ITASCA Privacy Policy
Last update: June, 2025
The website https://www.itascasoftware.com/ (hereinafter the “Website”) is the software website of the company ITASCA Consulting Group Inc., (hereinafter “ITASCA” or “us”), presenting in particular its business activities.
While you are accessing, browsing, navigating and/or using the Website, you communicate your personal data to ITASCA.
These personal data are protected by law. As a result, ITASCA, as data controller, has implemented appropriate security measures in order to protect your personal data.
Please read this privacy policy carefully as it explains how ITASCA uses your personal data and how to exercise your rights in this regard. This privacy policy supplements the Terms of Use (TOU) of the Website as well as any documents or notices that may refer to this privacy policy.
Should you have any questions, you may directly contact ITASCA by sending an email to: privacy@oneitasca.com.
1. WHAT KIND OF PERSONAL DATA ARE PROCESSED BY ITASCA?
All personal data provided by you through the Website or when you communicate with ITASCA are processed by ITASCA, namely:
| Type of data | Examples of data |
| Identification data | First name, last name, IP address |
| Contact details | Email address |
| Data related to communication with ITASCA as part of your contact requests (“Contact us” section) | Date, subject and content of messages exchanged with the services of ITASCA |
| Data related to your application | Resume, cover letter, current professional situation, level of education, professional experiences, any other information shared as part of your application |
Also, the Website automatically collects the following data via cookies and other trackers:
| Type of data | Examples of data | Purposes |
| Internet or other electronic network activity information | Date and time of login, IP address, device, browser, operating system, system setting data, accessed pages and files | These data are necessary for the proper functioning of the Website, as well as internal business analytics purposes such as audience measurement. For more information on cookies and other trackers, please see the Cookie Policy of the Website. |
2. FOR WHAT PURPOSES DOES ITASCA USE YOUR PERSONAL DATA?
ITASCA only processes your personal data for the following purposes:
| Purposes | Examples of use of your personal data | Legal bases |
| Managing your contact request | to answer your contact request to revert, as the case may be | Legitimate interest of ITASCA to inform its clients about its activities |
| Managing your job application | to examine your job application to organize an interview if your job application is successful | To take steps prior to entering into a contract |
| Improving the Website, as well as your user experience on the Website | to evaluate and improve the Website to facilitate your navigation of the Website to take steps designed to protect the security of the Website | Legitimate interest of ITASCA to improve the Website, as well as your user experience on the Website |
| Newsletters | to send the ITASCA’S news by email | Consent or Legitimate interest of ITASCA to send a newsletter |
| Pre-litigation or litigation management | to take action against any identified breach to manage any dispute or litigation | Legitimate interest of ITASCA in defending its rights and interests |
| Compliance with legal and regulatory obligations | to comply with legal and regulatory obligations to process your requests to exercise your rights | Legal and regulatory obligations to which ITASCA is subject |
3. WHO CAN ACCESS YOUR PERSONAL DATA?
Your personal data may be transmitted to the following recipients when you access, browse, navigate and/or use the Website and the services it provides:
| Recipients | Purposes |
| ITASCA, its duly authorized employees and its subsidiaries | For administrative, operational and commercial management of the Website |
| ITASCA’S subcontractors (hosting provider, IT service providers, etc.) | Exclusively for technical or logistical purposes as part of the administrative, operational and commercial management of the Website |
| Administrative or judiciary authorities | Exclusively in the case of an express and justified request or in case of an alleged violation of legal or regulatory provisions |
| Lawyers and all interested parties | Exclusively in the case of the management of possible disputes and other legal matters where appropriate |
| Other third parties | Following or during a restructuring, reconstitution, acquisition, debt financing, merger, sale of ITASCA’S assets or a similar transaction, as well as in case of insolvency, bankruptcy or receivership where personal data are transferred to one or more third parties as ITASCA’S assets |
4. HOW DOES ITASCA PROTECT YOUR PERSONAL DATA?
ITASCA has implemented technical and organizational measures to protect your personal data, in particular against possible breaches likely to cause, either by accident or unlawfully, the destruction, loss, alteration, unauthorized access or disclosure of your personal data. These measures will guarantee a level of security adapted to the personal data and will take into account the state of art, the costs of implementation in relation to the risks and the nature of the personal data to be protected.
ITASCA guarantees that all members of its personnel and any other person processing your personal data will respect the internal rules and procedures related to the protection of personal data, including the technical and organizational security measures put in place to protect your personal data. In this context, ITASCA reviews and updates its practices regularly to enhance your privacy and ensure that its internal policies are followed.
If you have identified a vulnerability or would like to report a security incident, you may send an email to privacy@oneitasca.com.
5. FOR HOW LONG ARE YOUR PERSONAL DATA STORED?
As a general rule, your personal data will only be retained for the period necessary for the accomplishment of the purposes for which said data were collected, or as necessary to fulfill legal or regulatory obligations.
In the absence of applicable exceptions:
- the data collected via the contact form on the Website will be kept until the complete processing of your request;
- your internet or other electronic network activity information will be kept for thirteen (13) months.
Otherwise, your data will be kept during:
- three (3) years for data relating to a prospect from their collection or the last contact from the prospect;
- five (5) years for the data kept for evidentiary purposes;
- ten (10) years from the end of the fiscal year concerned for data collected for accounting purposes as well as for data collected as part of commercial communication.
6. WHAT ARE YOUR RIGHTS REGARDING YOUR PERSONAL DATA?
In accordance with the regulations on direct marketing, you have the following rights regarding your personal data:
- You can request the access to your personal data in order to obtain clear, transparent and understandable information on how ITASCA processes your personal data and, on your rights, (as provided in this policy), as well as a copy of your personal data.
- You can request the rectification of your personal data in order to obtain the modification of your personal data if they are obsolete, inaccurate or incomplete.
- You can object to the processing of your personal data when the processing is based on ITASCA’S legitimate interest. ITASCA will no longer process your personal data unless ITASCA demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms, such as the respect of a legal obligation (e.g. legal obligation involving the retention of documents), or for the establishment, exercise or defense of legal claims.
- You can request the restriction of the processing during a limited period of time, in particular in order to carry out some verifications, where one of the following applies:
- you contest the accuracy of your personal data, the processing of which is thus restricted for the period necessary for ITASCA to verify the accuracy of such personal data;
- the processing is unlawful and, rather than requesting their deletion, you prefer to restrict their use;
- ITASCA no longer needs your personal data for the purposes of the processing, but you need them for the establishment, exercise or defense of legal claims;
- you have objected to the processing, which is thus restricted pending the verification of whether the compelling legitimate grounds of ITASCA may override your interests, rights and freedoms.
- You can withdraw your consent when it has been obtained, without this withdrawal affecting the lawfulness of the processing operations previously carried out.
- You can ask to receive your personal data in a structured, commonly used and machine-readable format and also can request their transmission to another controller where technically feasible. This right is not exercised in all circumstances, it applies only if it fulfils all the following conditions:
- your request is only related to your personal data (excluding anonymous or third-party data);
- your request does not adversely affect the rights or freedoms of others, in particular those of ITASCA (including trade secrets or intellectual property rights);
- the processing is carried out by automated means (paper files are therefore not included);
- the processing is based on consent or the performance of a contract (to check if it is the case, you can go to article 2 of this policy).
- You can request the deletion of your personal data (or right to be forgotten), where one of the following legal grounds applies:
- you object to the processing of your personal data and there are no overriding legitimate reasons justifying to maintain the processing of your personal data (such as an obligation for ITASCA to keep certain personal data);
- you object to direct marketing activities;
- you decide to withdraw your consent on which the processing is based;
- your personal data are no longer useful for the original purposes for which they were collected or for any other type of processing;
- the use that is made of your data does not comply with the applicable legal or regulatory provisions.
- You can define either general or specific guidelines regarding your personal data in the event of your death (for example, their deletion or transmission to any person of your choice). You may revoke your instructions at any time.
It is specified that the exercise of these rights is based on the legal basis of the processing, as follows:
| Access | Rectification | Erasure | Restriction | Data portability | Objection | |
| Consent | Yes | Yes | Yes | Yes | Yes | Withdrawal of consent |
| Steps prior to entering into a contract | Yes | No | No | |||
| Contract | Yes | Yes | No | |||
| Legitimate interest | Yes | No | Yes | |||
| Legal obligation | No | No | No |
Under certain circumstances, ITASCA may ask you for specific information in order to confirm your identity and ensure the exercise of your rights. This is another appropriate security measure to ensure that personal data is not disclosed to an individual who does not have the right to receive it.
If you have any questions or wish to exercise your rights, you may directly contact ITASCA by sending an email to: privacy@oneitasca.com or by mail to ITASCA for the attention of ITASCA Consulting Group Inc., at the following address: 111 3rd Avenue S., Suite 450, Minneapolis, MN 55401, USA
If needed, you may also lodge a complaint with your national data protection authority via its website or by mail: Federal Trade Commission – 600 Pennsylvania Avenue, NW – Washington, DC 20580.
This right may be exercised at any time and free of charge, at the exclusion of potential postal fees or expenses related to legal representation or assistance should you choose to engage third party assistance for the procedure.
7. TRANSFERS OF DATA OUTSIDE THE EUROPEAN UNION
Itasca, as a member of the ITASCA INTERNATIONAL Inc. group, may transfer some of your data to entities outside the European Union, including the United States. In any case, ITASCA undertakes to transfer your data to entities with sufficient guarantees as to the protection of personal data through the implementation of binding corporate rules (BCR) or standard contractual clauses (SCC) approved by the European Commission. You can consult these documents by sending your request to privacy@oneitasca.com
8. CHANGES TO THIS POLICY
This privacy policy is dated accurately and may be amended and updated by ITASCA at any time, in particular to reflect the changes in the services provided by the Website or applicable regulation. Therefore, we recommend you reviewing this privacy policy each time you visit the Website.