Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            Third Iron Application Privacy Policy

            Modified on Fri, 17 Jan at 9:54 AM

            Last Revised: January 13, 2025

             

            Overview

            This Application Privacy Policy (“App Policy”) governs the manner in which Third Iron, LLC, and its affiliates, including BZ DISC, Inc. (“Third Iron”,   “we”, “us,” and “our”) applies to our applications, products and services including, but not limited to, our BrowZine and LibKey applications (collectively “Applications”). 

            We respect your privacy rights and value your trust. This App Policy describes how we collect, receive, use, store, share, transfer, and process your Personal Information (defined below), as well as your rights in determining what we do with the information that we collect or hold about you as it specifically relates to our Applications.

            This App Policy also describes how we collect and use the Personal Information provided by our customer organizations who license and purchase our Applications, such as universities, schools,   hospitals, corporations and government research labs (“Licensed Entities”) in connection with our Applications, including information about you as a user of our Applications (“User”). The use of information collected through our Applications shall be limited to the purpose of providing the service for which our Licensed Entities have engaged Third Iron. We maintain a separate privacy policy with respect to our Website located at: https://thirdiron.com/ (“Website”). To view our Website Privacy Policy, click https://support.thirdiron.com/support/solutions/articles/72000570018-third-iron-privacy-policy


            Unless otherwise specified, this App Policy applies in the same manner to you and your Personal Information.   

            This App Policy does not apply to information collected by us offline or through any other means, including on any other website operated by Third Iron or any third party, or information collected by any third party through any application or content (including advertising) that may link to or be accessible from the Applications (for further information, see below, “Links to Other Services and Websites”). 


            Please read this App Policy carefully to understand our practices regarding your information and how we will treat it. If you do not agree with our policies and practices, then please do not use our Applications. By using our Applications, you agree to the terms of this App Policy. This App Policy may change from time to time (see below, “Changes To Our App Policy”). Your continued use of our Applications after we make changes is deemed to be acceptance of those changes, so please check the App Policy periodically for updates.


            Licensed Entity Agreements

            The terms of any service agreement (including applicable Statements of Work) between any Licensed Entity and Third Iron for the use, purchase or license of any Application (“Agreement”) shall also be incorporated into this App Policy by reference.


            Information We Collect

            Our Applications collect information used by our Licensed Entities, such as IP addresses, in order to connected affiliates of our Licensed Entities to full-text online journal articles and electronic books. Licensed Entities link to our Application from their websites, such as a library website, and place our Applications on their devices and hardware (e.g., Licensed Entities may install our LibKey Nomad browser extension on their networked computers), and Third Iron then processes such information on behalf of our Licensed Entities. Accordingly, Third Iron has no direct relationship with the individuals whose Personal Information we process on behalf of our Licensed Entities

             

            If you are a client, customer, student, parent of a student, contractor or employee of one of our Licensed Entities and would no longer like to have access to our Applications or have any questions or concerns about data or your Personal Information that the Licensed Entity may provide Third Iron by using our Applications, please contact the Licensed Entity directly. 

             

            For purposes of this App Policy, "Personal Information" refers to information that relates directly or indirectly to an identified or identifiable individual ("you"). The Personal Information that we collect about you is dependent on our Licensed Entities’ use of the Applications and the data that they enter into our Applications relating to you and vary depending on the services you are receiving from our Licensed Entity-customers.

             

            Service Providers. We may transfer Personal Information to companies that help us provide our Applications. Transfers to subsequent third parties are covered by the service agreements between us and our Licensed Entities, and between us and such third parties.

             

            Automated Information Collection

             

            While you use our Applications, certain information, including Personal Information, may be collected about your use of our Applications, including:

             

            Device and Usage Information: Information about your hardware and software or a Licensed Entity’s hardware and software that you are using, IP address, browser type and version, operating system, referral/exiting sources, other pseudonymous identifiers, and information about the timing, frequency, and patterns of your usage. 

             

            Browser Local Storage Tokens:  Our Applications use browser local storage to store data on a User’s device or a Licensed Entity’s device in which a User has access in order to enhance User experience and to facilitate certain Applications’ functions, specifically to store which Licensed Entity the user has indicated as being affiliated.   

            Using Your Personal Information

            The information collected through our Applications is used by Third Iron to provide our Licensed Entity-customers with access to our BrowZine and LibKey services. The ways we may use your Personal Information include, but are not limited to: 

            • Providing access to BrowZine and LibKey services; 
            • improving our Licensed Entity-customers’ business purposes; 
            • facilitating new customer relationships;
            • improving the content, functionality and usability of our Applications;
            • security or fraud prevention purposes; and
            • any other purpose identified at the point of data collection, in an applicable privacy notice, in a click-through agreement or in any other applicable agreement between a Licensed Entity and Third Iron. 

             

            We collect and use Personal Information solely with the objective of fulfilling those purposes specified above and for other compatible purposes, unless you provide your consent or as required by law.

            Disclosing Your Personal Information

            We share your Personal Information according to this App Policy, with your consent or as necessary to provide you the Applications or services you or our Licensed Entity customers request, as well as to operate our business. The ways in which we share your Personal Information are set forth below.

            Third Party Service Providers/Vendors. We share your information with contracted third parties who provide services on our behalf to help with our business activities. These companies are authorized to use your Personal Information only as necessary to provide these services to us, pursuant to written instructions. In such cases, these companies must abide by our data privacy and security requirements, and are not allowed to use personally identifiable information, they receive from us for any other purpose. Representative business processes that our service providers/vendors assist us with may include: 

            • network or cybersecurity monitoring and intrusion detection;
            • Application development/management;
            • providing customer service;
            • offering technical support, including by way of our online ticketing system found on our Website
            • providing cloud computing infrastructure/storage/processing, etc.;
            • technical administration, such as hosting, managing and maintaining our Applications, networks, etc.
            • analytics for research and development purposes, including Application usage data, and benchmarking research and services on a de-identified basis; and
            • educational development relating to training, certification, course development and related activities.

            Legal Compliance. In certain situations, we may be required to disclose Personal Information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. We may also disclose your Personal Information as required by law, such as to comply with a subpoena or other legal process, when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request. 

            In Aggregate or De-Identified Form. We may aggregate or otherwise anonymize the data we collect for purposes of analytics, research, and other business interests of Third Iron. Such use shall not include Personal Information or information that can identify you as an individual or reasonably be used to identify you.

            Corporate Transactions. If Third Iron is involved in a merger, acquisition, dissolution, sale of all or a portion of its assets, or other fundamental corporate transaction, we reserve the right to sell or transfer your information as part of the transaction.


            Rights and Choices

            Whenever possible and within our authority, Third Iron will offer you the opportunity to choose (opt-out) whether your Personal Information is to be used by Third Iron for a purpose other than the purpose for which it was originally collected or subsequently authorized by you. Third Iron will provide you with reasonable mechanisms to exercise your choices. Please note that Third Iron acts as a “data processor/service provider” for our Licensed Entity customers. For this reason, you may need to direct your request to our Licensed Entity-customers as “data controllers” to exercise your opt-out preferences.


            Account Access 

            An individual who seeks access, or who seeks to correct, amend, or delete data entered by one of our Licensed Entity customers should direct their inquiry directly to the Licensed Entity (the data controller). If requested by a Licensed Entity customer to remove data, we will respond within a reasonable timeframe which will not exceed forty-five (45) days or as otherwise required by law. If the process of removal will require in excess of forty-five (45) days (or such other period as required by law) we will inform the Licensed Entity customer.


            Our Applications 

            BrowZine and LibKey are Third Iron Applications that provide Users the ability to virtually review and sort through library catalogues. These Applications may be used for a variety of purposes by Licensed Entities. Certain Applications are accessible from a mobile device, tablet or computer. This App Policy applies to these Applications, and an overview about each Applications’ specific processing and collection capabilities are outlined below. 

            The following list is intended to highlight some of Third Iron’s Applications and is provided for informational purposes only. The list below is not intended to be a complete list of all Third Iron Applications. For more information about a specific Application and the information such Application collects about you, please contact the Licensed Entity directly or email us at [email protected].

            1. BrowZine
            • Product Overview. BrowZine is an application that presents a Licensed Entity’s electronic journal collection visually and arranged by subject, enabling Users to quickly find journals of interest.  Users may easily browse titles of interest, also to make use of the optional “My Bookshelf” and “My Articles” personalization features to follow titles of interest, be notified when new articles are published in followed titles, and to save articles for future reading.
            • Category of Personal Information Collected. Email address and Internet Protocol (IP) address.
            1. LibKey 
              • Product Overview. LibKey is  web-based access technology that connects users from citations to online articles and books, found in library services such as discovery platforms and databases, or on the open web at sites like Wikipedia and PubMed, to the full text as it is available from Open Access and licensed resources.  
              • Category of Personal Information Collected. Internet Protocol (IP) address. 

            Data Retention

            Data (including any Personal Information) collected from our Applications is stored directly within the Application, on the device itself, and on servers in the U.S.  Third Iron will retain Personal Information we process on behalf of a Licensed Entity for as long as needed to provide services to such Licensed Entity. Our Licensed Entity customers are solely responsible for exporting all data stored in our Applications prior to the termination of our services. Licensed Entities will retain your Personal Information in accordance with their internal data retention policies. Please contact the Licensed Entity directly to review such policies. 

             

            Termination. Third Iron will retain all data for a minimum of ninety (90) days after the termination of our services to a Licensed Entity as a safeguard in case the Licensed Entity requires more time to export its data. Licensed Entities will be responsible during this ninety (90) day period to make any requests for additional data. Third Iron reserves the right to retain such data beyond such ninety (90) day period to the extent Third Iron determines necessary to satisfy other reasonable business purposes, such as complying with legal obligations, resolving disputes, or enforcing our agreements.


            How We Protect Your Information 

            We follow generally accepted industry standards to protect the Personal Information submitted to us, both during transmission and once we receive it. No method of transmission over the Internet, or method of electronic storage, is 100% secure, however. Therefore, we cannot guarantee its absolute security. You have a responsibility, as well, to safeguard your information through the proper use and security of any online credentials used to access your Personal Information, such as a username and password. If you believe your credentials have been compromised, please change your password. If you are an employee, contractor, student or parent of a student of a Licensed Entity, please notify them immediately in accordance with their policies and procedures. Following notification to our Licensed Entity customers, please immediately notify Third Iron of any actual or suspected unauthorized use of our Applications or your information. To report a security violation, please promptly notify us by sending an email with the subject line “Security Concern” and a description of the concern to [email protected] or by calling us at 855-649-7607.

             

            Your Consumer Rights

             

            Some state laws in the United States provide individuals with additional rights with respect to their Personal Information (also known as “personal data”), as those terms are defined under those applicable state laws. Such state laws may include, but are not limited to, the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 and its implementing regulations (“CCPA”),  Colorado Privacy Act and its implementing regulations (“CPA”), Connecticut Data Privacy Act (“CTDPA”),  Montana Consumer Data Privacy Act (“MTCDPA”), Oregon Consumer Data Protection Act (“OCPA”), Utah Consumer Privacy Act (“UCPA”), and Virginia Consumer Data Protection Act (“VCDPA”) (collectively “U.S. Privacy Laws”). Any Personal Information we collect is for the commercial purpose of effectively providing our Applications to you and our Licensed Entity customers, as well as enabling you to learn more about and benefit from our Applications and services. If you are a consumer in a state that provides consumer rights, please be advised that Third Iron is NOT a “business” or “controller” as that term is defined under U.S. Privacy Laws and therefore does not afford consumers these rights with respect to their Personal Information. Regardless, all Personal Information will be processed in accordance with this App Policy.

             

            California Privacy.  

            • Shine the Light lawIf you are a California resident, California Civil Code Section 1798.83 permits you to request information regarding the disclosure of your Personal Information by Third Iron to a third party for the third party’s direct marketing purposes. To make such a request, please send an email to [email protected] or write us at: Third Iron, LLC., Attn: Privacy, PO Box 270400, St Paul, MN 55127 USA.
            • WE DO NOT SELL OR SHARE YOUR PERSONAL INFORMATION. If we ever decide to “sell” or “share” Personal Information, as those terms are defined under the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020, we will update you via this Policy and include a link entitled “Do Not Sell or Share My Personal Information,” to provide you with an opportunity to opt out of the selling or sharing of your Personal Information.

             

            Nevada Privacy 

            Nevada law permits customers in Nevada to opt-out of the sale of certain kinds of Personal Information. We do not sell your Personal Information to third parties as defined in Nevada law. If you are a Nevada resident and wish to opt-out of the sale of your Personal Information, should we change our practices in the future, you can contact us at [email protected].


            Texas Privacy 

            The Texas Data Privacy and Security Act applies to Texas consumers. As a Texas resident, you have the right to:

            • Right to know whether we process your Personal Information and to obtain the Personal Information in a readable format;
            • Right to correct inaccuracies in your Personal Information, taking into account the nature of the data and the purposes for processing the data;
            • Right to delete Personal Information provided by or obtained about you;
            • Right to opt out of the processing of Personal Information for purposes of targeted advertising, the sale of Personal Information, or profiling; and 
            • Right to not face retaliation or discrimination for exercising these rights. 

            If you are a Texas resident who chooses to exercise the rights listed above, you can submit a request via email at [email protected].


            For Users Outside the United States. Under the (i) General Data Protection Regulation (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, or “GDPR”), (ii) Data Protection Act 2018, (iii) GDPR as it forms part of the law of England and Wales, Scotland and Northern Ireland (i.e., “UK GDPR”) as provided in the Data Protection Act 2018, (iv) Switzerland Federal Act of Data Protection as amended (“FADP”), (v) General Law for the Personal Data Protection (Law No. 13.709/2018; “LGPD”) and (vi) any other applicable data protection legislation of any country or other jurisdiction (collectively “International Data Protection Laws”) individuals have specific rights with respect to their Personal Information, or “personal data” as defined under the International Data Protection Laws. 

            Any Personal Information we collect is collected for the commercial purpose of effectively providing our Applications to you and our Licensed Entity customers, as well as enabling you to learn more about, and benefit from, our Applications. Personal Information related to our Applications will be processed on the legal basis of performing our contractual and legal obligations owed to our Licensed Entity customers and for the legitimate business interests of Third Iron. For purposes of our Applications installed and used by our Licensed Entity customers, Third Iron operates as a “data processor.” As such, and in line with other representations in this App Policy, we may not have the authority to fulfill your requests under International Data Protection Laws, and as provided in the below  section of this App Policy. Rather, you may need to direct such request to our Licensed Entity customers as the “data controllers.”

            The Data Processor is:

            • Name: Third Iron, LLC (including all affiliates)
            • Address: PO Box 270400, St Paul, MN 55127
            • Email Address[email protected]

            International User Rights. To the extent we have the authority to respond to your exercise of the rights below, you may do so subject to our verification of your identity. In the event you use a third-party agent to make any such request of Third Iron under this section, we may require additional confirmation of your authorization of such a request before processing your request. Third Iron maintains a lawful basis to process your Personal Information, including but not limited to such bases listed below:

            • You have given consent.
            • Processing is necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract.
            • Processing is necessary to protect our legitimate interests or that of a third party, except where such interests are overridden by your interests or fundamental rights.

             

            As an international User, certain International Data Protection Laws may afford you the rights outlined below: 

            • Access. You may request a copy of the Personal Information our Applications’ databases currently contain. 
            • Automated Processing and Decision-Making. You may request that we stop using your Personal Information for automated processing, such as profiling. When contacting Third Iron, please explain how you wish us to restrict automated processing of your Personal Information. When such restrictions are not possible, we will advise you accordingly. You can then choose to exercise any other rights under this App Policy, to include withdrawing your consent to the processing of your Personal Information. 
            • Correction or Rectification. You can correct what Personal Information our Applications’ database currently contains by accessing your account directly, or by emailing us (as provided below) to request that we correct or rectify any Personal Information that you have provided to us.   We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause information to be incorrect. Where applicable, we will ensure such changes are shared with trusted third parties. 
            • Restrict Processing. When applicable, you may restrict the processing of your Personal Information by submitting a request via email (to the email provided below). In your email, please explain how you wish us to restrict processing of your Personal Information. When such restrictions are not possible, we will advise you accordingly. You can then choose to exercise any other rights under this App Policy, to include withdrawing your consent to the processing of your Personal Information. Where applicable, we will ensure such changes are shared with trusted third parties. 
            • Object to Processing. When applicable, you have the right to object to the processing of your Personal Information by submitting a request via email to (to the email provided below). When such objections are not possible, we will advise you accordingly. You can then choose to exercise any other rights under this App Policy, to include withdrawing your consent to the processing of your Personal Information. Where applicable, we will ensure such changes are shared with trusted third parties.
            • Portability. Upon request and when possible, we can provide you with copies of your Personal Information. When such a request cannot be honored, we will advise you accordingly. You can then choose to exercise any other rights under this App Policy, to include withdrawing your consent. Where applicable, we will ensure such changes are shared with any trusted third parties. 
            • Withdraw Consent. At any time, you may withdraw your consent to our processing of your Personal Information through our Applications by notifying us via email (to the email provided below) and typing the words “WITHDRAW CONSENT” in the subject line of your email. Upon receipt of such a withdrawal of consent, we will confirm receipt and proceed to stop processing your Personal Information. Where applicable, we will ensure such changes are shared with trusted third parties. 
            • Erasure. If you should wish to cease use of our Applications and have your Personal Information deleted from our Applications, then you may submit a request by emailing us at the email provided below. Upon receipt of such a request for erasure, we will confirm receipt and will confirm once your Personal Information has been deleted. Where applicable, we will ensure such changes are shared with trusted third parties. 

            Exercising your rights. If you are a data subject that has rights under International Data Protection Laws, who chooses to exercise the rights listed above, you can submit a request via email at [email protected] or contact the License Entity directly.


            Submit Complaints or QuestionsIf you wish to raise a complaint on how we have handled your Personal Information, you can contact us as described in this App Policy. If you reside in a European Union member state, the United Kingdom, Switzerland or any other applicable international jurisdiction granting you rights to your Personal Information under International Data Protection Laws, you may also lodge a complaint with the supervisory authority in your country.


            Data Transfers. If we transfer your Personal Information to a recipient in a country outside the European Economic Area (“EEA”), United Kingdom, or any other applicable international jurisdiction granting you rights to your Personal Information under International Data Protection Laws, we will ensure that at least one of the following shall apply:  (i) the transfers will be to countries that have been deemed to provide an adequate level of protection for Personal Information by supervisory authorities; (ii) we have used specific model contracts approved by supervisory authorities, such as the European Commission, which are intended to give Personal Information the same protection it has in the country where you reside; or (iii) any alternative transfer mechanism that can lawfully support the transfer under International Data Protection Laws.  Please contact us if you want further information on the specific mechanism used by us when transferring your Personal Information outside your country of origin. For more information about data transfers, please also see the “Data Privacy Framework” section below. 


            Data Privacy Framework: EU-U.S. Data Privacy Framework with UK Extension, and Swiss-U.S. Data Privacy Framework 

            Third Iron participates in and has certified its compliance with the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”), the UK Extension to the EU-U.S. Data Privacy Framework, and the Swiss-U.S. Data Privacy Framework (“Swiss-U.S. DPF”) as set forth by the U.S. Department of Commerce. Third Iron, LLC and its affiliate BZ DISC, Inc has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. DPF Principles with regard to the processing of Personal Information received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) under the UK Extension to the EU-U.S. DPF. Third Iron has also certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. DPF Principles with regard to the processing of Personal Information received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this Privacy Policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Frameworks, and to view our certification, visit the U.S. Department of Commerce’s Data Privacy Framework website at https://www.dataprivacyframework.gov.

            We are committed to upholding the DPF Principles to all Personal Information received from the European Union, United Kingdom (and Gibraltar) and Switzerland in reliance on the relevant parts of the DPF program. 

            Third Iron, LLC and its affiliate BZ DISC, Inc is responsible for the processing of Personal Information it receives, under each Data Privacy Framework, and subsequently transfers to a third party acting as an agent on its behalf.  Third Iron, LLC and its affiliate BZ DISC Inc complies with the Data Privacy Framework Principles for all onward transfers of Personal Information from the EU, the UK and Switzerland, including the onward transfer liability provisions.

            The Federal Trade Commission has jurisdiction over Third Iron, LLC’s and its affiliate BZ DISC Inc’s compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF. In certain situations, Third Iron, LLC and its affiliate BZ DISC Inc may be required to disclose Personal Information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. 

            In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, Third Iron, LLC and its affiliate BZ DISC Inc commits to refer unresolved complaints concerning our handling of Personal Information received in reliance on the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF to VeraSafe, an alternative dispute resolution provider based in the United States.  If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit https://verasafe.com/public-resources/dispute-resolution/dispute-resolution-procedure for more information or to file a complaint.  These dispute resolution services are provided at no cost to you.

            Under certain conditions, more fully described on the Data Privacy Framework website at https://www.dataprivacyframework.gov/s/article/How-to-Submit-a-Complaint-Relating-to-a-Participating-Organization-s-Compliance-with-the-DPF-Principles-dpf, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.


            Children’s Privacy

            We do not knowingly collect or process any information from children under the age of 13 in the United States and under the age of 16 in jurisdictions outside the United States (“Child”) unless and until the relevant Licensed Entity has provided consent and authorization for a Child to use the Applications and for Third Iron to collect and process information from such Child. Where a Licensed Entity customer instructs us to collect Personal Information from U.S. children under the age of 13 or international children under the age of 16, we collect, use, process and retain such information solely to provide the educational services on behalf of the Licensed Entity customer and for the purposes set forth in our agreement with the Licensed Entity. We collect only as much information as is necessary to provide the service and the License Entity may access, delete, or withdraw consent for continued processing of the Child's information at any time. If you have any questions about reviewing, modifying, or deleting Personal Information of a Child, please contact your Licensed Entity directly.

             

            Please contact us at [email protected] if you believe we have inadvertently collected Personal Information from a U.S. child under 13 or international child under 16 without proper consent. This will allow Third Iron to delete such information as soon as possible.

             

            Links to Other Services and Websites

            Our Applications may link to full text articles hosted by other websites. When you select a link to an outside website you are leaving the Third Iron Application and are subject to the privacy and security policies of the owners of the third-party website. We encourage Users to be aware when they leave our Applications and to read the privacy policies of each website that collects personal data.


            Changes To Our App Policy

            This App Policy describes our current policies and practices with regard to the information we collect through our Applications. From time to time, we may change this App Policy. It is our policy to post any changes we make to our App Policy on this page. If we make material changes to how we treat your Personal Information, a revised App Policy will be posted on this webpage and the date of the change will be reported in the “Last Revised” block above. You can get to this page from any of our webpages by clicking on the “Application Privacy Policy” link (usually at the bottom of the screen). 


            Questions

            If you have questions, comments, or concerns regarding this Application Privacy Policy, please send us an email at [email protected].

            Preview
            0 of 0