ION Geophysical Corporation
Attn: Customer Relations
2105 CityWest Blvd, Suite 400
Houston, TX 77042
What Personal Data May We Process?
The types of personal data relating to you that we may “process” (such as collect, use and store) depends on your interaction with us. The key types of personal data that we have processed over the last 12 months are set out below.
Personal Data That You Give Us
|Activity||Types of personal data that we may process||Our legal bases for processing|
|Your general use of our website||
|Your communications with us as a potential or current customer or other business partner||
|Your communications with us as a shareholder and your engagement with us through webcasts, email alerts and other means||
|Your application for a job, internship, consulting position, or other role at ION||
If you are a current employee, intern consultant or other service provider, please refer to our separate “Personnel Privacy Notice,” which governs your privacy rights in such capacity and will be made available to you upon request.
Information That We May Collect Automatically
We collect certain data about all visitors to our website, including what pages they view, the number of bytes transferred, the links they click, and other actions taken within our site. If you log-on to our site or to any pages in our site, we may connect this information with your identity to determine your potential interests in our products and services. We may also use this information to improve our security measures. We also collect certain standard information that your browser sends to every website you visit, such as your Internet Protocol (IP) address, your browser type and capabilities and language, your operating system, the date and time you access the site, and the website from which you linked to our site. We do not link these data to your identity.
Most internet browsers automatically accept cookies, but you can usually modify your browser settings to decline cookies or to notify you when a cookie is being placed on your computer. You can also choose to decline certain types of cookies on our Website by unselecting the applicable checkbox in our cookie banner. If you choose not to accept cookies, you may not be able to experience all of the features of our Website. Internet browsers also enable you to delete existing cookies, although this means that your existing settings (including stored user IDs and other preferences) will be lost.
Our site also may contain electronic images known as web beacons – sometimes called single-pixel gifs – that allow us to count the number of users who have visited those pages. We may include web beacons in promotional e-mail messages or newsletters in order to determine whether messages have been opened and acted upon (including whether the recipient clicked on a link in the email or forwarded the email to another person).
Your browser may offer you a “Do Not Track” option, which allows you to signal to operators of websites and web applications and services that you do not want them to track your online activities. Our site does not currently support Do Not Track requests.
Children’s Information and Sensitive Information
We do not knowingly collect personal information from children under the age of 13. If we are made aware that we have collected personal information from a child under the age of 13, we will delete it as soon as practicable.
Unless we specifically request or invite it, we ask that you not send or disclose to us any sensitive personal information (e.g., National Insurance or Social Security numbers, information related to racial or ethnic origin, political opinions, religion or philosophical beliefs, health, sex life or sexual orientation, criminal background, trade union membership, or biometric or genetic data for the purpose of uniquely identifying an individual).
How Do We Process Your Personal Data?
We may process your personal data in the following ways (depending upon your interaction with us):
- collecting your personal data that you input on our website, or provide to us in conversations, emails, or meetings with us;
- recording your personal data, such as through electronic or handwritten notes that we make;
- organizing and storing your personal data on our servers, in our document management system, in our employee’s email inbox folders, or in hard copy files;
- using your personal data to communicate with you and perform analytics that are necessary or useful in connection with your relationship with us as a current or prospective customer, investor, employee or business partner; and
- disclosing your personal data to third parties, where necessary, appropriate and/or as required by law (see the “With Whom May We Share Your Personal Data?” section below for additional information).
We may process your personal data for the following purposes:
- to deliver services or execute transactions you request, such as providing information about our products and services, processing orders, answering customer service requests, facilitating the use of our website and similar purposes;
- to respond to your questions, comments, complaints, or requests;
- to improve our website (including our security measures) and related products or services, including by making our website easier for you to use and personalizing our website to suit your interests and preferences;
- to inform you of products or services available from us (though any such marketing efforts will comply with applicable laws);
- to follow up with you on a job application;
- to further our business purposes, such as (i) to perform due diligence, data analysis, audits, fraud monitoring, and prevention; (ii) to enhance, improve, or modify our website or services; (iii) to identify trends; and (iv) to operate and expand our investment and business activities.
We do not use any personal data provided by you for the purpose of automated decision-making.
How Will We Protect Your Personal Data?
We have implemented security policies and other technical and organisational measures to protect the personal data that we collect, consistent with applicable privacy and security laws. These security measures are designed to prevent unauthorized access, improper use or disclosure, unauthorized modification, and unlawful destruction or accidental loss of your personal data.
We also require that any third parties that process your personal data on our behalf agree to take appropriate security measures to protect your personal data.
We have put in place procedures to deal with any suspected security breach that involves your personal data and will notify you and the applicable regulator of a suspected breach where legally required to do so.
With Whom May We Share Your Personal Data?
We take your privacy seriously and have not shared your personal data with others in the last 12 months, except in the following circumstances:
Service providers: We may disclose your personal data to third-party service providers to provide us with services such as website hosting and professional services, including information technology services, payroll services, accounting and auditing services, consultancy services, regulatory services, and legal services.
Our affiliates: We may disclose your personal data to our affiliates in order to provide you with tailored services and communications, or in accordance with our business administrative practices.
Commercial transactions: We may disclose some or all of your personal data to financial institutions, shipping carriers, postal services or government entities in connection with consummating certain commercial transactions.
Legal reasons: We may use or disclose your personal data as appropriate under applicable laws; to respond to requests from public, governmental; and regulatory authorities; to comply with court orders, litigation procedures, and other legal processes; to obtain legal remedies or limit our damages; to protect the operations of our group entities; and to protect the rights, safety, or property of our employees, you, or others.
For How Long Do We Retain Your Personal Data?
We retain your personal data only for as long as is necessary for our relationship with you, in accordance with our retention policies, and in accordance with applicable laws. To determine the appropriate retention periods for personal data, we consider the amount, nature and sensitivity of the personal data, legal requirements, the potential risk of harm from unauthorized use or disclosure, the purposes for which we process your personal data and whether we can achieve those purposes through other means. In some circumstances, we may anonymize your personal data so that it can no longer be associated with you, in which case we may use the information without further notice to you.
Your California Privacy Rights
If you are a California resident, then you also have the following rights under the California Consumer Privacy Act (“CCPA”) regarding your personal information.
Right to Know
- You have the right to know and see what personal information we have collected about you over the past 12 months, including:
- The categories of personal information we have collected about you;
- The categories of sources from which the personal information is collected;
- The business or commercial purpose for collecting your personal information;
- The categories of third parties with whom we have shared [or to whom we have sold] your personal information; and
- The specific pieces of personal information we have collected about you.
Right to Delete
You have the right to request that we delete the personal information we have collected from you. There are a number of exceptions, however, that include, but are not limited, to when the information is necessary for us or a third party to do any of the following:
- Complete your transaction;
- Provide you a good or service;
- Perform a contract between us and you;
- Protect your security and prosecute those responsible for breaching it;
- Fix our system in the case of a bug;
- Protect the free speech rights of you or other users;
- Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et seq.);
- Engage in public or peer-reviewed scientific, historical, or statistical research in the public interests that adheres to all other applicable ethics and privacy laws;
- Comply with a legal obligation; or
- Make other internal and lawful uses of the information that are compatible with the context in which you provided it.
Sale of Your Personal Information
[We do not sell your personal information, or the personal information of minors under the age of 16, for money or other valuable consideration.]
More information about your rights as a California consumer may be found on California’s Department of Justice website.
ION Does Not Discriminate
We will not discriminate against you for exercising your rights under the CCPA, including by denying service, or suggesting that you will receive different rates for services, level or quality of service.
How to Exercise Your Rights
To exercise any of your access or deletion request rights, please submit a verifiable consumer request to email@example.com, or by calling our toll-free line, 1-(800)-910-1236.
We will contact you to confirm receipt of your request under the CCPA and request any additional information necessary to verify your request. We verify requests by matching information provided in connection with your request to information contained in our records. Depending on the sensitivity of the request and the varying levels of risk in responding to such requests (for example, the risk of responding to fraudulent or malicious requests), we may request that you use your access credentials in order to verify your request. You may also designate an authorized agent to make a request under the CCPA on your behalf, provided that you provide a signed agreement verifying such authorized agent’s authority to make requests on your behalf, and we may verify such authorized person’s identity using the procedures above.
The verifiable consumer request must:
- Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
- We will not be able to respond to your request or provide you with specific pieces of personal information if we cannot verify your identity and authority to make the request.
Your Additional Rights in the European Economic Area
If your personal data has been collected in connection with our activities in the European Economic Area (“EEA”), you have the following rights::
- Withdrawal of Consent: If consent is the lawful basis of our processing, you have the right to withdraw any consent that you have provided to us to process your personal data.
- Access: You have the right to access your personal data.
- Rectification: You have the right to rectify inaccurate personal data.
- Erasure: You have the right to have your personal data erased if it is no longer necessary for the purposes for which it was processed, you have withdrawn your consent to, or object to, its processing and there is no other legitimate grounds for processing it or you consider that it has been unlawfully processed.
- Restriction: You have the right to have the processing of your personal data restricted if you contest its accuracy, its processing is unlawful, we no longer need it but you need it for a legal claim, or you have objected to its processing and await verification of our legitimate grounds for processing it.
- Data Portability: You have the right to have certain personal data you provide to us transferred to another company in a machine-readable format.
- Objection: You have the right to let us know that you object to the further use or disclosure of your personal data for certain purposes.
In order to exercise any of these rights, or for more information, please use the contact details specified above. Please note that these rights are subject to certain preconditions and qualifications under applicable law.
You also have the right (where applicable) to withdraw any consent given in relation to the processing of your personal information.
Please note that the right to erasure is not absolute and it may not always be possible to erase personal data on request, including for example where the personal information must be retained to comply with a legal obligation.
The data controller (as defined under EU data protection law) will be the relevant ION entity that you engage with.
International Transfers of Personal Data
Some of our group entities and service providers are located outside of the European Economic Area. Accordingly, if you are in the European Economic Area, please note that we will transfer your personal data to such countries in accordance with applicable data protection law requirements. Such transfers may also be necessary in order to perform a contract with you/fulfill your request and/or through obtaining your affirmative consent.
Filing a Complaint With an EU Regulator
If you are in the EU, you may lodge a complaint with a supervisory authority that has authority in your country or region. Please click here for contact information for such authorities.
Policy last updated: July 9, 2020