Acceptable Use Policy

Backup and Server Security Policy

Business Continuity Plan

Designating Personnel as Authorized Users

End User License Agreement

Personnel Security Policy

Privacy Policy (GDPR & CCPA)

Professional Services Agreement

Reporting Copyright and Trademark Violations

Service-Specific Terms

Support Policy

Third Party Code in BTS Products

Privacy Policy (GDPR & CCPA)

Effective starting: April 20, 2024

Busch Technology Solutions, LLC (referred to as “BTS”) is the owner and operator of BuschTechSolutions.com (referred to as “BuschTechSolutions”) and BTSValidation.com (referred to as “BTSValidation”), including any related websites, sub-domains of BTSValidation.com, and pages. BTS’s privacy policy governs the use of personal data collected from our clients, individual end-users, and visitors to our websites. Please refer to our privacy policy for detailed information on how we collect and use personal data.

Topics:

  • What data do we collect?
  • How do we collect your data?
  • How do we use your data?
  • How do we store your data?
  • Marketing
  • What are your data protection rights?
  • What are cookies?
  • How do we use cookies?
  • What types of cookies do we use?
  • Privacy policy for other websites
  • Changes to our privacy policy
  • How to contact us
  • How to contact the appropriate authorities

What data do we collect?

BTS collects the following data:

  • The client’s identification information, including the account administrator’s first and last name, title, the administrator’s e-mail address, client’s phone number, optionally an alternative phone number, time zone, company name, building/suite/apartment number, country, and optionally the client’s website.
  • Clients can opt-in to have individual employee information added to the system to be used to create a user in BTSValidation. To create a new user, the following data must be collected: first name, last name, title, e-mail address, associated company, optionally the related site, preferred language, time zone, and optionally a cost center for the client.
  • Individual end-users can change their passwords, personal identification numbers (PINs), and add electronic signatures and/or initials.
  • During the process of testing, users are assigned and electronically associated to tests line numbers, approval status, applicable evidence, and comments.
  • The BTSValidation system uses logs to capture changes to transactions. The information captured is the date, the event, the field before and after, and the user who made the change.
  • BTS collects basic information from potential clients or individual end-users using the “Contact Us” form. This information includes first name, last name, e-mail address, phone number, company, a selection of BTS departments that the end-user would like to contact, subject, and message.

How do we collect your data?

BTS collects information in the following way:

  • A BTS client uses a btsvalidation.com form to sign up for an account.
  • As part of the use of BTS validation, users will create an electronic trail starting with logging in, displaying, modifying, or adding new protocols, test templates, tests, test line results, and logging out.
  • A potential client or individual end-user may opt-in to be added to the newsletter.
  • BTS clients can optionally request information using the “Contact Us” form.

How do we use your data?

BTSValidation and client databases:

  • BTSValidation generates a test report using the client or the individual end-user’s information.
  • In BTSValidation, end-users will receive emails containing instructions on how to log in to BTSValidation for the first time, view their assigned tests, reset their passwords, and review activity on their individual account. These emails will be sent periodically to ensure transparency.
  • If the client’s administrator decides to integrate BTSValidation with an add-on from another company, they must have an agreement with that company to exchange information with BTSValidation. However, only generic usernames within BTSValidation can be used to ensure that no personally identifiable information is transmitted. BTS has no control over another company’s privacy policy. Thus, if an add-on integration is chosen, it is the client’s sole responsibility to review and ensure that the other company’s privacy policy meets their requirement.

BuschTechSolutions:

  • The information captured here is to support either sales, billing, customer support, or other business reasons, such as acquiring new or updated licenses for BTSValidation or professional services.

How we classify data

BTS classifies data in the following way:

  • HIPAA data – Any data protected under the Health Insurance Portability and Accountability Act (HIPAA) in the US. This classification may include data items that differ from other countries’ definitions of PHI.  Since BTS is a US company, we must comply with US laws.
  • Personal health information (PHI) data—This is rather broadly defined and includes any part of a patient’s medical record or payment history.
  • Personally identifiable information (PII) – any information which is related to an identified or identifiable natural person.
  • Client classified data– The client deems the information that must be protected.
  • Client sensitive data– This is personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, etc.
  • Client Public data – This is data that is publicly available and doesn’t need protection.
  • PCI Data – This is data sounding the use of credit card and Payment Card Industry Data Security Standard (PCI DSS)

How do we store your data?

BTS stores your data in the following way:

  • Health Insurance Portability and Accountability Act (HIPAA) data, Personal health information (PHI), and client sensitive data are not allowed in BTSValidation.
  • Company classified data may be used within the scope of using BTSValidation. It is the client’s responsibility to limit the use of this data to the minimum amount necessary to accomplish the test goal. This data is not encrypted.
  • Absolutely no credit card information is stored in BTSValidation or BuschTechSolutions. All credit card information is handled via a third party. Thus, BTS complies with payment card industry data security standard (PCI DSS) by storing no data related to it.
  • Passwords are stored using a cryptographic hash function (CHF).
  • BTS wants to limit any PII information that is stored. PII is limited to only the bare necessary information to support the creation of a user account and enable the ability to create and document a test or protocol properly.
  • The client’s or individual user’s name is stored only in one location. All data throughout the system is connected to the user by their ID, not their actual name.
  • As BTSValidation is a tool used for software testing, it is advised to store only public disclosed data of clients. Additionally, it is important to keep in mind that some of the reports generated may be shared with external auditors or government agencies by the client.

Marketing

BTS has the following policies:

  • BTS does not sell, share, or allow third parties to access any data for marketing purposes.
  • BTS does not market directly to individual end-users.
  • BTS may request or participate in marketing presentations and advertisements with current clients that may include photographs or videos, but only as agreed upon in a contract or with written permission. This will not occur at an individual end-user level.

What are your data protection rights?

BTS would like to make sure you’re fully aware of all the data protection rights. Every user is entitled to the following:

  • The right to access – You have the right to request BTS for copies of data. BTS may charge a small fee for this service.
  • Right to rectification – You have the right to request that BTS correct any information that you believe is inaccurate. You also have the right to request BTS to complete information you believe is incomplete.
  • Right to erasure – You have the right to request BTS erase your personal data under certain conditions.
  • Right to restrict processing – You have the right to request that BTS restrict the processing of your personal data under certain conditions.
  • The right to data portability – You have the right to request that BTS transfer the data that we’ve collected to another organization or directly to you, under certain circumstances.

If you would like to make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us:

Busch Technology Solutions, LLC

c/o Privacy Policy (GDPR & CCPA)

3115 S 3110 E

STE 160,

Holladay, UT 84121

USA

 

What are cookies?

Cookies are text files placed on your computer to collect standard Internet log information and visitor behavior information. When you visit our website, we may collect information on you automatically through cookies or similar technologies.

How do we use cookies?

BTS uses cookies in a range of ways to improve the experience of using our website:

  • Keeping you logged in.
  • User experience in the application
  • Automatically record your name in spots in BTSValidation that require electronic signatures or initials.

What types of cookies do we use?

There are a number of different types of cookies, however we use the following:

BTSValidation uses cookies:

  • Functionality: BTSValidation collects cookies to ensure a good user experience in the testing tool.

BuschTechSolutions uses cookies:

  • Functionality: BuschTechSolutions collects these cookies to quantify the number of visitors to our site.

How to manage cookies

You can set your browser to not accept cookies. If you are unfamiliar with removing cookies from a browser, click on this link for instruction (Link).  Please note, in a few cases some of our website features may not function as a result.

 

Privacy policy for other websites

BTS contains links to other websites. Our privacy policy only applies to our website, so if you click on a link to another website, you should read their privacy policy.

Changes to our privacy policy

BTS keeps its privacy policy under regular review and places any updates on its page. The last update to the privacy policy is on the second line of this document, called “Effective starting.”

How to contact us

If you have any questions about BTS’s privacy policy, the data we hold on you, or you would like to exercise one of the data protection rights, please do not hesitate to contact us.

Busch Technology Solutions, LLC

3115 S 3110 E

STE 160,

Holladay, UT 84121

USA

 

How to contact the appropriate authorities

Should you wish to report a complaint or feel that BTS has not addressed your concern in a satisfactory manner:

For EU citizens,  click this link.

For UK citizens, click this link.

For US California residents, click this link.

 

Reference:

Wolford B. Writing a GDPR-compliant privacy notice (template included). GDPR.eu. https://gdpr.eu/privacy-notice/. Published September 14, 2023.

Download the PDF version