Last Updated: October 25, 2019
This Privacy Notice explains the information practices and policies of Continuum Managed Services Holdco, LLC (“Continuum”) and its U.S. entities & subsidiaries listed in schedule 1. It describes how we collect, use, and disclose information of: (a) individuals (i.e. employees or other staff users) of business partners or clients such as our MSPs (collectively "clients") that use our managed information technology services; (b) individuals (i.e. employees or other staff users) of any prospective business partners or clients; and/or (c) any visitors to any websites owned by Continuum (“Continuum Websites”).
For the purposes of this Privacy Notice, the terms “we”, “us” and “our” refer to Continuum and “you” refers to you, anyone whose information we process for the purposes above.
This Privacy Notice does not reflect the privacy policies or practices of our clients or any other third party. Continuum is not responsible for the privacy policies or practices of any client, end-clients of clients or other third party.
Continuum and its U.S. entities & subsidiaries listed in schedule 1 has adopted this Privacy Shield Policy as part of its overall Privacy Notice to establish and maintain an adequate level of privacy protection to certain Personal Information that Continuum obtains regarding individuals located in the European Union.
Continuum has certified its compliance with the Privacy Shield. To learn more about the Privacy Shield program, and to view Continuum's certification listing, please click here.
We provide managed information technology (“IT”) services and solutions to our clients, including remote monitoring and management, network operations technical support, white label technology help desk services, and backup and disaster recovery management, among others (collectively, the “Services”).
In using our Services, our clients may backup and/or store or otherwise process business or other information or allow us to have access to such information, including Personal Information (defined below) on our Services ("Client Information"). In providing our Services, we process Client Information on behalf of and under the direction and instruction of our applicable client. It is the responsibility of Continuum's client (or its end client if any) to ensure that the Client Information that it collects backups, stores or otherwise processes or allows us to access through the client's use of Continuum’s Services has been legally collected and is processed in accordance with applicable data protection laws.
We primarily collect, access, use, and share Personal Information where necessary for us to market and provide Services to our clients and in the ordinary course of running our business, including through the receipt of communications such as emails, website enquiries and telephone calls.
We do not require sensitive personal information (e.g., social security numbers, passport number, driver’s license, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, sex life/orientation, biometrics or genetic characteristics, criminal background or trade union membership).
When we say, “Personal Information,” we mean individually identifiable information that alone or when in combination with other information may be used to readily identify, contact, or locate a specific person, such as a name, address, phone number, username, email address, and password, it might also include information such as your IP addresses and/or other online identifiers and information related to your device (see "Cookies or Similar Technologies" section below and https://www.continuum.net/privacy-center/cookie-usage)
Information Collected through Our Services and Continuum Websites
We may collect information, including Personal Information, in the following ways:
Information That You Provide To Us Voluntarily
General Contact Information. We will collect any Personal Information that you voluntarily provide to us when you visit a Continuum Website, subscribe for or enquire about any of our Services. For example, if you submit a sales enquiry or subscribe for a newsletter via a Continuum Website web form or request additional information or contact from Continuum via email, you will provide us with certain Personal Information, which may include names, company name, address, and email address.
In addition, if you choose to communicate with us via a web form, email, or by telephone, we will keep a copy of our communication together with your email address or phone number and our responses.
Information That We Collect Automatically
Device-related Information. When you visit any Continuum Website or use our Services, we may also collect device related information from the user’s device, including information such as an IP address, device type, unique device identification numbers, browser-type, broad geographic location (e.g. country or city-level location), the date and time of use of our Services, the date and time of an event on the client’s IT systems, system logs, and technical attributes about the device or a web browser. In some countries, including countries in the European Economic Area, this information may be considered "personal data" under applicable data protection laws. This information enables us to better understand use of our Continuum Websites and Services. Some of this information may be collected using cookies and similar tracking technology, as explained further under the heading “Cookies or Similar Technologies” below.
Cookies or Similar Technologies
If you have arrived at any Continuum Website by clicking on a banner ad for one of Continuum's products or services, a session cookie may be used. This cookie contains an identification number for the advertisement that you clicked on, and it helps Continuum determine which of its ads attracts the most visitors. If you choose to request further information from us about Continuum's products and services, the personal information that you provide in that request will be linked to the information in the session cookie.
In order to better understand how our sites are used, Continuum Websites may also use persistent cookies along with other information collected in our servers' files (e.g., IP Address, referring URLs, etc.). For more information about the nature of cookies and similar technologies that Continuum Websites use, and for information about how to reject cookies from Continuum websites please refer to our Cookie Management Page at https://www.continuum.net/privacy-center/cookie-usage. Each browser is different, so you should check your browser’s “Help” menu to learn how to change your cookie preferences. If you reject or block cookies, Continuum Websites may not function as intended.
Information That We Obtain From Third Party Sources
Commercially Available Information.. Continuum may also collect information from commercially available sources but only where we are legally permitted to collect the information. Such information may include names, addresses, email addresses, and demographic data. The information Continuum collects from these commercial sources may be combined and cross-referenced with information collected through the Services. We use this information for communications purposes to provide direct marketing materials for our business customers or prospects.
From time to time, we may also ask our partners or clients to voluntarily provide us with the email addresses of contacts of other organisations, so they too can benefit from the various products and services offered by Continuum and Continuum's trusted affiliates. Where we do, we will ask that they have the permission to pass on these details to us.
How We Use Information Collected through Our Services and Continuum Websites
To Serve Our Clients. We use the information we collect, including Personal Information, to provide our Services to the clients on whose behalf we are acting. For example, in order to provide technical support, we may contact a user (such as employees or staff members) of Continuum's clients using any contact information provided to us.
To Serve You. We use the information we collect, including Personal Information, to respond to any request or query directed to us (for example through web forms or email), to provide you/your organisation with our products and Services and to manage our relationship with you. For example, we may respond to a job application, address any enquiries or complaints you may have, endeavour to improve the Services we provide, or provide you with information about other products and services we offer that we think you may be interested in.
For Direct Marketing. If we have the right to do so, we will use your Personal Information for the purposes of direct marketing communications to your organisation, such as by adding your contact and other details to a marketing database. Where we do, we will provide you with an opportunity to opt out in accordance with section III.
For Internal and Service-Related Purposes.We may use any information we collect through the Services and/or any Continuum Websites for internal and service-related purposes, including providing it to third parties as necessary to allow us to facilitate provision of the Services, maintain or improve Continuum Website security, and/or invoicing for example.
Anonymized and Aggregate Data. From time to time, we will anonymize and aggregate data collected through our Services for analytics purposes, product improvement purposes and other commercial purposes.
How We May Disclose Information Collected through Our Services and Continuum Websites
We may share any information we collect, including Personal Information with the following categories of recipients and/or in the following circumstances:
With Our Group Companies including those listed in schedule 1, Third-Party Vendors and Service Providers. As appropriate, we may share any information, including Personal Information, with any of our group companies including those listed in schedule 1, vendors and/or service providers in connection with the provision or marketing of the Services, Continuum Websites. These third parties have access to Personal Information to the extent necessary to permit them to do their jobs, however, they are bound by confidentiality agreements before any information is provided to them, and they are restricted from using the information for other purposes. For Personal Information transferred to us from European Union member countries under the EU-US Privacy Shield, we will remain liable under the Privacy Shield Principles if our agents or service providers process such Personal Information in a manner inconsistent with the Privacy Shield Principles, unless we will prove that we are not responsible. A list of our current service providers and partners is available to current Continuum customers and can be found here.. A list of providers and partners that we use with our website visitors is available on Continuum’s Privacy Center.
As Required by Law and Similar Disclosures. We may access, preserve, and disclose information, including Personal Information, if we believe it is necessary: to comply with national security or law enforcement requests and legal process, such as a court order or subpoena; to respond to your requests; to prevent or address fraud, security, or technical issues; or to protect our property or other legal rights or the rights or property of others, or to protect the vital interests of others.
Merger, Sale, or Other Asset Transfers. If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, receivership, sale of company assets, or transition of service to another provider, information collected through the Services or Continuum Websites (or both) may be sold or transferred as part of such a transaction, as permitted by law and/or contract.
Other than as stated in this Privacy Notice, we will not release Personal Information to unaffiliated third parties, and we will not cross-reference Personal Information collected through one client’s use of our Services with that of any other client or entity.
We use personal information only for the purpose mentioned in this policy. We do not sell personal information to anyone.
Personal Information of clients' clients
Please note that if you are an end-user of one of our clients' clients whose Personal Information we may backup or otherwise process in providing Services to our clients, you must submit any requests for access to, correction, amendment, or deletion of your Personal Information, to our applicable client’s client.
Access & Correction
If you wish to request access to, correction, or deletion of Personal Information you have submitted through the Continuum Websites, you can log into your account or contact Continuum at firstname.lastname@example.org. If you are a resident in the European Union, you may have additional rights which we have set out below.
Data Integrity and Purpose Limitation
Continuum will use Personal Information only for the purpose of or in ways compatible with the purposes for which it was collected.
We keep information we need to provide our Services only so long as we have a valid business purpose, in accordance with applicable law and our client agreements. For example, to provide you with Services you have requested or to comply with applicable legal, tax or accounting requirements.
When we have no ongoing legitimate business need to process your Personal Information, we will delete it. If immediate deletion is not possible (for example, because your Personal Information has been stored in backup archives), then we will securely store your Personal Information and isolate it from any further processing until deletion is possible or unless as otherwise required by law.
We include an “unsubscribe” hyperlink in Continuum marketing emails for those users who wish to stop receiving email communication from Continuum. The hyperlink will connect to one of our websites, which will confirm the email address that has been automatically unsubscribed and will no longer receive emails from Continuum.
We take steps to ensure that information is treated securely and in accordance with this Privacy Notice which include appropriate technical and organisational measures. These measures are designed to provide a level of security appropriate to the risk of processing of your Personal Information. However, neither the Internet nor any form of electronic storage can be guaranteed to be 100% secure, and we cannot ensure or warrant the security of any information provided to us.
Continuum is headquartered in the United States of America, but we are a growing corporation with operations in multiple countries. In using Continuum Websites, Services and/or otherwise contacting us you acknowledge that your information may be accessed and processed around the world, to us in the United States or to our affiliates, partners, merchants, or service providers elsewhere in the world, including the United Stated, European Union, Australia, the Philippines and India. However, we have taken appropriate safeguards to require that your Personal Information remains protected in accordance with the terms of this Privacy Notice and applicable data protection laws. In particular we comply with the terms of our EU-US Privacy Shield certification and ensure that we flow obligations under the Privacy Shield Principles through to any of our third-party partners, merchants or service providers to the extent required by the Principles.
Continuum and its U.S. entities & subsidiaries listed in schedule 1 have certified with the EU-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the processing of certain Personal Information from the European Union member countries. We have certified that we adhere to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability. If there is any conflict between the policies in this Privacy Notice and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/.
If you have any inquiries or complaints about our handling of your Personal Information under the Privacy Shield, you should first contact us at email@example.com and we will respond to your inquiry promptly. If we are unable to satisfactorily resolve your complaint, or we fail to acknowledge your complaint in a timely fashion, we have further committed to cooperate and comply with the panel of European data protection authorities (DPAs) in the resolution of any Privacy Shield complaints. If you reside in the European Union, you may also have the opportunity under certain conditions to invoke binding arbitration for complaints regarding the Privacy Shield not resolved by the above mechanisms. For more information, please see the "Complaints and How To Contact Us" section below.
Continuum is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC) and of other relevant US statutory bodies authorized to verify and ensure compliance with the Privacy Shield Principles.
Legal Basis for processing your Personal Information
Our legal basis for collecting and using the Personal Information described above will depend on the Personal Information concerned and the specific context in which we collect it.
However, we will normally collect Personal Information from you only where we need the Personal Information to perform our contract for our Services with our clients, where the processing is in our legitimate interests (provided these interests are not overridden by your data protection interests or fundamental rights and freedoms), or otherwise if we have your consent to do so. In some cases, we may also have a legal obligation to collect Personal Information from you such as to comply with background check requirements, tax details, or other benefit information for Continuum employees.
If we ask you to provide Personal Information to comply with a legal requirement or to contact you, we will make this clear at the relevant time and advise you whether the provision of your Personal Information is mandatory or not (as well as of the possible consequences if you do not provide your Personal Information). Similarly, if we collect and use your Personal Information in reliance on our legitimate interests (or those of any third party), we will make clear to you at the relevant time what those legitimate interests are and before doing so will ensure that we have considered your rights and interests.
If you have questions about or need further information concerning the legal basis on which we collect and use your Personal Information, please contact us at firstname.lastname@example.org.
We comply with the Australian Privacy Principles as set out in the Privacy Act 1988 (Cth) (“Privacy Act”) regarding the collection, storage, use and disclosure of Personal Information from Australian users.
In addition to the uses set out in the section titled “How We Use Information Collected through Our Services and Continuum Websites”, we may also use your information, including Personal Information, for a secondary purpose that is related to a purpose for which we collected it, where you would reasonably expect us to use your Personal Information for that secondary purpose.
Under the Privacy Act, we have an obligation (the “Obligation”) to take reasonable steps, in the circumstances, before disclosing Personal Information to an overseas recipient to ensure that the overseas recipient does not breach privacy laws in relation to that information. However, should we obtain your consent to disclose your Personal Information to an overseas recipient, the Obligation does not apply. In obtaining your consent, we will not be accountable and you will not be able to seek redress against us under the Privacy Act if the overseas recipient handles your Personal Information in breach of the Australian Privacy Principles (“APPs”) under the Privacy Act. In providing your consent under this Privacy Notice, you acknowledge and agree to the risks associated with the disclosure of your Personal Information overseas. These risks may include the overseas recipient not being subject to any privacy obligations or privacy principles similar to the APPs and the overseas recipient being subject to foreign law that could compel the disclosure of your Personal Information to a third party, such as an overseas authority.
If you are a user in Australia and wish to access, correct or update your information in accordance with section III, Continuum may refuse certain requests but only in circumstances where this is permitted under the Privacy Act.
We acknowledge individuals' rights in relation to their personal data under application data protection laws. As a partner, you may be able to access and update your account information by logging into your account at https://control.itsupport247.net/.
In addition, if EU data protection laws apply to your Personal Information, you may have the following data protection rights which you may exercise at any time by using the contact details provided under the "Complaints and How to Contact Us" section below:
We will respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.
Please note, if you are an individual whose personal information Continuum processes as a "data processor", for example to provide services on behalf of its clients, you must contact the relevant data controller of your Personal Information in order to exercise your rights. This might be one of our clients or one of our clients' customers.
Continuum will not discriminate against any consumers as long as it is not limiting us to provide service within the mentioned purpose.
We do not knowingly collect, store, or use information from children, including those under the age of 13. If you are under the age of 13, you may not submit any information through the Continuum Websites or Services. If you have reason to believe that a child under the age of 13 has provided information to us through the Continuum Websites or Services, please contact us and we will endeavour to delete that information from our databases.
The Continuum Websites currently do not respond to “Do Not Track” (DNT) signals and operate as described in this Privacy Notice whether or not a DNT signal is received.
We may update this Privacy Notice to reflect changes to our information practices from time to time. If we decide to change this Privacy Notice, we will post the changes on this page so visitors to the Continuum Website and our clients and the users of their IT systems are aware of our practices, and we will change the “Last Updated” date above. If we make a material change to our information practices, such as to how we use Personal Information, we will make reasonable efforts to provide notice on our website and/or through our clients and obtain consent to any such uses as may be required by law.
If you have any questions, comments, or concerns about this Privacy Notice or our information practices, please email us at email@example.com.
If you don’t receive adequate resolution of a privacy-related problem, you may write to our Chief Information Security Officer at:
Chief Information Security Officer
Continuum Managed Services Holdco, LLC
99 High St
Boston, MA USA,02110
For EU Individuals: If a complaint cannot be resolved by any of the mechanisms described above, you also have a right, under certain conditions, to invoke binding arbitration under the Privacy Shield Panel in compliance with the EU-US Privacy Shield. If you want to initiate this arbitration procedure, you are required to first formally notify us of your intention to do so by writing to firstname.lastname@example.org. Please remember to include a summary of the steps you have already taken to resolve your complaint and a description of the alleged violation. See also XI above on your right to complain to EU data protection authorities.
Specifically, if you are a European Union individual and a complaint cannot be resolved through Continuum’s internal process, we have further committed to refer such complaints, under the EU-US Privacy Shield Principles to utilize JAMS as an alternative dispute resolution provider. Information regarding JAMS and the process for initiating a claim can be found at https://www.jamsadr.com/eu-us-privacy-shield.
For Australian individuals: if a complaint cannot be resolved by any of the mechanisms described above or for more information on your privacy rights, you may contact the Office of the Australian Information Commissioner at:
Phone: 1300 363 992. If calling from outside Australia: +61 2 9284 9749
Fax: +61 2 9284 9666
Address: GPO Box 5218, Sydney NSW 2001
Continuum’s U.S. entities & subsidiaries certifying to the privacy shield:
Continuum Security LLC
BrightGauge Software, Inc.