Privacy Overview

Our Privacy Commitment

Viser is committed to protecting the privacy of your data. To help you meet the rapidly evolving and complex data privacy laws and requirements, Visier has established a comprehensive privacy and security program to protect your data when using Visier’s solutions.

Our Culture

Our executive leadership team is actively involved in fostering a privacy aware culture throughout the organization. Visier employees understand the importance of protecting customer data, and are educated and proactively engaged in dialogue with the privacy team on privacy related issues.

There is a clear understanding that Visier employees share the responsibility to protect your data. As an additional element of reassurance, we conduct appropriate background check screening of employees who are provided access to your confidential data. The confidentiality of your data is further protected as every Visier employee must follow Visier’s Code of Conduct and Ethics, adhere to the provisions of all company confidentiality agreements, and follow Visier’s policies and procedures, including its privacy and information security policies.

Compliance with Privacy Laws

Visier’s privacy practices are aligned with international privacy laws and frameworks including Canada’s PIPEDA, the APEC Privacy Framework, the EU-US and Swiss-US Privacy Shield Frameworks, the EU Data Protection Directive (Directive 95/46/EC) and the EU General Data Protection Regulation (GDPR) (coming into force on May 25, 2018).

Visier’s privacy program has multiple integral components, including: senior management’s active commitment in fostering a privacy respectful culture, a Privacy Officer and other designated individuals who are responsible for managing the privacy program, incorporation of privacy reviews and privacy impact assessments as part of its business processes, and regular data privacy training and education for all employees.

Privacy Certifications and Frameworks

Visier has self-certified its compliance with the EU-US and Swiss-US Privacy Shield Frameworks. The Frameworks were designed by the US Department of Commerce and the European Commission to be a mechanism which allows US companies to transfer data from the European Union and Switzerland to the United States.

TrustArc (formerly TRUSTe) has also certified Visier for the Enterprise Privacy Certification Standards and the Frameworks.
Visier adheres to the requirements of the Frameworks and Standards, which include ensuring appropriate transparency, consent, limited collection, and security safeguard practices are in place to protect your data.

Data Location

We understand you may be faced with organizational restrictions on where your data may be stored. When using Visier’s solutions, you may select the appropriate region (Canada or the United States) for storing your data to meet data residency requirements.
If your organization handles European data, data may be stored in Canada as Canada’s privacy laws have been recognized by the European Commission as meeting the adequacy requirement for the protection of personal data. Alternatively, you may choose to have your data stored in the United States and rely on the EU-US and Swiss-US Privacy Shield Frameworks for data transfers from Europe and Switzerland to the US.

Controlled access

Visier has implemented industry standard measures to protect your data, including many customer-controllable settings.

We understand that it is essential to control the visibility of your data within your organization. That’s why you’re fully in control and can customize the security roles in the solutions to limit user’s visibility to only the data elements they are authorized to see. We also implement numerous checks and balances to ensure there is an opportunity to check your requested configuration changes and validate your data and business rules prior to your data being published and accessed by your larger user base.

At all times, connection to the Visier service is via Transport Layer Security (TLS) with Perfect Forward Secrecy, ensuring that our customers have a secure connection to their data. Individual user sessions are uniquely identified and re-verified with each transaction. In addition, Visier’s IP Range Restrictions feature enables you to restrict the range of IP addresses from which users may log in.

To ensure complete data segregation, your data is logically separated by means of hardware and software configurations to ensure each customer organization can only view the data they are meant to be viewing. You will be provided with your own credentials and tenant ID to ensure there is appropriate segregation and restriction of access to your information.

Visier’s Sub-Processors

Visier uses the following sub-processors to facilitate the provision of its services. This information is intended to help you understand the providers we use, however, please consult with your Visier representative if you require further details.

Name of Sub-processor Purpose Country
Visier, Inc. Affiliated Service provider USA
Visier Solutions Inc. Affiliated Service provider Canada
Visier Limited Affiliated Service provider United Kingdom
Cyxtera Technologies, Inc. (formerly CenturyLink) Infrastructure provider: Data center Canada or USA (as selected by your organization)
Amazon Web Services, Inc. Infrastructure provider: Data center Canada, Germany, or USA (as selected by your organization)

Website Privacy Statement

To learn about Visier’s handling of information collected from visitors to our website, please see our Privacy Statement at https://www.visier.com/privacy/.