Updated July 2019
Data We Receive
IWCO Direct and Mail-Gard receive data from our clients. This data may consist of various elements that include or constitute Personally Identifiable Information (PII).
In addition, IWCO Direct may receive PII (e.g., name, address, email) about an individual when such information is provided to us through our SpeakingDIRECT blog at http://iwco.com/. We may use this information to respond to the individual’s requests or inquiries.
IWCO Direct may also receive non–personally identifiable information from visitors to our website. Non-personally identifiable information may include pages viewed, browser information, and other technical information. We may use this data to improve visitors’ experience to the website, to identify or remediate possible threats to the website’s security, and for other operational and management purposes.
How Data Is Used
Data received from clients is used exclusively for the purposes for which it was intended and all instances of client data are contained to contractually obligated workflows. Authorized uses of data include targeting of direct marketing campaigns, postal validation (name, address, etc.), and optimizing and measuring the effectiveness of advertising campaigns. IWCO Direct and Mail-Gard do not share information provided by clients with third parties unless expressly requested to do so by the client who provided the data. IWCO Direct and Mail-Gard may disclose data only if such disclosure is necessary to comply with relevant applicable federal, state, or local law.
IWCO Direct and Mail-Gard utilize administrative, technical, personnel, and physical measures to safeguard the security of all information they receive. IWCO Direct and Mail-Gard hold ISO 27001:2013 and PCI DSS v3.2.1 data security certifications. In addition, IWCO Direct and Mail-Gard earned HITRUST CSF v8.1 certification through an approved HITRUST Assessor, in support of our HIPAA-regulated customers. All facilities undergo an annual security audit to validate the implementation and effectiveness of data security measures.
In the event of a data breach, notification to clients will be delivered in a timely and conspicuous manner to ensure it is received by the affected party. Notice will be consistent with all applicable laws, regulations, and contractual obligations. Account representatives are responsible for communication with their respective clients.
Changes to This Policy
IWCO Direct reserves the right to update this policy at any time. Users of our site should periodically check for updates. Users may also request an updated copy of this policy by contacting us.
7951 Powers Blvd
Chanhassen, MN 55317