Privacy Policy

LAST UPDATED: May 25, 2018

 

This Privacy Policy (“Privacy Policy”) describes the practices of the Connection companies, comprising PC Connection, Inc., PC Connection Sales Corporation, MoreDirect, Inc., GovConnection, Inc. and GlobalServe, Inc. (collectively, “Connection” or the “Companies,” “we,” “us,” “our”) regarding information collected through our websites and our products and services (collectively, the “Connection Services” or “Services”).

Our privacy practices may vary among the places in which we operate in order to comply with applicable legal requirements.

When you interact with the Connection Services, you consent to such collection, use and sharing of information as described in this Privacy Policy and our Terms of Use. If you do not consent to the terms of this Privacy Policy and our Terms of Use, do not continue to interact with or use the Connection Services. 

European Residents:  Please see our European Privacy Policy (below) for residents of the European Union, the European Economic Area or Switzerland.

We may also process personal data submitted relating to individuals in Europe via other compliance mechanisms, including use of the European Union Standard Contractual Clauses or Binding Corporate Rules. 

1. INFORMATION WE MAY COLLECT

The Connection Services gather certain information automatically, some of which may be considered personal information under applicable law.

We may collect, among other things, the following types of information:

  • Name
  • Address (including billing and shipping address)
  • Telephone number
  • Email address
  • Fax number
  • Professional information, such as employer or organizational affiliation for a customer or partner
  • Payment or financial information for billing purposes
  • Screen name
  • Screen sharing views, at the request of customers, for technical or other types of support
  • Any data in any files uploaded, emailed or otherwise provided by customers for technical or other types of support
  • Operating system type and version, web server type and version, php version, database type and version
  • Unique IDs such as a cookie placed on a computer or mobile device, or device IDs
  • IP address or MAC address, and information derived from an IP or MAC address, such as geographic location
  • Browsing activities, cookies and similar data, and platform or mobile application use data
  • Referring domain, destination domain and destination path
  • Geolocational data, including latitudinal and longitudinal data
  • User IDs and passwords for customers with accounts on the Connection Services
  • Information about the performance, security, software configuration and availability of our software on your servers and network
  • Website user statistics and website and portal use and viewing activity records
  • Communication preferences
  • Other similar information

We may also collect information, including personal information, in the following situations:

  • Registration, purchase and use of the Connection Services: Information such as name, email address, billing or shipping address, telephone number, company/organization, financial information (such as credit card number, verification code, expiration date), and other information, may be collected in connection with registration for, purchase of or use of the Connection Services (for example, to sign-up for and log into the Connection Services), including for processing and shipping of orders. Customers may update their information by logging into their account. Information may also be collected to track license use.
  • Communications: Personal information such as name, email address, and other information, may be collected, when provided in any communications, whether via email, social media, telephone or otherwise.
  • Support: Personal information may be collected in connection with customer support, whether via screensharing, email, social media, telephone or otherwise.
  • Surveys and Research: We may collect personal information from anyone participating in research, contests or surveys.

2. USE OF INFORMATION

Connection may use the information, including personal information, collected in connection with the Connection Services for the purpose of providing the Services to our customers, as well as for supporting our business functions, such as fraud prevention, marketing, analytics and legal functions and other legitimate purposes. 

To the extent permitted by applicable law and, for customer data, as permitted by our customer agreements, we may use information collected in connection with our Services:

  • To operate the Connection Services and provide support.
  • To fulfill customer requests, such as to create a Connection Services account or complete customer purchases.
  • To communicate with our customers; to inform customers and users of products, programs, services and promotions.
  • To send customers information regarding the Connection Services and issues specifically affecting Connection Services.
  • To respond to reviews, comments, or other feedback provided to us.
  • To support and personalize our Services, websites, mobile services, and advertising.
  • To protect the security and integrity of our Services, content, and our business.
  • To provide support
  • For benchmarking, data analysis, audits, developing new products, enhancing the Connection Services, facilitating product, software and applications development, improving our services, conducting research, analysis, studies or surveys, identifying usage trends, as well as for other analytics purposes.
  • To meet our contractual requirements, to comply with applicable legal or regulatory requirements and our policies, and to protect against criminal activity, claims and other liabilities.
  • For any other lawful purpose for which the information is provided.

Aggregate Information. To the extent permitted by applicable law, we may use, process, transfer, and store any data about individuals and customers or partners in an anonymous (or pseudonymous) and aggregated manner. We may combine personal information with other information, collected online and offline, including information from third party sources. We may also use information in other ways with consent or as permitted by applicable law. By using the Connection Services, our customers agree that we are hereby licensed to collect, use, share and store anonymized (or pseudonymized) aggregated data collected through the Connection Services for benchmarking, analytics, A/B testing, metrics, research, reporting, machine learning and other business purposes.

Automated Decisions. To the extent permitted by applicable law, we may collect data in an automated manner and make automated decisions, including using machine learning algorithms, about individual users of the Connection Services in order to provide or optimize the Connection Services offered and/or delivered, for security or analytics purposes, and for any other lawful purpose. To the extent permitted by applicable law, we may use automated decisions, for example, to display advertisements and offers based on the individual’s preferences.

3. SHARING OF INFORMATION

To the extent permitted by applicable law, Connection may share and disclose information, including personal information, as set forth below:

  • Customers. We may share information with our customers and their service providers and other platforms that may assist those customers.
  • Affiliates and Agents. We may share information with our affiliates or any business partners or agents acting on our behalf.
  • Service Providers. We may share information with our service providers, agents, vendors and other third parties we use to support and advertise the Connection Services and our business. We share personal information with such third parties to the extent necessary to provide services to us, and pursuant to binding contractual obligations.
  • Advertising and Marketing. To the extent permitted by applicable law, we may share information with third parties for marketing, advertising, promotions, contests, or other similar purposes. If required by applicable law, we will share such data for advertising and marketing purposes only in an aggregate, anonymous, and de-identified manner.
  • Mergers, Acquisitions, Divestitures. We may share, disclose or transfer information to a buyer, investor, new affiliate, or other successor in the event Connection, or any affiliate, portion, group or business unit thereof, undergoes a business transition, such as a merger, acquisition, consolidation, reorganization, divestiture, liquidation or dissolution (including bankruptcy), or a sale or other transfer of all or a portion of any assets of Connection or any affiliates or during steps in contemplation of such activities (e.g., negotiations and due diligence).
  • Law Enforcement and National Security. We may share information with legal, governmental, or judicial authorities, as instructed or required by those authorities or applicable laws, or to comply with any law or directive, judicial or administrative order, legal process or investigation, warrant, subpoena, government request, regulatory request, law enforcement or national security investigation, or as otherwise required or authorized by law.
  • Protection of Rights, Property or Safety. We may also share information if, in our sole discretion, we believe disclosure is necessary or appropriate to protect the rights, property or safety of any person, or if we suspect fraud or other illegal activity,

Connection may also disclose personal information for other purposes or to other third parties when an individual has consented to or requested such disclosure, or where a customer has obtained permission from such individual, or where such disclosure is otherwise legally permitted for legitimate business purposes, and, for customer data, with such customer’s authorization or otherwise in accordance with Connection’s agreement with such customer.

4. COOKIES

We may use cookies and similar technologies to operate and improve the Connection Services, as well as to simplify our interaction with you. A "cookie" is a unique numeric code that we transfer to your computer so that we can keep track of your interests and/or preferences and recognize you as a return visitor to the websites. We may use cookies, log files, pixel tags, web bugs, web beacons, clear GIFs, Local Storage Objects (LSOs) such as HTML5 and Flash or other similar technologies to collect information about the ways you interact with and use the Connection Services, to support and enhance features and functionality, to monitor performance, to personalize content and experiences, for marketing and analytics, and for other lawful purposes. We may also engage third party service providers to provide advertisements and promotions on our behalf, or authorize third parties to advertise and market products and services via the Connection Services.

We may use the following types of cookies and similar technologies:

  • Strictly necessary cookies required for the operation of the Connection Services. They include, for example, cookies that enable you to log into secure areas.
  • Analytical/performance cookies that collect information about how you use the Connection Services. They allow us to recognize and count the number of visitors and to see how visitors move around our website. This helps us to improve the way our website works. These cookies are sometimes placed by third party providers of web traffic analysis services.
  • Functionality cookies that remember choices you make and recognize you when you return. This enables us to personalize our content, greet you by name and remember your preferences (for example, your choice of language or region).
  • Targeting cookies that collect information about your browsing habits such as the pages you have visited and the links you have followed. We use this information to make our website more relevant to your interests, and, if we enable advertising, to make advertising more relevant to you, as well as to limit the number of times you see an ad. These cookies are usually placed by third-party advertising networks. They remember the other websites that you visit and this information is shared with third-party organizations, for example, advertisers.

Most internet browsers accept cookies by default. You can block cookies by activating the setting on your browser that allows you to reject all or some cookies. The help and support area on your internet browser should have instructions on how to block or delete cookies. Some web browsers (including some mobile web browsers) provide settings that allow you to control or reject cookies or to alert you to when a cookie is placed on your computer, tablet or mobile device. Although you are not required to accept cookies, if you block or reject them, you may not have access to all of the features available through the Connection Services.

We may use third party analytics such as Google Analytics or similar analytics services. The analytics providers that administer these services may use technologies such as cookies and web beacons to, among other things, help us analyze how visitors use our websites.

We may use third-party advertisers to serve or track advertisements on or relating to the Connection Services. These third parties may use cookies and other tracking and analytical technologies to, among other things, record which ads your browser has loaded and which pages you were viewing when ads were delivered or accessed. Information so collected is subject to the privacy policies of those third parties, which you should carefully review. We have no control over third party use of cookies.

5. DATA RETENTION

To the extent permitted by applicable law, we may retain information for as long as is reasonably necessary to provide the Connection Services or as needed for other lawful purposes. We may retain cached or archived copies of information. We may retain anonymized or pseudonymized, aggregated data indefinitely, to the extent permitted under applicable law. We may be required to retain some data for a longer period of time because of various laws and regulations or because of contractual obligations. We also will retain information as long as reasonably necessary to comply with our legal and contractual obligations, resolve disputes and enforce our agreements.

6. CHOICES AND OPT-OUT

To the extent required by applicable law, or in our discretion otherwise, we will allow customers and individuals to limit use of personal information. If at any time after providing us with your personal information such information changes or you change your mind about receiving information from us, you may request access to your data or that your data be changed.

If you no longer wish to receive our communications, you may opt-out of receiving them at any time by following the instructions included in each communication, by sending a blank email request to unsubscribe@connection.com, or by mail at Connection, 730 Milford Rd. Merrimack, NH 03054, Attn: Senior director, Information Security. Please note: Even though you may choose to unsubscribe from our communications, for security reasons we will always attempt to send you transaction-related order, backorder and shipment confirmation emails concerning your purchase through our website.

7. CROSS-DEVICE TRACKING

When you use your mobile device to interact with us or use the Connection Services, we may receive information about your mobile device, including a unique identifier for your device. We and our service providers and third parties we collaborate with, including ad networks, may use cross-device/cross-context tracking. For example, you might use multiple browsers on a single device, or use various devices (such as desktops, smartphones, and tablets), which can result in your having multiple accounts or profiles across these various contexts and devices. Cross-device/cross-context technology may be used to connect these various accounts or profiles and the corresponding data from the different contexts and devices.

8. THIRD PARTY SITES

The Connection Services may provide links to other websites or resources over which Connection does not have control (“External Web Sites”). Such links do not constitute an endorsement by Connection of those External Web Sites. You acknowledge that Connection is providing these links to you only as a convenience, and further agree that Connection is not responsible for the content of such External Web Sites. Your use of External Web Sites is subject to the terms of use and privacy policies located on the External Web Sites.

9. SECURITY

To prevent unauthorized access or disclosure, to maintain data accuracy, and to ensure the appropriate use of personal information, we employ procedural and technological measures that are reasonably designed to help safeguard the information we collect. Connection may use encryption, secure socket layer, firewall, password protection and other physical security measures to help prevent unauthorized access to such. Connection may also place internal restrictions on who in the company may access data to help prevent unauthorized access to such information.

Unfortunately, no data transmission over the Internet or data storage system can be guaranteed to be 100% secure. Therefore, despite our efforts, we cannot guarantee its absolute security. We do not warrant or represent that personal information about you will be protected against, loss, misuse, or alteration by third parties.

Where required under applicable law or by contract, we will notify the appropriate parties or individuals of any loss, misuse or alteration of personal information so that such parties or individuals can take the appropriate actions for the due protection of their rights. If such personal information is information of a Connection customer, we will notify such customer and coordinate with them regarding any required notices to particular individuals.

10. CHILDREN

We recognize the importance of protecting the privacy and safety of children. The Connection Services are not intended for children under 13 years of age - and for European residents, for children under 16 years of age (see our European Privacy Policy). We do not knowingly collect personal information from children under 13. Anyone under 13 should not use the Connection Services. If we learn we have collected or received personal information from a child under 13 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 13, please contact us as set forth below.

11. INTERNATIONAL DATA TRANSFERS

The Connection Services may be provided using resources and servers located in various countries around the world, including the United States and other countries. Therefore, personal information about individuals or customers may be transferred, processed and stored outside the country where the Connection Services are used, including to countries outside the European Union (“EU”), European Economic Area (“EEA”) or Switzerland, where the level of data protection may not be deemed adequate by the European Commission.

12. CALIFORNIA PRIVACY RIGHTS

Under California’s “Shine the Light” law, California residents who provide personal information in obtaining products or services for personal, family or household use may be entitled to request and obtain from us, once per calendar year, information about customer information we have shared, if any, with other businesses for such other businesses’ own direct marketing uses. If applicable, this information would include the categories of resident information and the names and addresses of those businesses with which we shared such resident information for the immediately prior calendar year. To obtain this information, please contact us as indicated below. Please include sufficient personal identification information so that we can process the request, including that you are a California resident.

13. QUESTIONS, COMPLAINTS AND DISPUTES

If you have any questions about this Privacy Policy, or our collection, use, sharing or storage of information about you, you can contact us by email at infosec@connection.com, or write to the following address:

Attn:   Senior Director, Information Security
           Connection
           730 Milford Rd.
           Merrimack, NH 03054

CLASS ACTION WAIVER. YOU AND WE AGREE THAT EACH MAY BRING CLAIMS AGAINST THE OTHER ONLY IN YOUR OR OUR INDIVIDUAL CAPACITY AND NOT AS A PLAINTIFF OR CLASS MEMBER IN ANY PURPORTED CLASS OR REPRESENTATIVE PROCEEDING.

DISPUTE RESOLUTION. Except as otherwise expressly provided above, or in our European Privacy Policy or otherwise required by applicable law, you agree that the exclusive jurisdiction of any actions arising out of, relating to, or in any way connected with, this Privacy Policy, shall be in the state or federal courts, as applicable, located in the State of New Hampshire, USA.

14. PRIVACY POLICY UPDATES

Connection may update this Privacy Policy from time to time in our sole discretion to reflect changes to our information and privacy practices. Connection will post any updated Privacy Policy on this page or in the Connection Services, or with any notice to individual users if required by applicable law. Continued use of the Connection Services after any such modifications constitutes acceptance to any such modified Privacy Policy. Connection encourages you to review this Privacy Policy regularly for any changes. The date of last revision is shown at the “Last Updated” legend at the top of this page.

EUROPEAN PRIVACY POLICY

The following European Privacy Policy applies to residents of the European Union, the European Economic Area and Switzerland.

Personal Data and Processing. For the purposes of this European Privacy Policy:

Personal Data” means any information relating to an identified or identifiable natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of such natural person; and

Processing” means any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Purposes and Legal Bases for Processing Personal Data. Connection processes data for the purposes as set forth in our Privacy Policy, including to provide the Connection Services and as explained in the Use of Information and Sharing of Information sections. To fulfill these purposes, Connection may access data, including Personal Data, to provide the Connection Services, to correct and address technical, service or security problems, or in response to contractual requirements. Please see our Connection Privacy Policy Information We Collect and Data Retention sections for additional details on how we collect, use, disclose and share data, make automated decisions, and retain data, including Personal Data, about individual users or customers.

Our legal bases for the processing of Personal Data are: (i) consent or (ii) any other applicable legal bases, such as our legitimate interest in engaging in commerce, offering products and services of value to the customers of the Connection Services, preventing fraud, ensuring information and network security, direct marketing and advertising, and complying with industry practices.

Additional Rights for European Residents. As a resident of the EU or a country following substantially similar legislation regarding the protection of Personal Data, individuals may have one or more of the following additional rights:

Access. To request a copy of the Personal Data we have collected about you by contacting us.

Rectification & Erasure. To request that we rectify or delete any of the Personal Data about you that is incomplete, incorrect, unnecessary or outdated.

Objection. To object, at any time, to Personal Data about you being Processed for direct marketing purposes.

Restriction of Processing. To request restriction of Processing of Personal Data about you for certain reasons, such as, for example, if you consider Personal Data about you collected by us to be inaccurate or you have objected to the Processing and the existence of legitimate grounds for Processing is still under consideration.

Data Portability. To request and receive the Personal Data we have collected about you in a commonly used and machine-readable form.

Right to Withdraw Consent. If Personal Data about you is processed solely based on your consent and not for any other legitimate interest, to withdraw your consent at any time, without affecting the lawfulness of our Processing based on such consent before it was withdrawn, including processing related to existing contracts for our products and services.

Right to Lodge a Complaint with a DPA. If you believe our Processing of Personal Data about you is inconsistent with the applicable data protection laws, to lodge a complaint with your local supervisory data protection authority (“DPA”).

To exercise any of the above listed rights, please contact us as set forth below and provide sufficient details so that we can respond appropriately. We will process any requests in accordance with applicable law and within a reasonable period of time. We may need to verify the identity of the individual submitting a request before we can address such request. If the request relates to data our customers collect and process through the Connection Services, we will refer the request to that customer and will support them in responding to the request. For Connection customers, certain information may be reviewed, corrected and updated by logging into the Connection Services account and editing the profile information.

Compelled Disclosures. Connection may be required to disclose Personal Data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Data Protection Contact. Our Data Protection Contact for the personal information collected in connection with the Connection Services is:

Attn:   Senior Director, Information Security
           Connection
           730 Milford Rd.
           Merrimack, NH 03054