ALTAIR PRIVACY SHIELD POLICY FOR CONSUMER DATA
Altair Engineering, Inc. and its US subsidiaries Altair Product Design Inc., solidThinking Inc., and Illumisys Inc., (“Altair”) are committed to upholding the highest ethical standards in its business practices and strives to collect, use, and disclose personal information consistent with the laws of the countries in which it does business. This Privacy Shield Policy sets forth the privacy principles that Altair follows with respect to your personal consumer information transferred from the European Economic Area (EEA) (which includes the twenty-eight member states of the European Union (EU) plus Iceland, Liechtenstein and Norway) to the United States and from Switzerland to the United States..
The Federal Trade Commission (FTC) has jurisdiction over Altair’s compliance with the Privacy Shield.
Altair has certified that it adheres to the Privacy Shield Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Privacy Shield program, and to view Altair’s certification, please visit https://www.privacyshield.gov.
This Privacy Shield Policy (the "Policy"), effective September 26, 2016, applies to all data information received from consumers by Altair in the United States from the European Economic Area and from Switzerland, in any format including electronic, paper, or verbal.
Altair complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework, each as set forth and administered by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the Member States of the EEA and Switzerland to the United States of America. Altair has certified to the U.S. Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit the U.S. Department of Commerce’s Privacy Shield List atwww.privacyshield.gov.
For purposes of this Policy, the following definitions shall apply:
"Agent" means any third party that collects or uses personal data under the instructions of, and solely for, Altair or to which Altair discloses personal data for use on Altair's behalf.
"Altair" means Altair Engineering Inc, its US subsidiaries, divisions, and groups.
"Sensitive Personal Information" means personal data that reveals race, ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, or that concerns health or sex life. While we do not consciously collect such information ourselves, Altair will treat as Sensitive Personal Information any information received from a third party where that third party treats and identifies the information as sensitive.
The privacy principles in this Policy are based on the Privacy Shield Principles.
NOTICE: Where Altair collects personal data directly from individuals in the EEA and Switzerland, it will inform them about the purposes for which it collects and uses personal information about them. Notice will be provided in clear and conspicuous language when individuals are first asked to provide personal data to Altair and in any event before Altair uses or discloses the information for a purpose other than that for which it was originally collected or discloses information to a non-agent third party.
Where Altair receives personal data from its subsidiaries, affiliates or other entities in the EEA or Switzerland, it will use and disclose such information in accordance with the notices provided by such entities and the choices made by the individuals to whom such personal data relates.
Regardless of the sensitivity level of the Personal Information, Altair will give individuals the opportunity to affirmatively and explicitly (opt-in) consent to the disclosure of the information to a non-agent third party or the use of the information for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual. Altair will provide individuals with reasonable accommodations to exercise their choices.
DATA INTEGRITY: Altair will use all (Sensitive) Personal Information only in ways that are compatible with the purposes for which it was collected or subsequently authorized by the individual. Altair will take reasonable steps to ensure that your (Sensitive) Personal Information is relevant to its intended use, accurate, complete, and current. We will only collect and store (Sensitive) Personal Information that is relevant to fulfill the purpose of the request and will retain such information no longer than appropriate to fulfill the purpose of the request.
TRANSFERS TO AGENTS: Altair may share personal data with an Agent with your express consent or as necessary to complete any transaction or provide any product or service as requested or authorized. Altair may also share your data with Altair-controlled affiliates and subsidiaries; with vendors working on its behalf; when required by law or to respond to legal process; to protect its customers; to maintain the security of our products; and to protect the rights or property of Altair.
Altair’s accountability for personal data that it receives under the Privacy Shield and subsequently transfers to an Agent is described in the Privacy Shield Principles. In particular, Altair remains responsible and liable under the Privacy Shield Principles if third-party Agents that it engages to process the personal data on its behalf do so in a manner inconsistent with the Principles, unless Altair proves that it is not responsible for the event giving rise to the damage.
ACCESS AND CORRECTION: Upon request, Altair will grant individuals reasonable access to (Sensitive) Personal Information that it holds about them. In addition, Altair will take reasonable steps to permit individuals to correct, amend, or delete information that is demonstrated to be inaccurate or incomplete. These requests may be made by sending an email to firstname.lastname@example.org. We may limit an individual’s access to (Sensitive) Personal Information where the legitimate rights of persons other than the individual would be violated.
SECURITY: Altair will take reasonable precautions to protect all (Sensitive) Personal Information in its possession from loss, misuse and unauthorized access, disclosure, alteration and destruction.
ENFORCEMENT: Altair will conduct annual compliance audits to ensure relevant privacy practices to verify adherence to this Policy. Any employee that Altair determines intentionally violates this Policy will be subject to disciplinary action up to and including termination of employment.
DISPUTE RESOLUTION: Any questions or concerns regarding the use or disclosure of personal data should be directed to Altair’s General Counsel at email@example.com. Altair will investigate and attempt to resolve complaints and disputes regarding use and disclosure of personal data in accordance with the principles contained in this Policy. Under certain conditions, more fully described on the Privacy Shield website, you may invoke binding arbitration when other dispute resolution procedures have been exhausted. Altair has agreed to participate in the binding arbitration procedures of JAMS (originally Judicial Arbitration and Mediation Services) as described further at https://www.jamsadr.com/eu-us-privacy-shield pursuant to the Privacy Shield Principles, which will be offered free of charge to you. Please contact JAMS or visit https://www.jamsadr.com/eu-us-privacy-shield for more information or to file a complaint.
LIMITATIONS ON APPLICATION OF PRINCIPLES
Adherence by Altair to these Privacy Shield Principles may be limited (a) to the extent required or permitted by law or legal process, such as to respond to or investigate a legal or ethical obligation or request or pursuant to court orders, subpoenas, interrogatories or similar directive carrying the force of law; and (b) to the extent expressly permitted by an applicable law, rule or regulation.
Questions or comments regarding this Policy should be submitted to Altair’s Office of the General Counsel by email to firstname.lastname@example.org or by mail to Altair Engineering Inc., 1820 E. Big Beaver Road, Troy, Michigan 48083, Attn: Office of the General Counsel.
CHANGES TO THIS PRIVACY SHIELD POLICY
This Policy may be amended consistent with the requirements of the Privacy Shield Principles. A notice will be posted on the Altair web page for thirty (30) days whenever this Privacy Shield Policy is changed in a material way.
Rev Oct 2020