Privacy Policy
LAST UPDATED:
January 2023
Moody’s
respects and values your privacy. This Privacy Policy explains how we collect
your Personal Data (defined below) on those web sites of Moody’s that post or
link directly to this Privacy Policy (collectively, the “Site”) and through
offline means, how we use, disclose, and protect such data, and the choices you
have concerning our use of such data. Please read this Privacy Policy
carefully. Moody’s may from time to time update this Privacy Policy. Any
changes to this Privacy Policy will become effective when we post or link to
the revised Privacy Policy on the Site. Any significant changes to the way we
collect or use Personal Data will be highlighted on the homepage of the Site in
advance. Please review the “Last Updated” legend at the top of
this page to determine when this Privacy Policy was most recently revised.
For the purposes of this Privacy Policy, “Moody’s”,
"we", "us", and "our" means Acquire Media U.S.,
LLC and Acquire Media 1 UK Limited.
In some circumstances, you may have the option to decline
to provide us with any Personal Data to visit the Site. However, if you choose
to withhold requested information, you may not be able to visit all sections or
use all features of the Site.
This Privacy Policy shall also apply to any Moody’s mobile application and other forms of
Moody’s online activity that reference this Privacy Policy. In such
instances, the term “Site” shall include the applicable mobile application or other Moody’s
online activity whenever
that term is used herein.
Types
of Data Collected
We gather
Personal Data and Other Data (as described below).
Collection of Personal Data
Personal data is information that identifies you or can
be used to identify or contact you, e.g.,
your name, email address, address, or phone number ("Personal Data").
We may need to collect and process Personal Data in order to
provide requested information, products or services to you (including the Site)
or because we are legally required to do so and/or we have a
legitimate interest to do so.
Use of Personal Data Collected
We use Personal Data transparently and
in compliance with applicable law for legitimate business purposes, including
the following:
Cookies
and Other Tracking Technologies
We use
cookies and similar technologies (collectively, “Cookies”) on our websites
Essential
Cookies
Essential
Cookies are necessary for the Site to function and cannot be switched off
without affecting the use of the Site. Essential Cookies are usually only set
in response to specific actions you take on the Site, such as retaining search
results where you use an internal search function or setting your Cookies
preferences.
Essential
Cookies seldom collect and use any Personal Data, though they may contain an ID
code which allows the Site to distinguish you as an individual visitor from all
other visitors on the Site at the same time. These types of unique ID code are
used to maintain a server session to enable functions you have requested. Essential
Cookies are typically session Cookies and only retain data for the duration of
your visit to the Site.
We use
essential Cookies as we believe it is in both our and your legitimate interests
to enable the Site to work properly.
Functional
Cookies
Moody’s uses
functional Cookies to understand how the Site is used and to customize and
enhance the Internet experience of users. When you revisit the Site, Moody’s
may recognize you by a functional Cookie and customize your experience. For
example, once you have completed the registration process, a functional Cookie
will be used to avoid you having to register again. We believe functional
Cookies add value to the user experience. The retention period of Functional
Cookies varies from the duration of your visit to the Site up to two years,
depending on the purpose of the Cookie.
Performance
Cookies
We use performance Cookies to collect and/or
track information such as demographic information, domain names, computer type,
browser types, screen resolution, and other statistical data involving the use
of the Site. We use performance Cookies to help us understand who uses the Site
and to improve and market it, as well as our other services.
We also use
performance Cookies in connection with Site pages and email messages in certain
formats to, among other things, track the actions of Site users and email
recipients, to determine the success of marketing campaigns and to compile
statistics about Site usage and response rates. When used in email messages in
certain formats, performance Cookies tell us whether and when the email has
been opened.
We use Google
Analytics to collect and analyze information about Site use and to report on
activities and trends. Google Analytics may also collect information regarding
your use of other websites, apps and online resources.
The data we receive from Google Analytic Cookies is aggregated and anonymous,
it is not personal data. However, Google may process personal data about you to
provide us with aggregated data about our Site visitors. You can learn more about Google’s practices here, and opt out of
Google Analytics by downloading the Google Analytics opt-out
browser add-on.
When you
visit and interact with the Site, we collect Internet Protocol (IP) addresses.
Your IP address is a number that is automatically assigned to the computer that
you are using by your Internet Service Provider (ISP). This number is
identified and logged automatically in our server log files whenever you visit
the Site, along with the time(s) of your visit(s) and the page(s) that you
visited. We use IP addresses to understand how the Site is used by our users,
to improve the Site and to enhance user experience of the Site. We may also
derive your approximate location from your IP address.
The retention
period of performance Cookies varies from the duration of your visit to the
Site up to two years, depending on the purpose of the Cookie. For example, a
Cookie set for 24 hours to count you as a unique visitor to the Site on that
day, or a Cookie set for two years, to remember you as a returning visitor.
Targeting
Cookies
On certain
pages, we use third-party advertising companies to serve advertisements
regarding our products and services that may be of interest to you when you
access and use the Site, our apps and other websites or online services, based
on information relating to your access to and use of the Site and other
websites or online services on any of your devices. To do so, these advertising
companies place or recognize a unique Cookie on your browser, including using
pixel tags. Advertising Cookies store unique IDs that are associated with a
profile on our advertising partners’ servers. These profiles record your
browsing behavior and actions linked to your browsing information, such as
actions you take on the Site (links clicked, or buttons clicked), as well as
technical specifications about your device and your location (based on your IP
address). Google’s advertising Cookies may also link to your Google ID, if you
are logged into your account while on our Site, building a detailed profile
about you. The retention period of advertising Cookies varies typically from 30
days to 9 months, depending on the length of our specific advertising
campaigns.
We also may
use social media Cookies linking to ‘Like’ buttons and ‘Share’ buttons on
social media. We use advertising and social media Cookies to show you relevant,
not irrelevant, ads, and avoid you being repeatedly shown the same ad, and to
enable you to ‘Like’ or ‘Share’ our content on social media. Social media
Cookies collect your IP address and browser string and send this back to the
social media site that embedded the Cookie, enabling the social media site to
recognize that you have visited our Site. This applies irrespective of whether
you have an account with that social media site.
The retention
period of targeting Cookies varies from the duration of your visit to the Site
up to two years, depending on the purpose of the Cookie.
We share data
with following third parties:
(1) Website
infrastructure and service suppliers - We use third-party website
infrastructure and service suppliers to help us build and manage our Site. We
use third-party media agencies, ad exchanges and ad networks to manage our
Cookies. Cookie data is stored securely on these suppliers’ servers. Our
service providers have been carefully selected and commissioned by us, are
contractually bound by our instructions, and will not process your data for any
other purposes.
(2)
Verification - We may use third-party services to verify that you are a human
user. Any information collected as part of such verification is subject to the
privacy notice of the third-party service provider.
(3) Third-party cookies setters
– We use third parties for performance, functional, and, in some cases,
targeting cookies.
We do not
respond to browser do-not-track signals at this time.
Disclosure of Personal Data Collected
We may disclose Personal Data for the following
purposes:
Your Choices
We give you choices regarding our use and
disclosure of your Personal Data for marketing purposes.
We will comply with your request(s) as soon as
reasonably practicable, and in accordance with applicable law. Further, please note that requesting us not
to share your Personal Data with affiliates or unaffiliated third parties may
result in you no longer receiving any marketing emails from Moody’s. Please also note that if you choose not to
receive marketing-related messages from us, we may still send you important
administrative messages, and you cannot elect to stop receiving such
administrative messages, unless you choose to stop receiving services from us.
You
may also indicate your choices regarding marketing-related emails by contacting
us via postal mail or telephone using the information in the “Contact
Information for Moody’s” section below, or if you have a Site
profile/account, by changing your preferences on your Site profile/account at
any time.
How you can
access, change or suppress your Personal Data
If you would like to request to review,
correct, update, suppress, delete or otherwise limit our use of your Personal
Data that has been previously provided to us, or if you would like to request
to receive an electronic copy of your Personal Data for purposes of
transmitting it to another company (to the extent this right to data
portability is provided to you by applicable law), you may make a request by contacting
us using the information provided in the “Contact Information for Moody’s”
section below. We will respond to your request consistent
with applicable law. For your
protection, we may only implement requests with respect to the Personal Data
associated with the particular email address that you
use to send us your request, and we may need to verify your identity before
implementing your request. We
will try to comply with your request as soon as reasonably practicable and
consistent with applicable law. Please
note that we may need to retain certain information for recordkeeping purposes
and/or to complete any transactions that you began prior to requesting the
change or deletion.
Links
The
Site may contain links to other Internet web sites, including social
media sites and third-party hosted collaboration tools.
These linked sites are not under Moody’s control. We provide links only as a convenience, and
Moody’s does not endorse or control, and is not responsible for, the privacy
practices or the content of these linked sites.
If you provide any Personal Data through any third-party web site, or choose to communicate with us using third-party
collaboration tools or other social media platforms, your transaction will
occur on that third party's web site (not the Site) and the Personal Data you
provide will be collected by, and controlled by the privacy policy of, that
third party. We recommend that you
familiarize yourself with the privacy policies and practices of any such third
parties. PLEASE NOTE THAT THIS PRIVACY
POLICY DOES NOT ADDRESS THE PRIVACY OR INFORMATION PRACTICES OF ANY THIRD
PARTIES, INCLUDING, WITHOUT LIMITATION, AFFILIATED ENTITIES THAT DO NOT POST OR
LINK DIRECTLY TO THIS PRIVACY POLICY.
Security Measures
Moody's
has established appropriate organizational and technical measures, including
external third-party audits for particular products
and services, to protect Personal Data within our organization from loss,
misuse, or unauthorized access, disclosure, alteration or destruction. Moody’s
has processes and procedures for suspected privacy breaches to notify
regulators and affected individuals where required in accordance with
applicable law. Moody’s requires applicable vendors that process Personal Data
on its behalf to complete privacy and security assessments and be bound by
contractual terms.
Data Integrity
Moody’s
will use Personal Data only in ways that are compatible with the purposes for
which it was collected, authorized by this Privacy Policy, or authorized by
you. Moody’s will take reasonable steps
to ensure that Personal Data is relevant to its intended use, and is accurate,
complete, and current (as provided by you).
Moody’s depends on you to update or correct your Personal Data whenever
necessary.
Retention Period
We
will retain Personal Data about you for as long as needed or permitted in light of the purpose(s) for which it was obtained and
consistent with applicable law. The
criteria used to determine our retention periods include: (i)
the length of time we have an ongoing relationship with you; (ii) whether there
is a legal obligation to which we are subject; and (iii) whether retention is
advisable in light of our legal position (such as in
regard to applicable statutes of limitations, litigation or regulatory
investigations).
Cross Border Transfer of
Personal Data
Your Personal Data may be stored and processed
in any country where we have facilities or in which we engage service
providers. In certain circumstances, courts, law enforcement agencies,
regulatory agencies, or security authorities in those other countries may be
entitled to access your Personal Data.
If you are located in the European Economic Area (“EEA”) or the UK: Some of the non-EEA countries are recognized by the European Commission as providing an adequate level of data protection according to EEA standards. The full list of these countries is available on the EU Commission’s adequacy list online. For transfers from the UK and the EEA to countries not considered adequate by the European Commission, we have put in place adequate measures, such as standard contractual clauses adopted by the European Commission and the UK, to protect your Personal Data. You may obtain a copy of these measures by contacting us using the information provided in the “Contact Information for Moody’s” section below.
If you are located in other countries, we will also ensure that we have appropriate legal grounds to perform cross-border transfers of your Personal Data. Where required in certain jurisdictions, we comply with requirements on initial processing of Personal Data with the use of databases located in the country of collection of your Personal Data.
Use of this Site by Minors
This Site is not directed to
individuals under the age of eighteen (18), and we request that these
individuals do not provide Personal Data through this Site.
Sensitive
Personal Data Restriction
Unless we specifically request for information
to comply with applicable anti-money laundering laws and other applicable laws,
we ask that you not send
us, and you not disclose, any sensitive Personal Data (e.g., social security numbers, passport numbers, information
related to racial or ethnic origin, political opinions, religion or other
beliefs, health, biometrics or genetic characteristics, criminal background or trade union membership) on or through this Site or otherwise to us.
Contact Information for Moody’s
Questions
or concerns regarding Moody's data protection practices should be addressed to:
Legal
Department
Moody’s Corporation
7 World Trade Center at 250 Greenwich Street
New York, NY 10007
Phone: +1-212-553-1653 or 1-866-995-9659
E-mail: privacy@moodys.com
If you choose to contact Moody’s via e-mail about this Privacy Policy,
please mark the subject heading of your e-mail “Privacy Inquiry.”
In accordance with applicable laws, you may lodge
a complaint with the data protection authority for your country or region, or
where an alleged infringement of applicable data protection law occurs.
In those countries where we are required to
have appointed a data protection officer, you may contact the Data Protection
Officer by sending an e-mail to privacy@bvdinfo.com with the subject
heading “DPO Inquiry.”
Additional Information for California
If you are a resident of California, the
California Consumer Privacy Act (“CCPA”) (Civil Code §§ 1798.100 et seq. and
its regulation) provides you with specific rights regarding your Personal
Data. These include:
To exercise the rights described above, it
may be necessary for us to verify your identity or authority to make the
request and confirm the Personal Data relates to you. Only you, or a person
registered with the California Secretary of State that you authorize to act on
your behalf, may make a verifiable consumer request related to your Personal
Data. We will not discriminate against you for exercising any of your privacy
rights under CCPA or applicable law.
During the past twelve (12) months, we
collected the categories of Personal Data described above from California
residents. We also disclosed such Personal Data to third parties for the
purposes specified above during the past twelve (12) months.
Unless expressly stated in a privacy policy
or statement applicable to a specific Moody’s affiliate’s website, product or
service Moody’s does not use or disclose sensitive personal information for
purposes requiring notice by CCPA. Moody’s does not have actual knowledge that
it sells or shares the personal information of consumers under 16 years of age.
In
the last twelve (12) months, we sold products and services that include limited
Personal Data about residents of California who are executives, officers,
managers, investors, and individual shareholders of organizations. To the
extent the Personal Data is not excluded from the definition of personal
information under CCPA, such as due to being publicly available, California
residents have the right to opt-out of the sale of their Personal Data to third
parties. To exercise this right or any of the other rights described in this
section, contact us using the information provided in the “Contact Information
for Moody’s” section above.