LRS is a trans-national business headquartered in the United States. Our management structure and business processes cross borders. Some of our technological systems and databases are shared between our U.S., European and other offices as listed on our web site. This means that our business and employee data is transferred across borders.
LRS complies with the U.S.-EU Safe Harbor Framework and the U.S.-Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland. LRS has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view LRS’ certification, please visit http://www.export.gov/safeharbor/ .
Notice and Disclosure
Excluding your Employee Information which is discussed below, we process and use your personal information only as a part of our business relationship with you and your company, including contract and billing administration; fulfilling our business obligations to you and your company; communicating with you about marketing and technical information concerning our software, products and services; and other related business activities of which you are informed of at the time your personal information is collected or as soon thereafter as practical. We may need to disclose personal information to our agents, distributors, and business partners or to protect and defend the rights or property of LRS. LRS does not sell, lease or rent personal information to third parties.
We will always give you an opportunity to choose (opt-out) whether your personal information is:
- Disclosed to a third party (other than an LRS agent doing work at our direction)
- To be used for purpose other than that for which it was collected or subsequently authorized by you
Although we do not ever anticipate providing sensitive personal information, such as employee health information, to a non-agent third party or using it for a purpose other than that for which it was collected, we will never do so without first allowing the individual involved to affirmatively and explicitly (opt-in) consent to such transfer or use. The only exception to this choice for both sensitive and non-sensitive personal information would be where we are required to disclose your personal information pursuant to governmental or judicial order, law or regulation.
Transfer to Agent
We will not transfer personal information originating in the EU to our agent unless such agent is subject to the EU Data Protection Directive, is a member of the U.S. EU Safe Harbor, or the agent has entered into an agreement with us requiring the agent to protect your personal information in accordance with this policy. Additionally, when one of our European offices transfers personal information to an agent located within the European Union, we will have an agreement with that agent that conforms to the EU Data Protection Directive. Transfer of personal information originating in countries outside the EU will be conducted according to the laws of the countries from which the information is being transferred.
At a minimum, you will always be able to opt-out from receiving marketing materials from LRS. If we determine that applicable national law requires that more stringent requirements (opt-in) be applied before you receive marketing material from us, we will implement the same.
We will only collect and retain personal information which is relevant to the purposes for which the information is collected, and we will not use it in a way that is incompatible with such purposes unless such use has been subsequently authorized by you. We will take reasonable steps to insure that personal information is reliable for its intended use, accurate, complete, and current.
Data Security Access and Correction
To protect all of our personal information, we have in place reasonable technical and operational security measures to prevent personal information from accidental loss, misuse, alteration, or destruction. If you wish to review or amend your personal information, or correct or delete your personal information if it is inaccurate, please notify us at LRSHRHelp@LRS.com or call us at 217-793-3800, ext. 3333 (U.S.) or at 44-1242-537-500 (U.K.); in the U.K. ask for Data Protection Compliance Officer.
In general, you may visit our Website without providing any personal information. However, you may choose to provide us with personal information by completing on-line forms. At the point of collection we will inform you of how your personal information will be used; apart from these uses, LRS will only use your personal information in accordance with the terms of this policy.
LRS sometimes uses "session cookies" on our web site. Session cookies are text strings that a browser and web server exchange. At LRS, session cookies are stored in memory only until the browser session is closed. We use this information from visits to our web site to help us maintain user status between web pages and to enhance the effectiveness of our web site and customer service.
LRS also collects and analyzes the number of visits to our Web site and the various Web pages. However, this information is not personal and we only analyze it to attempt to discern usage trends and the effectiveness of our Web site.
We collect employee information from prospective and present employees only for legitimate business purposes, including the administration of health insurance benefits. Our European Union employees at the time of their employment are notified in detail how their personal information will be used. Employee information on health, race, ethnic origin, performance evaluations, and disciplinary actions and other sensitive employee matters, whether it is stored manually or electronically, is accessible by other LRS employees only if necessary with respect to legitimate human resource functions or issues; however, an employee's picture and any information the employee chooses to provide may be placed on the LRS intranet. Likewise, from time to time, an employee's picture along with personal information may be published in the LRS NewsLine. LRS will obtain affirmative consent for such publication from all new employees before publishing the employee’s personal information. New employees may decline to provide this consent, and all employees may withdraw their consent to such publications at any time.
LRS may require certain U.S. employees and applicants to maintain a résumé, including name, title, education, experience, and areas of expertise. These résumés may be provided to clients or prospective clients of LRS in support of the company’s efforts to secure new and/or continuing business.
Employees may review their personnel files and any personal information concerning them upon request. For legitimate human resources purposes, employees may choose to voluntarily disclose personal information about family members. If our employees choose to do this, their family member's personal information shall be treated, for the purposes of this policy, the same as an employee's personal information. Unless otherwise noted or excluded by context, "employee information" is included within the definition of "personal information" for the purposes of this policy. Employee information is never sold, leased or rented to any third party. Employee information will never be disclosed to third parties except as follows:
- To those retained by LRS for processing only for the purposes set forth above
- Where required pursuant to an applicable law, governmental or judicial order, law or regulation, or to protect the rights or property of LRS
- Where authorized in writing by the employee
- Where the employee voluntarily provides personal information and the context makes it clear that employee information will be provided to a third party (ex. LRS Travel Request System profile)
- U.S. employee résumés may be provided to clients or prospective clients as set forth above
- In rare cases, U.S. employee information will be provided to LRS Consulting Services clients to use as a personal identifier for legitimate business purposes only and only if LRS has a contractual relationship with the client that requires the client to protect the information as confidential.
Dispute Resolution and Enforcement
Since we are committed to protecting your privacy as set forth in this policy, if you think we are not in compliance with our policy, or if you have any question or if you wish to take any other action concerning this policy or your personal information, we encourage you to contact us at LRSlegal@LRS.com or call us at 217-793-3800, ext. 1709 (U.S.) or at 44-1242-537-500 (U.K.); in the U.K. ask for the Data Protection Compliance Officer. We will investigate your complaint, take appropriate action and report back to you. If the personal information in question was transferred from the EU to the United States, and you are not satisfied with our response, we have agreed to participate in the dispute resolution procedures of the EU Data Protection Authorities. LRS will conduct compliance audits to verify adherence to this policy and the U.S.-EU Safe Harbor principles. Any LRS employee who violates this policy will be subject to disciplinary action up to and including termination of employment.
Right to Change Policy
In general, changes will be made to this policy to address new or modified laws, changes to the Safe Harbor, or new or modified business procedures. However, we reserve the right to amend, modify or otherwise change this policy at any time.
U.S.-EU Safe Harbor Framework Compliance
We self-certify compliance with
This policy was last updated on February 17, 2015 and notice will be posted on our home page and at the beginning of this policy for 30 days whenever this policy is changed in a material way.