- Data Protection Principles
We will comply with data protection laws and principles, which means that your data will be:
- Used lawfully, fairly and in a transparent way.
- Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes.
- Relevant to the purposes we have told you about and limited only to those purposes.
- Accurate and kept up to date.
- Kept only as long as necessary for the purposes we have told you about.
- Kept securely.
Altair is committed to its responsibility for processing information it receives under the principles set forth in all applicable laws. These responsibilities include the onward transfer of information received from the EU and/or Swiss confederation.
- International Transfer of Data
Some of the countries where Altair provides services may not have the equivalent level of data protection laws as those in your location; if We need to transfer personal data outside of the EEA or the Swiss Confederation, We will take steps to make sure your personal data is protected and safeguard prior to sharing. In particular, We require third parties to whom We transfer your data to agree to abide by the Standard Contractual Clauses (“SCCs”) approved by the European Commission and permitted under Article 46 of the European Union General Data Protection Regulations. You may request a copy of the relevant SCCs if you wish to obtain the details of such safeguards by submitting an email to Our Data Protection Officer via [email protected].
- Data Privacy Framework Principles
Altair complies with the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”), the UK Extension to the EU-U.S. DPF (“UK Extension”), and the Swiss-U.S. Data Privacy Framework (“Swiss-U.S. DPF”) as set forth by the U.S. Department of Commerce. Altair has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (“EU-U.S. DPF Principles”) with regard to the processing of personal data received from the European Union, and the United Kingdom in reliance on the EU-U.S. DPF, and the UK Extension to the EU-U.S. DPF. Altair has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (“Swiss-U.S. DPF Principles”) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) Program, and to view our certification, please visit https://www.dataprivacyframework.gov/.
- U.S. State Residents’ Privacy Rights
No one comprehensive federal law governs data privacy in the U.S. yet. Residents of an increasing number of States within the United States have the right to request that companies provide you with information regarding the parties’ to whom We may disclose your personal information to, among other privacy rights.
The International Association of Privacy Professionals (“IAPP”), a not-for-profit organization, is the largest and most comprehensive global information privacy community and resource [https://iapp.org/]. To stay informed of the changing state privacy landscape, please visit IAPP’s US State Privacy Legislation Tracker to understand your privacy rights under your respective state of residence: https://iapp.org/resources/article/us-state-privacy-legislation-tracker/, and feel free to exercise your privacy rights by submitting a request to [email protected].
In addition, Altair is SOC 2 Type 2 certified showcasing Our commitment to data security and privacy. Such a certification demonstrates Our organization has implemented effective security controls and practices to protect customer data. Furthermore, it proves Altair’s compliance with industry standards, such as GDPR, by helping Us to better align our processes with industry best practices and regulatory requirements. Overall, SOC 2 Type 2 certification provides assurance to clients, customers, and stakeholders alike, that their information is handled securely through ongoing monitoring and yearly assessment of security controls via an independent third-party auditing firm.