Last Updated: December 28, 2020
AssurX will process Customer Data (as such term is defined in AssurX customer agreements), which may include personal data, only to the extent and in such a manner as is necessary to provide the Services under the Agreement or as otherwise instructed by the customer from time to time.
PRIVACY NOTICE – GDPR Statement: The European Union’s General Data Protection Regulation (GDPR) went into effect on May 25, 2018. GDPR regulates the collection and processing of the personal data of EU residents with an emphasis on data security and privacy. The GDPR applies to companies that operate in the EU and impacts companies operating outside of the EU if they have any EU customers or personal data of anyone in the EU.
SCOPE AND YOUR CONSENT TO OUR USE OF YOUR INFORMATION
- agree that you are authorized to provide that information; and
1. WHAT INFORMATION DOES ASSURX COLLECT AND FOR WHAT PURPOSE IS IT USED?
When we refer to “Personal Information,” we mean any information that can identify you. Personal Information includes information that identifies a legal entity in some jurisdictions, such as a company name. We describe the Personal Information that we collect in more detail below.
We may also collect information, but that does not personally identify you. This information is collected (e.g., IP address and operating system) to improve our Services, analyze trends, and other marketing, research, or statistical purposes. We may disclose such data to third parties for these specific purposes.
WHEN WE COLLECT INFORMATION ABOUT YOU
- Information you give AssurX or our service providers.
You may provide Personal Information when you: (i) access AssurX sites, (ii) request, purchase, and use the Services, (iii) communicate with AssurX via phone calls, chat, e-mail, web forms, social media, and other methods of communication, (iv) subscribe to AssurX marketing material, (v) apply for a job, (vi) attend our events, or (vii) provide services to AssurX.
- Information we collect about you and your device via Automated Means.
Each time you visit an AssurX Website, view an AssurX advertisement on a third-party-owned website or read an AssurX marketing e-mail, we may automatically collect information about you via cookies, web beacons, and other similar technologies. You can find out more about this in our Cookies Notice available at https://www.assurx.com/privacy-policy/cookie-policy
- E-mail communication. We use pixel tags and cookies in our marketing e-mails to track your interaction with those messages, such as when you open the e-mail or click a URL link embedded within them. When recipients click on one of those URLs, they pass through a separate web server before arriving at the destination page on an AssurX Website. We use tools like pixel tags and cookies to determine interest in particular topics and measure and improve the effectiveness of our communications.
- Mobile. When you access one of our mobile-optimized Websites, we may receive information about your mobile device, including a unique identifier for your device.
- Information we receive from other sources. We work closely with third parties (for example, advertising networks, analytics providers, search information providers) and may receive information about you from them.
- Social Media Platforms. We may receive certain information stored or processed by third parties, such as the social media sites Facebook®, Twitter®, and LinkedIn® when interacting with us through these social media platforms. AssurX Websites may include social media features and widgets – such as the Facebook “Like” button and “share this” buttons. These features may collect your IP address and details of the pages you are visiting on AssurX Websites. Social media features and widgets are either hosted by a third party or AssurX Websites. Each social media platform has a privacy statement that specifically governs its use of social media features.
- Public Forums, Blogs, and the Customer Reference Program. AssurX Websites may feature bulletin boards, blogs, or forums. Any Personal Information that you choose to submit via such a forum may be read, collected, or used by others who visit these forums and may be used to send you unsolicited messages.
- Third-party vendors. To provide the Services and improve AssurX Websites, we may engage third-party vendors’ services to supply services to AssurX.
THE TYPES OF INFORMATION WE COLLECT
To access or use certain portions of the Sites, to enjoy the full functionality of the Sites, or to conduct or seek to conduct business with us, you may be prompted to provide certain information in the following ways:
- Contact Information includes your name, company name, job title, telephone numbers, fax numbers, postal addresses, e-mail addresses, or other addresses at which you receive communications from or on behalf of AssurX (“Contact Information”). When you express an interest in obtaining additional information about the Services or signing up to use the Services, AssurX requires that you provide contact information (“Required Contact Information”).
- Transactional information includes information about the Services you use and how you interact with the Services and us (i.e., e-mail or phone).
- Billing Information includes financial qualification and billing information, such as billing name and address.
- Optional information includes your company’s annual revenues, number of employees, industry, or similar information that helps us tailor our Services to you. Please note that Optional Information is information that you do not have to provide unless otherwise agreed to between your organization and AssurX.
- Information Collected by Automated Means includes information that we collect through commonly-used information-gathering tools, such as cookies and web beacons. Such information includes standard information from your web browser, such as:
- browser type and browser language;
- your Internet Protocol (“IP”) address;
- your activities on AssurX Websites (such as the web pages viewed and the links clicked, number of visits, access time, device ID or other unique identifiers, domain name, screen views, language information, device name and model, and operating system type);
- the URL of the site from which you came and the site to which you are going when you leave AssurX Websites;
- your computer operating system or mobile device operating system
Information Collected by Automated Means also includes information that we may collect about: your use of certain Service features; the functionality of the Services; when you click on ads; your participation in research initiatives like surveys about our Services.
- Sensitive Information: AssurX will not intentionally collect or maintain, and do not want you to provide, any information regarding your medical or health condition, race or ethnic origin, political opinions, religious or philosophical beliefs, or other sensitive information.
HOW WE USE YOUR INFORMATION
Unless otherwise stated herein, we use your information for providing you the Services that you have requested from us, as referred below:
- To contact you. We use your Contact Information to get in touch with you. Here are some examples of reasons why we might contact you to: communicate with you about your orders or the Services you use; conduct surveys; send you announcements about the Services; notify you about our upcoming events; administer surveys, sweepstakes, contests, or other promotional activities or events sponsored by our business partners or us.
- For marketing purposes. We use your Contact Information to recommend products and services that might be of interest to you, to send you marketing and advertising messages such as newsletters, announcements, or special offers, or notify you about our upcoming events. To provide you with marketing communications is not essential for the maintenance or existence of the legal relationship we may have with you at a certain point; thus, you may opt-out from receiving such communications as described in section 3 below. Your decision to opt-out from our marketing communications will not affect your ability to continue receiving the Services from AssurX.
- To provide Services to you. AssurX needs Required Contact Information, Transactional Information, and Billing Information to: process orders and payments for our Services; provide the Services to you; provide access to secure areas of AssurX Websites; create and maintain your account and control access to it.
- To protect our business. We use the information we collect from the AssurX Websites and the Services users to identify and protect against and investigate fraud, risk exposure, claims, and other liabilities.
- To manage everyday business needs. We use the information to administer and manage our business; train our employees; help promote compliance with our terms of service or any other agreements between us; allow you to apply for a job; carry out research and development; carry out other purposes that are disclosed to you and to which you consent, or to comply with the law.
- Information you submit through online chat, e-mail, and web form is archived and may be tied to information that we collect about your web visits. Your telephone call or a web conference may be recorded for training and quality purposes. We may enter the information you provide via telephone, or other means of communication, into our systems and use it for the purposes described in this section.
2. DISCLOSURE OF PERSONAL INFORMATION
Please note that the parties to whom we send your Personal Information may be located in another country. Some of the countries in which these parties are located may not have the same or substantially similar privacy laws as those applicable to your jurisdiction. We will only be transferred to other third parties as permitted by applicable law in a country where AssurX operates and described in this section.
- Disclosure to our Service Providers. We may disclose, to the extent necessary for the provision of Services, Personal Information to third-party service providers. Please be aware that our third-party service providers may be located in a different country than you, so your Personal Information may be transferred outside your country.
We require that our third-party service providers agree to keep confidential all information we share with them and use the information only to perform their obligations in the agreements we have in place. These third-party service providers are expected to maintain privacy and security protections consistent with AssurX’s privacy and information security policies.
While we provide these third parties with no more information than is necessary to perform the function for which we engaged them, any information you provide to these third parties independently is subject to their respective privacy policies and practices.
- Disclosure to Others. Should you breach any of our terms and conditions (for example, our terms of service or the AssurX Website term) or if we are under a duty to disclose or share your Personal Information to comply with any legal or compliance obligation. We may disclose your information to any relevant authority. We may need to release the information we collect to third parties when we believe it is appropriate to comply with the law, enforce our legal rights, protect the rights, safety, or property of our business and others, or assist with industry efforts to control fraud, spam or other undesirable conduct and as needed to support auditing, compliance, and corporate governance functions.
Additionally, we will provide information to a third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer, or other disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceedings). This information would be transferred under due diligence and appropriate controls.
- Disclosure when we have your consent. We may also disclose your Personal Information and other information for any other purpose disclosed by us when you provide the information, as otherwise required or permitted by law, and with your consent. Any such purposes may involve the transfer of your Personal Information across country borders.
We may disclose information that does not identify any individual (e.g., anonymous, aggregated data) without restriction. For example, we may provide our advertisers or other third parties with reports that contain aggregated and statistical data about our users.
3. MANAGING PERSONAL INFORMATION
- Access, Opt-Out, and Correction.
- Access to Personal Information. We will supply Personal Information about you. We hold in our files within reasonable timeframes stipulated by executed Agreement, by law, or based on geographical location so long as it is required. Please note that some requests may be subject to a reasonable fee.
- Correction or Deletion of Personal Information. If you would like to correct, delete inaccuracies, or update the information we hold about you, or revoke the consent previously granted, please follow these instructions:
- If you’re an existing customer, please contact [email protected].
- If you’re an AssurX Websites visitor or a prospective customer, please e-mail [email protected].
- Opt-Out. If you wish to stop receiving marketing communications about product and support information, promotions, events, webinars, etc., please send an e-mail to [email protected].
- Deleting your information (applicable based on executed agreements and based on geographical locations): If you would like us to delete/archive your Personal Information, please contact us by using the details below. We will respond within a reasonable time. Please note that we may be required to retain certain information by law or for legitimate business purposes.
- Client data access requests. Clients of our customers must contact our customer directly with any data subject access requests.
- Choosing not to provide us with certain information. You can choose not to provide certain information when using AssurX Websites or Services, but this may prevent you from taking full advantage of the functions available online. It may prevent us from providing you with Services.
4. SECURITY OF YOUR INFORMATION
- make use of encryption technology as appropriate;
- use appropriate network access control technology to limit access to the systems on which AssurX Collected Information is stored; and
- monitor for possible vulnerabilities and attacks
AssurX aims to safeguard and protect your personal data from unauthorized access, improper use or disclosure, unauthorized modification or unlawful destruction, or accidental loss. We utilize and maintain specific rational processes, systems, and technologies to do so.
Although AssurX implements reasonable technical and security controls, we cannot guarantee that the technical, physical, and organizational measures we take will prevent every security threat or breach. Accordingly, we cannot be held responsible for unauthorized or unintended access that is beyond our control.
5. DATA INTEGRITY and RIGHT TO ACCESS YOUR PERSONAL INFORMATION
Personal information we collect is relevant for the purposes for which it is to be used. AssurX takes reasonable steps to ensure that data is reliable for its intended use, accurate, complete, and current.
We will retain/archive your information for as long as needed to provide you Services or as long as needed to fulfill the purpose for which Personal Information was initially collected.
As noted in section 3 above, you have the rights to access, correct, and request the deletion of your Personal Information as applicable in executed agreements or legally, or based on geographical locations. You are also entitled to oppose certain data processing practices or revoke the consent previously granted, to the extent permitted by an executed Agreement, applicable law, or based on your geographic location.
Please note that some requests may be subject to a reasonable fee, and all requests will be addressed as legally required.
If you wish to cancel your customer account or request that we no longer provide you the Services, please e-mail [email protected]. In response, we will cancel or remove your information but retain information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
8. CUSTOMER DATA – PERSONAL INFORMATION OF OUR CUSTOMERS’ CLIENTS
If you believe you have provided data to somebody who hosts your Personal Information with us, then this applies to you:
Our customers are responsible for maintaining their accounts’ security and confidentiality and access to the hosted systems and securing any Personal Information they store on or transmit to/from our hosted system.
If you are a client of one of our customers and would no longer like to be contacted by one of our customers that use our service, please contact the customer that you interact with directly.
9. PRIVACY PRACTICES OF THIRD PARTIES
10. INQUIRIES AND COMPLAINTS
For additional questions regarding your personal information under the General Data Protection Regulation (GDPR) in the EU, contact [email protected]. You have the right to contact your Supervisory Authority (as defined in the GDPR) for any disputes relating to access requests.
Please note that we may request proof of identity for all inquiries and complaints to AssurX, and we reserve the right to charge a fee where permitted by law. We will endeavor to respond to your request within all applicable timeframes.