Privacy Policy

Scope

This privacy policy is intended to cover the combined operations and web presence of Repario Data (“Repario,” “we,” “us,” or “our”). (Last Updated October 4th, 2023)

What is This?

This policy describes how we collect, use, and process your personal data, and how in doing so, we comply with our legal obligation to you.

When you deal with Repario you trust us with your information. You give us information about yourself when you make any enquiry to Repario, or engage us to provide a service, or by entering information via our website, this is considered your contact details.

This policy may change from time to time, so please ensure that you periodically check this page to ensure you are still happy with any changes.

Information we receive from you and other sources

We may collect information from you as part of our engagement, we could also receive information about you from various third parties, Including:

  • Clients we are actively engaged with;
  • Employers may provide references about you;
  • Potential clients provide information relating to future engagement;
  • Partners and Suppliers;
  • Recruitment companies, as part of the recruitment process.

Information we receive from clients

As an eDiscovery provider, much of the data we hold is provided and used by clients rather than directly from individuals. Any data received on behalf of clients is used strictly for the business purposes defined in the agreement between the client and Repario. It is not shared with third parties unless otherwise agreed upon.

An individual who seeks access or who seeks to correct, amend, or delete inaccurate data provided to Repario by a client should direct their query to that client. An individual wishing to limit the use or sharing of their data should direct their query to that client.

Information we receive from Staff

We will collect personal information about staff for various purposes, primarily relating to establishing and managing the employment or other work relationship between Repario and its human resources. All Repario staff should refer to our company policy (RD-PL15-Privacy Policy) for internal data handling, the policy is available to all staff during induction and throughout employment with Repario via our shared document repository.

Information obtained from Partners and Suppliers

When collecting information about you from third parties, we may retain this information so that we can contact you in the future to promote our services. The information provided may include your contact details and information in connection with any services that we have previously used or provided. Where we have received information about you, we will only use this information for the purposes of providing you with Repario services and for which you have already agreed.

We are often given contact details from our Partners / Clients referring us to their clients regarding the services we offer. If you do not wish us to contact you, please let us know by email to the address provided below.

Information about visitors to our website

We gather general information about the use of our websites, such as which areas users visit most frequently, and which services users access the most. We use only aggregated data which cannot identify an individual visitor to our site. This information helps us determine what is most beneficial for our users and how we can continually create a better overall online experience. We may use this general information and also share it with our business partners so that they too may understand how this site is used.

How we use your personal information

By “personal information” we mean any information that may be used to identify you, including, but not limited to your first and last name, physical address, email address or other contact information.

The information collected helps to understand your needs and interests and helps Repario deliver a consistent and personalized experience. For example, Repario may use your information to:

  • communicate with you about products and services;
  • provide service and support;
  • update you on new services and benefits;
  • provide personalized promotional offers;
  • select content to be communicated to you;
  • send you a newsletter, blog information and event details;
  • contact you for market research regarding Repario services, or
  • for other purposes disclosed to you at the time we collect your information, or pursuant to your consent.

We will give you the opportunity to choose your privacy preferences regarding the communications we send.

Where we store your personal information

All information you provide to us for our use (Employment, Supplier services ETC) is stored on our secure servers which are located within United Kingdom and the United States. If you have any questions regarding the location and storage facilities used to host your information, please contact us on the details provided below.

All data (which may include PII) transferred to Repario systems for clients to use our services is stored on servers located within the United Kingdom (both production and backup), or the United States of America (both production and backup). Any request for Repario to transfer information protected by European legislation outside of trusted regions will require standard contract clauses to be in place, no data transfer shall be completed without such terms in place.

The Repario website is hosted within the United States, as such, when you submit information for marketing purposes or request contact regarding our services, the information will be stored within United States of America.

Retention of Data

If we hold your personal information, the length of time we retain it for is determined by a number of factors, including the purpose for which we use that information and our obligations under other relevant laws.

We will not collect more information than we need, and we will not retain it for longer than is necessary.

Your Rights

You have rights in relation to your personal information under data protection laws. In relation to certain rights, we may ask you for information to confirm your identity and where applicable, to help us to search for your personal information.

Data Subject Access Rights

You have the right to ask for a copy of the information we hold about you. You can obtain this by emailing or calling us using the contact information at the end of this policy. We will respond to you within 30 days unless there are exceptional circumstances.

Correcting and updating your personal information

The accuracy of your information is important to us. If you change any of your contact information or you discover that any of the information we hold is inaccurate or out of date, please let us know.

Withdrawing your consent

Where we rely on your consent as the legal basis for processing your personal information, you may withdraw your consent at any time by contacting us using the contact information at the end of this policy.

If you would like to withdraw your consent to receive marketing information which you previously opted in, you can do so using the ‘unsubscribe tool’ at the end of our marketing literature.

Erasing your personal information

You are entitled to ask us to remove your data from our systems, contact us using the contact details at the end of this policy. Provided we do not have any lawful reason to continue processing or holding your personal information, we will make reasonable efforts to comply with your request.

You are entitled to ask us to limit the processing of your personal information where you believe it is unlawful to continue to do so

Transferring your personal information in a structured data file

You may ask us to provide you with a copy of any information held about you and request such information in a structured data file. This would be supplied to you via secure file transfer. We may not provide you with a copy of your personal information if this concerns other individuals or we have another lawful reason to withhold that information.

Complaining to the data protection authorities

You have the right to complain to any data protection authority which you feel appropriate if you are concerned about the way we have processed any of your personal information. For more information on this please visit the authority’s website.

Security measures we put in place to protect your personal information

Unfortunately, the use of the internet is not entirely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of your information transmitted to our website. Any transmissions are done so at your own risk.

Once we have received your personal information, we put in place reasonable and appropriate controls to ensure that it remains secure against accidental or unlawful destruction, loss, alteration, or unauthorised access.

We may collect special categories of personal data. Where requested we can apply additional security controls to this data.

Use of ‘’cookies’’

Like many websites we use cookies. Cookies are small pieces of information sent to your device and stored on its internal storage to allow our website to recognise you, and optimise the actions performed by you on our website. We use strictly necessary and functional cookies to enable you to move around the site to provide basic features.

Data Privacy Framework Notice

Repario Data complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Repario Data has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. Repario Data has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

With respect to personal data received or transferred pursuant to the Data Privacy Frameworks, Repario Data is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission.

Pursuant to the Data Privacy Frameworks, EU, UK, and Swiss individuals have the right to obtain our confirmation of whether we maintain personal information relating to you in the United States. Upon request, we will provide you with access to the personal information that we hold about you. You may also correct, amend, or delete the personal information we hold about you. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the United States under the Data Privacy Frameworks, should direct their query to [email protected]. If requested to remove data, we will respond within a reasonable timeframe.

We will provide an individual opt-out choice, or opt-in for sensitive data, before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your

personal information, please submit a written request to [email protected].

In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Repario Data’s accountability for personal data that it receives in the United States under the Data Privacy Frameworks and subsequently transfers to a third party is described in the Data Privacy Framework Principles. In particular, Repario Data remains responsible and liable under the Data Privacy Framework Principles if third-party agents that it engages to process personal data on its behalf do so in a manner inconsistent with the Principles, unless Repario Data proves that it is not responsible for the event giving rise to the damage.

In compliance with the Data Privacy Framework Principles, Repario Data commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to the Data Privacy Frameworks. European Union, United Kingdom, and Swiss individuals with DPF inquiries or complaints should first contact Repario Data by email at [email protected]

Repario Data has further committed to refer unresolved privacy complaints under the Data Privacy Framework Principles to a U.S.-based independent dispute resolution mechanism, BBB NATIONAL PROGRAMS. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbbprograms.org/dpf-complaints for more information and to file a complaint. This service is provided free of charge to you.

If your DPF complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf

Links to other Websites

Our website may contain links to other websites run by other organizations. This policy does not apply to any other websites or applications, we encourage you to read their privacy statements. We are not responsible for other websites or applications privacy policies and practices, even if they are accessed through our website.

Additionally, if you visited our website via a third-party website, we cannot be responsible for the privacy policies and practices of the owners and operators of that website. We recommend that you visit their privacy statements on their website.

Marketing

You will only receive direct marketing information from Repario if you indicated your preference to do so. You will be invited to complete a client consent/opt in process by email as a result of the following:
Becoming a client;
Your attendance at an event;
Providing us with a business card directly to an Repario employee or provided at a business event;
You are registering contact details in order to obtain information, or free downloads from our website;
An email request from you to attend an event; and/or
Your attendance at an event organised or co-hosted by Repario that has been promoted via social media or other advertisement.

We may use and process your personal information where you have consented for us to do so via our consent process. This consent can be withdrawn at any time via our ‘’unsubscribe from the list’’ option.

Contact us

If you wish to write to us please contact our Privacy Department on (213) 212-7676 or email us at [email protected]
You may write to us at: Repario – Privacy Management Dept, 11333 N Scottsdale Road Suite 294, Scottsdale, AZ 85254