Last Updated: July 10, 2023

AssurX, Inc. (“AssurX”) respects your privacy and is committed to maintaining the privacy and confidentiality of the personal information we collect on AssurX websites, applications, or other services (“site,” “sites,” “Services”). AssurX has created this Privacy Policy to inform users of the Services of AssurX’s privacy policies.

AssurX will process Customer Data (as such term is defined in AssurX customer agreements), which may include personal data, only to the extent and in such a manner as is necessary to provide the Services under the Agreement or as otherwise instructed by the customer from time to time.

Our personal information handling practices are described below, in any applicable privacy supplements, and notices at the point of data collection. We urge you to read this Privacy Policy to understand our commitment to you and your privacy and how you can participate in that commitment. If you have any questions about this Privacy Policy in general, please contact us at [email protected].

PRIVACY NOTICE – GDPR Statement: The European Union’s General Data Protection Regulation (GDPR) went into effect on May 25, 2018. GDPR regulates the collection and processing of the personal data of EU residents with an emphasis on data security and privacy. The GDPR applies to companies that operate in the EU and impacts companies operating outside of the EU if they have any EU customers or personal data of anyone in the EU.

AssurX has made information security and data privacy a priority. We are firmly committed to protecting the privacy of all visitors and users of the AssurX sites and to comply with the GDPR. AssurX intends this Privacy Policy to be concise, transparent, intelligible, easily accessible, and compliant with the GDPR. Any questions about the Privacy Policy as it relates to the GDPR should be sent to [email protected].

SCOPE AND YOUR CONSENT TO OUR USE OF YOUR INFORMATION

This Privacy Policy applies to Personal Information and other information collected by AssurX from or about: (i) visitors to, or users of, AssurX sites; and (ii) prospective and current customers using AssurX hosting and information technology services (“Services”). By providing your Personal Information to AssurX in the ways described in this Privacy Policy, you:

  1. agree that you are authorized to provide that information; and
  2. are accepting this Privacy Policy and any supplementary privacy statements and notices that may be relevant to you.

If you do not agree to our Privacy Policy and privacy practices, please do not register, subscribe, create an account, or otherwise interact with our Services, Websites, or applications.

1. WHAT INFORMATION DOES ASSURX COLLECT AND FOR WHAT PURPOSE IS IT USED?

When we refer to “Personal Information,” we mean any information that can identify you. Personal Information includes information that identifies a legal entity in some jurisdictions, such as a company name. We describe the Personal Information that we collect in more detail below.

We may also collect information, but that does not personally identify you. This information is collected (e.g., IP address and operating system) to improve our Services, analyze trends, and other marketing, research, or statistical purposes. We may disclose such data to third parties for these specific purposes.

WHEN WE COLLECT INFORMATION ABOUT YOU

  • Information you give AssurX or our service providers.
    You may provide Personal Information when you: (i) access AssurX sites, (ii) request, purchase, and use the Services, (iii) communicate with AssurX via phone calls, chat, e-mail, web forms, social media, and other methods of communication, (iv) subscribe to AssurX marketing material, (v) apply for a job, (vi) attend our events, or (vii) provide services to AssurX.
  • Information we collect about you and your device via Automated Means.
    Each time you visit an AssurX Website, view an AssurX advertisement on a third-party-owned website or read an AssurX marketing e-mail, we may automatically collect information about you via cookies, web beacons, and other similar technologies. You can find out more about this in our Cookies Notice available at https://www.assurx.com/privacy-policy/cookie-policy
    • E-mail communication. We use pixel tags and cookies in our marketing e-mails to track your interaction with those messages, such as when you open the e-mail or click a URL link embedded within them. When recipients click on one of those URLs, they pass through a separate web server before arriving at the destination page on an AssurX Website. We use tools like pixel tags and cookies to determine interest in particular topics and measure and improve the effectiveness of our communications.
    • Mobile. When you access one of our mobile-optimized Websites, we may receive information about your mobile device, including a unique identifier for your device.
  • Information we receive from other sources. We work closely with third parties (for example, advertising networks, analytics providers, search information providers) and may receive information about you from them.
    • Social Media Platforms. We may receive certain information stored or processed by third parties, such as the social media sites Facebook®, Twitter®, and LinkedIn® when interacting with us through these social media platforms. AssurX Websites may include social media features and widgets – such as the Facebook “Like” button and “share this” buttons. These features may collect your IP address and details of the pages you are visiting on AssurX Websites. Social media features and widgets are either hosted by a third party or AssurX Websites. Each social media platform has a privacy statement that specifically governs its use of social media features.
    • Public Forums, Blogs, and the Customer Reference Program. AssurX Websites may feature bulletin boards, blogs, or forums. Any Personal Information that you choose to submit via such a forum may be read, collected, or used by others who visit these forums and may be used to send you unsolicited messages.
    • Third-party vendors. To provide the Services and improve AssurX Websites, we may engage third-party vendors’ services to supply services to AssurX.

THE TYPES OF INFORMATION WE COLLECT

To access or use certain portions of the Sites, to enjoy the full functionality of the Sites, or to conduct or seek to conduct business with us, you may be prompted to provide certain information in the following ways:

  • Contact Information includes your name, company name, job title, telephone numbers, fax numbers, postal addresses, e-mail addresses, or other addresses at which you receive communications from or on behalf of AssurX (“Contact Information”). When you express an interest in obtaining additional information about the Services or signing up to use the Services, AssurX requires that you provide contact information (“Required Contact Information”).
  • Transactional information includes information about the Services you use and how you interact with the Services and us (i.e., e-mail or phone).
  • Billing Information includes financial qualification and billing information, such as billing name and address.
  • Optional information includes your company’s annual revenues, number of employees, industry, or similar information that helps us tailor our Services to you. Please note that Optional Information is information that you do not have to provide unless otherwise agreed to between your organization and AssurX.
  • Information Collected by Automated Means includes information that we collect through commonly-used information-gathering tools, such as cookies and web beacons. Such information includes standard information from your web browser, such as:
    • browser type and browser language;
    • your Internet Protocol (“IP”) address;
    • your activities on AssurX Websites (such as the web pages viewed and the links clicked, number of visits, access time, device ID or other unique identifiers, domain name, screen views, language information, device name and model, and operating system type);
    • the URL of the site from which you came and the site to which you are going when you leave AssurX Websites;
    • your computer operating system or mobile device operating system

For more detailed information on our use of cookies, please see our Cookie Policy.

Information Collected by Automated Means also includes information that we may collect about: your use of certain Service features; the functionality of the Services; when you click on ads; your participation in research initiatives like surveys about our Services.

  • Sensitive Information: AssurX will not intentionally collect or maintain, and do not want you to provide, any information regarding your medical or health condition, race or ethnic origin, political opinions, religious or philosophical beliefs, or other sensitive information.

HOW WE USE YOUR INFORMATION

Unless otherwise stated herein, we use your information for providing you the Services that you have requested from us, as referred below:

  • To contact you. We use your Contact Information to get in touch with you. Here are some examples of reasons why we might contact you to: communicate with you about your orders or the Services you use; conduct surveys; send you announcements about the Services; notify you about our upcoming events; administer surveys, sweepstakes, contests, or other promotional activities or events sponsored by our business partners or us.
  • For marketing purposes. We use your Contact Information to recommend products and services that might be of interest to you, to send you marketing and advertising messages such as newsletters, announcements, or special offers, or notify you about our upcoming events. To provide you with marketing communications is not essential for the maintenance or existence of the legal relationship we may have with you at a certain point; thus, you may opt-out from receiving such communications as described in section 3 below. Your decision to opt-out from our marketing communications will not affect your ability to continue receiving the Services from AssurX.
  • To provide Services to you. AssurX needs Required Contact Information, Transactional Information, and Billing Information to: process orders and payments for our Services; provide the Services to you; provide access to secure areas of AssurX Websites; create and maintain your account and control access to it.
  • To measure interest in AssurX Websites and advertisements. We need information Collected via Automated Means to: measure interest in our websites and advertisements; develop our web pages and marketing plans; customize and improve the content you view when you visit AssurX Websites; suggest products and services that you may be interested in purchasing; personalize the online ads we present to you based on your prior web visits or ads viewed; and enable us to review, develop and continually improve the Services and offers we provide. Collecting this information is not essential for the maintenance or existence of the legal relationship we may have with you at a certain point. If you wish to opt-out of interest-based advertising or other forms of “tracking,” please refer to our Cookie Policy.
  • To enable third parties to provide services to us. We may need to provide your Required Contact Information to third parties so that they may carry out technical, logistical, or other functions on our behalf. Please see more section 2 below. We also engage third-parties to provide us with reports about the usage and browsing patterns of AssurX Websites. Such third parties track and analyze such information concerning visitors to AssurX Websites. Please see our Cookie Policy for additional details.
  • We may also use your Personal Information in other ways as described in our terms of service or other agreements between AssurX and your company. Any Personal Information you provide when you sign up for the Services may be used by us as we describe in the applicable terms of service or agreements between us and as described in this Privacy Policy. The information that our service providers or we have collected from or about you (for example, through AssurX Websites or AssurX e-mail communications with you) may be combined with or enhanced by other information about you that we have obtained from you or other sources, including from our service providers.
  • To protect our business. We use the information we collect from the AssurX Websites and the Services users to identify and protect against and investigate fraud, risk exposure, claims, and other liabilities.
  • To manage everyday business needs. We use the information to administer and manage our business; train our employees; help promote compliance with our terms of service or any other agreements between us; allow you to apply for a job; carry out research and development; carry out other purposes that are disclosed to you and to which you consent, or to comply with the law.
  • Information you submit through online chat, e-mail, and web form is archived and may be tied to information that we collect about your web visits. Your telephone call or a web conference may be recorded for training and quality purposes. We may enter the information you provide via telephone, or other means of communication, into our systems and use it for the purposes described in this section.

2. DISCLOSURE OF PERSONAL INFORMATION

Except for the limited circumstances described in this Privacy Policy or your applicable agreement/terms of service, the Personal Information we gather is only for internal use. We do not authorize the use or release of your information to anyone outside of AssurX without your consent to such disclosure. We may share your Personal Information as required by law and as described below.

Please note that the parties to whom we send your Personal Information may be located in another country. Some of the countries in which these parties are located may not have the same or substantially similar privacy laws as those applicable to your jurisdiction. We will only be transferred to other third parties as permitted by applicable law in a country where AssurX operates and described in this section.

  • Disclosure to our Service Providers. We may disclose, to the extent necessary for the provision of Services, Personal Information to third-party service providers. Please be aware that our third-party service providers may be located in a different country than you, so your Personal Information may be transferred outside your country.

We require that our third-party service providers agree to keep confidential all information we share with them and use the information only to perform their obligations in the agreements we have in place. These third-party service providers are expected to maintain privacy and security protections consistent with AssurX’s privacy and information security policies.

While we provide these third parties with no more information than is necessary to perform the function for which we engaged them, any information you provide to these third parties independently is subject to their respective privacy policies and practices.

  • Disclosure to Others. Should you breach any of our terms and conditions (for example, our terms of service or the AssurX Website term) or if we are under a duty to disclose or share your Personal Information to comply with any legal or compliance obligation. We may disclose your information to any relevant authority. We may need to release the information we collect to third parties when we believe it is appropriate to comply with the law, enforce our legal rights, protect the rights, safety, or property of our business and others, or assist with industry efforts to control fraud, spam or other undesirable conduct and as needed to support auditing, compliance, and corporate governance functions.

Additionally, we will provide information to a third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer, or other disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceedings). This information would be transferred under due diligence and appropriate controls.

  • Disclosure when we have your consent. We may also disclose your Personal Information and other information for any other purpose disclosed by us when you provide the information, as otherwise required or permitted by law, and with your consent. Any such purposes may involve the transfer of your Personal Information across country borders.

We may disclose information that does not identify any individual (e.g., anonymous, aggregated data) without restriction. For example, we may provide our advertisers or other third parties with reports that contain aggregated and statistical data about our users.

3. MANAGING PERSONAL INFORMATION

  • Access, Opt-Out, and Correction.
    • Access to Personal Information. We will supply Personal Information about you. We hold in our files within reasonable timeframes stipulated by executed Agreement, by law, or based on geographical location so long as it is required. Please note that some requests may be subject to a reasonable fee.
    • Correction or Deletion of Personal Information. If you would like to correct, delete inaccuracies, or update the information we hold about you, or revoke the consent previously granted, please follow these instructions:
    • Opt-Out. If you wish to stop receiving marketing communications about product and support information, promotions, events, webinars, etc., please send an e-mail to [email protected].
    • Deleting your information (applicable based on executed agreements and based on geographical locations): If you would like us to delete/archive your Personal Information, please contact us by using the details below. We will respond within a reasonable time. Please note that we may be required to retain certain information by law or for legitimate business purposes.
    • Client data access requests. Clients of our customers must contact our customer directly with any data subject access requests.
    • Choosing not to provide us with certain information. You can choose not to provide certain information when using AssurX Websites or Services, but this may prevent you from taking full advantage of the functions available online. It may prevent us from providing you with Services.

4. SECURITY OF YOUR INFORMATION

  • We are committed to industry best practices in preventing loss, misuse, alteration, unauthorized access, or unlawful or unnecessary processing of the information we collect as described in Section 1 of this Privacy Policy. For example, we:
    • make use of encryption technology as appropriate;
    • use appropriate network access control technology to limit access to the systems on which AssurX Collected Information is stored; and
    • monitor for possible vulnerabilities and attacks

AssurX aims to safeguard and protect your personal data from unauthorized access, improper use or disclosure, unauthorized modification or unlawful destruction, or accidental loss. We utilize and maintain specific rational processes, systems, and technologies to do so.

Although AssurX implements reasonable technical and security controls, we cannot guarantee that the technical, physical, and organizational measures we take will prevent every security threat or breach. Accordingly, we cannot be held responsible for unauthorized or unintended access that is beyond our control.

5. DATA INTEGRITY and RIGHT TO ACCESS YOUR PERSONAL INFORMATION

Personal information we collect is relevant for the purposes for which it is to be used. AssurX takes reasonable steps to ensure that data is reliable for its intended use, accurate, complete, and current.

We will retain/archive your information for as long as needed to provide you Services or as long as needed to fulfill the purpose for which Personal Information was initially collected.

As noted in section 3 above, you have the rights to access, correct, and request the deletion of your Personal Information as applicable in executed agreements or legally, or based on geographical locations. You are also entitled to oppose certain data processing practices or revoke the consent previously granted, to the extent permitted by an executed Agreement, applicable law, or based on your geographic location.

Please note that some requests may be subject to a reasonable fee, and all requests will be addressed as legally required.

If you wish to cancel your customer account or request that we no longer provide you the Services, please e-mail [email protected]. In response, we will cancel or remove your information but retain information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

6. CHILDREN

Our Websites and Services are not designed for or directed at individuals under the age of thirteen (13) or minors otherwise defined in local law or regulation. We will not intentionally collect or maintain information about these individuals. If you believe that we may have collected Personal Information from someone under the age of 13 or a minor as may be otherwise defined in your country, please let us know using the methods described in the “Inquiries and Complaints” section of this Privacy Policy. We will then take appropriate measures to investigate and, if appropriate, delete that information.

7. VERIFICATION

AssurX utilizes a self-assessment approach or outside compliance, review to assure its compliance with this Privacy Policy and periodically verifies that the Privacy Policy is accurate, comprehensive, prominently displayed, completely implemented, and in conformity with applicable laws and regulations. AssurX conducts its self-assessment periodically to ensure that all relevant privacy practices are being followed. Appropriate employee training is in place, and internal procedures for periodically conducting objective reviews of compliance are in place.

8. CUSTOMER DATA – PERSONAL INFORMATION OF OUR CUSTOMERS’ CLIENTS

If you believe you have provided data to somebody who hosts your Personal Information with us, then this applies to you:

Our customers use the service to host, transmit, or process data on our hosted systems, which may include your Personal Information. In these situations, our customers, rather than AssurX, decide the reasons for which the Customer Data is collected and processed. Nothing contained in this Privacy Policy shall be construed to alter specific terms and conditions applicable to the Services.

Our customers are responsible for maintaining their accounts’ security and confidentiality and access to the hosted systems and securing any Personal Information they store on or transmit to/from our hosted system.

If you are a client of one of our customers and would no longer like to be contacted by one of our customers that use our service, please contact the customer that you interact with directly.

9. PRIVACY PRACTICES OF THIRD PARTIES

This Privacy Policy only addresses the use and disclosure of Personal Information collected by AssurX offline or via AssurX Websites and Services. In our interactions with you, we may provide you with links to third-party websites for your convenience and information. Those sites’ privacy practices may differ from our practices and are not controlled by us nor covered by this Privacy Policy.

10. INQUIRIES AND COMPLAINTS

If you have a question or complaint about this Privacy Policy, please contact us at [email protected] or write us by regular mail addressed to AssurX, Inc., Privacy Officer, 18525 Sutter Boulevard, Suite 150, Morgan Hill, CA 95037.

To enforce this Privacy Policy, such as a cancellation, customers should contact [email protected], and prospective customers and residents in the EU should e-mail [email protected].

For additional questions regarding your personal information under the General Data Protection Regulation (GDPR) in the EU, contact [email protected]. You have the right to contact your Supervisory Authority (as defined in the GDPR) for any disputes relating to access requests.

Please note that we may request proof of identity for all inquiries and complaints to AssurX, and we reserve the right to charge a fee where permitted by law. We will endeavor to respond to your request within all applicable timeframes.

11. CHANGES

Our business changes constantly, and our Privacy Policy may also change from time to time. The “Last Updated” section at the top of this page stated when this Privacy Policy was last revised. Any changes to the Privacy Policy will replace and supersede the prior version and will be effective immediately. We will not notify you of any changes. You should check the AssurX Websites frequently to see recent changes.