relation to the use of your personal data that you may have given us. If you exercise any of your rights, RCS may ask for information from you to confirm your identity and, where applicable, to help RCS find your personal data. We will respond within 30 days after we receive a valid request backed up by suitable evidence of your identity.
The specific rights you have under the GDPR are:
- to know what data RCS collects from you, how it is used, and who it is shared with (right to be informed);
- to see what data is held about you (right of access);
- to request a summary of the personal data we have about you (right to data portability);
- to correct and update your personal data if incorrect (right to rectification);
- to object to processing data in a purpose that is different from that under which the data was collected (right to object);
- to request suspension of processing temporarily (right to restrict processing);
- to withdraw your consent (where we have requested and you have given it to enable RCS to send you any general information that is not strictly necessary under any contract nor is within our legitimate interests to send to you);
- to object to certain kinds of processing of your personal data such as automated processing and profiling;
- to erase your personal data (right to erasure);
- to complain to the RCS-nominated supervisory authority in the European Union which is the Datainspektionen in Sweden. The Datainspektionen may be contacted at PostaddressBox 8114, 104 20 Stockholm, Sweden (https://www.datainspektionen.se/in-english/contact-us/)
You have right under GDPR to ask RCS not to process your personal information for marketing purposes. To exercise these rights, you should indicate your notification preferences on your user profile when you log in to our web sites and services, or follow the instructions inside the materials you receive that describe how to manage your notification preferences.
10.2 YOUR CALIFORNIA RIGHTS
Residents of California have rights under the provisions of the CCPA (California Consumer Privacy Act):
Access: You have the right to request that we disclose to you the following: (i) the categories of personal information that we have collected about you; (ii) the categories of sources from which we have collected personal information about you; (iii) the business or commercial purpose for collecting or selling your personal information; (iv) the categories of personal information that we have sold about you and the categories of outside parties to whom the personal information was sold; (v) the categories of personal information that we have disclosed about you for our business purposes and the categories of suppliers to whom the personal information was disclosed; and (vi) the specific pieces of personal information that we have collected about you.
Deletion: You can request that we delete the personal information that we maintain about you, subject to certain exceptions.
You will not receive discriminatory treatment by RCS for exercising privacy rights under the CCPA.
We may deny certain requests, or fulfill a request only in part, based on our legal rights and obligations. For example, we may retain personal information as permitted by law, such as for tax or other record keeping purposes, to maintain an active account, and to process transactions and facilitate customer requests.
If you exercise any of your rights, RCS may ask you for information to verify your identity and, where applicable, to help RCS find your personal data. The verification steps will vary depending on the sensitivity of the personal information and whether you have an account with us. You may designate an authorized agent to make a request on your behalf. When submitting the request, please ensure the authorized agent identifies himself/herself/itself as an authorized agent.
c. ADDITIONAL CCPA DISCLOSURES
Under the provisions afforded by CCPA, RCS makes the following disclosures about the categories of Personal Information it collects, sells or uses for a business purpose, and indicates the sources and uses of data collected:
Categories of Personal Information Collected in preceding 12 months:
Information categories listed in Cal. Civ. Code § 1798.80(e)
Protected classification characteristics under California or federal law
Internet or other similar network activity
Categories of Sources From Whom Personal Information is Collected:
Customers, analytics providers, business partners, third party industry directories
Categories of Personal Information Sold in preceding 12 months:
RCS does not sell Personal Information according to our understanding of the CCPA definition of “sell.”
Categories of Personal Information shared with other parties in preceding 12 months, such as service providers, vendors, and business partners:
Information categories listed in Cal. Civ. Code § 1798.80(e)
Internet or other similar network activity
Professional or employment-related information
Purpose for Collecting Personal Information
Providing customer support including account management
Sending marketing or support messages
Web site operation
Fulfilling orders and processing online payments
Communicating with you
Complying with our legal obligations or protecting our legal rights
Protecting against and preventing illegal or inappropriate activity
Verifying your identity in relation to CCPA requests
The Platform is not directed to children under 13. We do not knowingly collect, use or disclose personal information from anyone under 13 years of age. If we determine upon collection that a user is under this age, we will not use or maintain his/her personal information without the parent/guardian’s consent. If we become aware that we have unknowingly collected personal information from a child under the age of 13, we will make reasonable efforts to delete such information from our records.
12) CHANGES TO THIS POLICY
We reserve the right to update this Policy to reflect changes to our information practices by prominently posting notice of the update on our Sites, and, if required by law, obtaining your consent. Any updates will become effective immediately after posting the updates to this Policy and apply to all information collected about you, or where required. You agree that you will review this Policy periodically.
If we make any changes to this Policy, we will change the “Last Updated” date above.
The provisions of the CCPA require that this policy shall be updated at least once yearly.
If we make any major changes to this Policy – including, but not limited to, changes that materially impact previously collected information about you – we will contact you by email to notify you of the same, and where applicable, obtain your consent. If you do not agree or consent to these updates or changes, do not continue to use the Platform.
13) CONTACT US
If you have any questions about this Policy, or concerning information we may have collected about you and the manner in which it is used, please contact us by email at email@example.com, or call our Privacy Request center at 1-877-774-1013.
You can also contact your local RCS sales or support office.
For RCS companies in Europe and the European Union, you may also contact:
Data Privacy Manager
216 19 Malmö