Our Privacy Commitment
Visier is committed to protecting the privacy of your data. To help you meet the rapidly evolving and complex global data privacy laws and requirements, Visier has established a comprehensive Privacy and Data Protection Program to protect your data when using Visier’s solutions.
Our executive leadership team is actively involved in fostering a privacy aware culture throughout the organization. Visier employees understand the importance of protecting customer data, and are educated and proactively engaged in dialogue with the privacy team on privacy related issues, privacy requirements and best practices.
There is a clear understanding that Visier employees share the responsibility to protect your data. As an additional element of reassurance, we conduct appropriate background check screening of employees who are provided access to your confidential data. These employees must also complete specialized privacy training prior to being provided access to data. The confidentiality of your data is further protected as every Visier employee must follow Visier’s Code of Conduct and Ethics, adhere to the provisions of all company confidentiality agreements, and follow Visier’s policies and procedures, including its privacy and information security policies.
Compliance with Privacy Laws
Visier’s Privacy and Data Protection Program is aligned with applicable privacy laws and frameworks including Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA), the EU-US and Swiss-US Privacy Shield Frameworks, the EU General Data Protection Regulation (GDPR) and the UK Data Protection Act 2018.
Visier’s Privacy and Data Protection Program encompasses several components, including: senior management’s active commitment in fostering a privacy aware culture, designating a Privacy Officer responsible for overseeing the enterprise privacy program, maintaining privacy policies and notices, conducting privacy reviews and privacy impact assessments, operationalizing privacy requirements into business processes, embedding privacy by design principles into the development lifecycle of our solutions, and ensuring that all employees receive privacy training.
Privacy Certifications and Frameworks
Visier has self-certified to the EU – U.S. and Swiss – U.S. Privacy Shield Frameworks and adheres to the requirements of the Frameworks, which includes ensuring that appropriate notice, choice, limited collection, and security safeguards are in place to protect your data. To view our certification status in the Privacy Shield Framework, please visit the Department of Commerce website. Although external verification is not required under the Privacy Shield, Visier has used TrustArc to assess and confirm our compliance with the Framework’s requirements. To view our verification status, please click here.
We understand you may be faced with organizational restrictions on where your data may be stored. When using Visier’s solutions, you may select the appropriate region (Canada, Germany or the United States) for storing your data to meet data residency requirements.
If your organization handles United Kingdom (UK) and/or European data, data may be stored in Canada as Canada’s privacy laws have been recognized by the European Commission as meeting the adequacy requirement for the protection of personal data. Alternatively, you may choose to have your data stored in the United States and rely on the EU-US and Swiss-US Privacy Shield Frameworks for data transfers from Europe, United Kingdom, and Switzerland to the US.
Visier has implemented industry standard measures to safeguard and protect your data, including many customer-controllable settings.
We understand that it is essential to control the visibility of your data within your organization. That is why you have full control and can customize the security roles in the Visier solutions to limit user’s visibility to only the data elements they are authorized to see. We also offer numerous checkpoints to ensure there is an opportunity for you to validate your requested configuration changes and review your data and business rules prior to your data being published and accessed by your larger user base.
At all times, connection to the Visier service is via Transport Layer Security (TLS) with Perfect Forward Secrecy, ensuring that our customers have a secure connection to their data. Individual user sessions are uniquely identified and re-verified with each transaction. In addition, Visier’s IP Range Restrictions feature enables you to restrict the range of IP addresses from which users may log in.
To ensure complete data segregation, your data is logically separated by means of hardware and software configurations to ensure each customer organization can only view the data they are meant to have access to. You will be provided with your own credentials and tenant ID to ensure there is appropriate segregation and restriction of access to your information.
Visier uses the following sub-processors to facilitate the provision of its services. This information is intended to help you understand the providers we use, however, please consult with your Visier representative if you require further details.
|Name of Sub-processor||Purpose||Country|
|Visier, Inc.||Affiliated Service provider||USA|
|Visier Solutions Inc.||Affiliated Service provider||Canada|
|Visier Limited||Affiliated Service provider||United Kingdom|
|Cyxtera Technologies, Inc.||Co-Location Provider||Canada or USA (as selected by your organization)|
|Amazon Web Services, Inc.||Infrastructure as a Service||Canada, Germany, or USA (as selected by your organization)|
To learn about Visier’s handling of information collected from visitors to our website, please see our Privacy Statement at https://www.visier.com/privacy/.