Menu

Privacy Notice

Last modified January 19, 2024

This privacy policy sets out how L Squared Digital Signage (“L Squared”, “we”, “us”, “our”) uses and protects any information that you give us when you use our website, products, and services. We are committed to ensuring that your privacy is assured, meaning your right to decide WHO will do WHAT with the data/ information pertaining to you (Personal Data/ Personal Information).

L Squared Digital Signage is the “Controller” (as defined under the EU GDPR, the entity that defines the “Purposes” and “Scope” of Personal Data Processing Activities
to be carried out both by itself as by those subcontracted, the “Processors”) towards the Personal Data Processing Activities herein described in this Privacy Notice.

 

PLEASE NOTE that we only Process Personal Data as the Controller regarding Business-to-Business interactions towards the representatives of our Corporate Clients and not regarding independent natural persons. We provide services towards organizations/ companies which in turn may end up having its users on our “Hub platform” inputting Personal Data from 3rd party independent natural persons, yet at those Corporate Client’s own and sole discretion; making our Corporate Client the “Controller” and L Squared a “Processor”. In this scenario, we (as the “Processor”) follow the instructions of that “Controller” which must have a valid Legal Basis before those natural persons to whom the Personal Data pertains to, so that data is input into our “Hub platform”.

About us
We are a global company, incorporated in the U.S. and Canada. This Notice explains how we Process Personal Data as the “Controller” (collection; hosting; access to; processing and sharing), how we protect it and how we interact with those Partners who act either as “Processors” (our providers) or “Controllers” (our Corporate Clients). Updating this Privacy Notice from time to time, we may make changes to this Privacy Notice. The Privacy Notice is current as of the “last revised” date which appears at the top of this page.

1. What laws do we comply with?
This Privacy Notice is provided to you by the following applicable Personal Data Protection laws:

  • Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, also known as the General Data Protection Regulation (GDPR).
  • Directive 2009/136/EC of the European Parliament and of the Council of 25 November 2009, also known as the ePrivacy Directive, Directive 2002/58/EC concerning the processing of Personal Data and the protection of privacy in the electronic communications sector and Regulation (EC) No 2006/2004 on cooperation between national authorities responsible for the enforcement of consumer protection laws.
  • Canada Personal Information Protection and Electronic Documents Act and the regulations thereunder (PIPEDA).
  • The California Consumer Privacy Act 2018 (CCPA) is amended by the California Consumer Privacy Rights Act (CPRA).
  • Other applicable national laws, if they are being enforced in the geography where you reside., provided their ruling is more stringent than the GDPR ruling on assuring the Protection of Personal Data under Processing.

2. What is Personal Data/ Information?
“Personal Data” refers to any Data or Information that either on its own by being a unique identifier (e.g. “Social Security Number”) or where combined with other Data or Information (e.g. “name” and “mobile phone number”) enables the univocal identification of a specific natural person/ individual.

The Personal Data under Processing by us consists of:

  • name and job title.
  • Professional information including company and role.
  • contact information including email address, telephone numbers and address.
  • demographic information such as postcode, preferences, and interests.

3. How do we collect your Personal Data?
We exclusively collect Personal Data directly from those natural persons to whom it pertains or the organization they work for, meaning you (the “Data Subject”) or your employer which is our Corporate Client. We also Process Personal Data from 3rd party independent Data Subjects where such information is input into our Hub platform by our Corporate Client users; however, the Processing is strictly limited to the Purpose and Scope defined by those Corporate Clients.

4. Your data is under your control
Every Data Subject maintains full control over their Personal Data as well as over the Personal Data processing activities undertaken by us (as defined under applicable local Personal Data Protection legislation or the GDPR, whichever is stricter).

Nevertheless, you must be aware that either where you are an employee/provider of a Corporate Client or a customer/other in relation to that Corporate Client, we as the “Processor” cannot by law fulfil the exercise of any legal rights exercised by you without specific instruction from the “Controller” (our Corporate Client, which is why if you exercise your legal rights, we will inform the “Controller” and ask for such
instructions.

With regards to Cookies, essential cookies, necessary for the proper functioning of our website, are active by default. Any Cookie, if not active, that does not impair our
website from working and our services being delivered to you, are deemed non-essential/optional Cookies, as explained in the above-mentioned tool. You can manage non-essential cookies through our Cookie Management Tool which you can access on our website.

5. How do we Process your Personal Data?
We Process the Personal Data pertaining to you for the following purposes (the “Purposes”):

  • to manage your Hub platform user account;
  • to allow you to perform and register inputs and changes into the Hub platform.
  • to respond to questions or help solve events or incidents that you may experience while acting as a user of the Hub platform.
  • to provide you with information about our products, promotions, and events.
  • if you are someone whose Personal Data has been input into the Hub platform by one of our Corporate Clients, we will solely process that Personal Data in terms of hosting and enabling it to be subject to the communication and publishing features of the Hub platform (in the sense of having that information being displayed on remote devices, such as screens, that are the property or managed by our Corporate Client).

6. With whom do we share your Personal Data?
We exclusively share Personal Data with our hosting provider which hosts our Servers and Data/Information and websites, in our case, Microsoft Azure, Amazon AWS and HubSpot. Then, there are those entities whose Cookies may be downloaded when you visit our website; however, you can manage those via our Cookie Management tool.

7. What is our Legal Basis to Process your Personal Data?
Given what has been conveyed so far, we exclusively Process Personal Data under:

  • Legitimate Interest while reaching out to representatives of prospective Corporate Clients to present our services in view of establishing a business relationship.
  • The Fulfillment of a Contractual Obligation while both allowing users from our Corporate Clients to “operate” the Hub platform and hosting/publishing 3rd party natural persons' Personal Data (which has been input by the Corporate Client) via the Hub platform.

8. How do we ensure the privacy of your Personal Data when dealing with partners (our “Processors”)?
We ensure that all 3rd parties that are engaged to perform services on our behalf have signed a Data Processing Agreement or have committed at a contractual level to observe the applicable Personal Data Protection legislation requirements.

9. How long will we be Processing your Personal Data?
We keep a record of your Personal Data, in our filing systems for the duration of the services contract with our Corporate Client that you are a user from, or which its users have inputted your Personal Data into the Hub plus up to 60 days following the end of such service’s contract driven from backup Policy constraints. Otherwise, we will also maintain your Personal Data for as long as required by law.

10. L Squared Data Protection Officer (DPO) contact information
All questions or requests regarding the processing of the Personal Data under “L Squared” control may be addressed to our Data Protection Officer.

Mr. Gregg (G2) Forsberg, Chief Operating Officer

Country: USA

Email: privacy@LSquared.com

11. Personal Data Security, Privacy, and Confidentiality Assurance
L Squared IT landscape is configured and monitored under guidance provided by the strictest security market standards (e.g., ISO 27000 family, SOC2, ITIL, Privacy by Design) and we have reviewed and adopted changes to our operational processes in a manner that ensures compliance with the requirements posed under applicable Personal Data protection legislation. This is intended to ensure confidentiality and privacy under Personal Data processing activities performed by us and our partners.

We regularly monitor and conduct audits to ensure continued compliance.

12. Your Rights
Under applicable Personal Data Protection Legislation, you have the following rights in respect of your personal data:

[GDPR and PIPEDA] Right of access - The right to obtain from us confirmation as to whether your Personal Data is being processed, and, if so, to access such Personal Data as well as related information. You may exercise this right by submitting a request to our Data Protection Officer at privacy@LSquared.com.

[CCPA/CPRA] Right to know and access your personal information – California residents have the right to:

  • know the categories of personal information we collect and the categories of sources from which we got the information;
  • know the business or commercial purposes for which we collect and share personal information;
  • know the categories of third parties and other entities with whom we share personal information; and
  • access the specific pieces of personal information we have collected about you.

 

[GDPR and PIPEDA] Right to rectification - The right to obtain the rectification of inaccurate Personal Data. Participants may request to amend existing information by submitting a request to our Data Protection Officer.

[GDPR and PIPEDA] Right to erasure - The right to have your Personal Data that is processed by “L Squared” erased and, therefore, to have processing stopped, unless a legal duty or have a legitimate ground to retain certain data prevents “L Squared” from observing such right, in which case the data subject shall be duly informed. This right may be exercised by submitting a request to our Data Protection Officer.

[CCPA/CPRA] Right to deletion – California residents may, in some circumstances, ask us to delete their Personal Data. We may refuse the exercise of such right if it prevents us from exercising legal defence, if we cannot do so because of a legal obligation or if there is the risk that by doing so, we cannot fulfil any current
contractual obligations.

[GDPR] The right to restrict processing - This is the right to request and impose processing restrictions (in scope and purpose) for your Personal Data. This right may be exercised by submitting a request to our Data Protection Officer.

[GDPR and PIPEDA] The right to object to processing - The right to object to processing activities that have been qualified under this Privacy Notice as arising under the legal basis of Legitimate Interest on the part of “L Squared”. This right may be exercised by submitting a request to our Data Protection Officer.

[CCPA/CPRA] Right to opt out of sales – We do not sell your data, under any circumstances.

[GDPR and PIPEDA] Right to data portability - The right to receive your Personal Data in a structured, commonly used, and machine-readable format as well as the right to transmit them to another controller without obstacle. This right may be exercised by submitting a request to our Data Protection Officer.

[GDPR] Right to be informed about a Personal Data Breach - You have the right, and it is our obligation to ensure it, to be informed of any unauthorized disclosure or potential disclosure of your Personal Data to unauthorized third parties. If you are covered by the GDPR, this will be done within 72 hours of the occurrence of such disclosure or knowledge by “L Squared” of potential disclosure, as the case may be; if you are covered by other Personal Data Protection laws, the defined legal timeline shall apply.

[GDPR and PIPEDA] Right to lodge a complaint with a supervisory authority - The right to lodge a complaint regarding “L Squared” processing activities in relation to Personal Data with any of the European Union Member States’ data protection Supervisory Authorities as well as your local Supervisory Authority if you are located
outside of the European Union. You can find a list of the European Union Member States; and data protection Supervisory Authorities here Our Members | European Data Protection Board (europe.eu).

[CCPA/CPRA] Right to be free from discrimination – You may exercise any of the above rights without fear of being discriminated against. For any of the above-mentioned CCPA-related rights, you may designate an authorized agent to request on your behalf.

[CCPA/CPRA] Right to not have Personal Data shared or sold – You may exercise this right either by submitting a request by email to the Data Protection Officer or via the Form on our website. You may exercise your rights under GDPR by contacting the “L Squared” Data Protection Officer through the e-mail address privacy@LSquared.com.

13. Are there any costs to you for exercising your Rights under the law?
We will not charge any costs for you to exercise your Rights as determined by applicable Legislation.