AssurX will process Customer Data (as such term is defined in AssurX customer agreements), which may include personal data, only to the extent and in such a manner as is necessary to provide the Services under the Agreement or as otherwise instructed by Customer from time to time.
PRIVACY NOTICE – GDPR Statement: The European Union’s General Data Protection Regulation (GDPR) went into effect on May 25, 2018. GDPR regulates the collection and processing of the personal data of EU residents with an emphasis on data security and privacy. The GDPR applies to companies that operate in the EU, but also impacts companies operating outside of the EU if they have any EU customers or personal data of anyone in the EU.
SCOPE AND YOUR CONSENT TO OUR USE OF YOUR INFORMATION
agree that you are authorized to provide that information; and
(1) WHAT INFORMATION DOES ASSURX COLLECT AND FOR WHAT PURPOSE IS IT USED?
When we refer to “Personal Information”, we mean any information that can identify you. In some jurisdictions, Personal Information includes information that identifies a legal entity, such as company name. We describe the Personal Information that we collect in more detail below.
We may also collect information but that does not personally identify you. This information is collected (e.g., IP address and operating system) to improve our Services, analyze trends, and for other marketing, research or statistical purposes, and we may disclose such data to third parties for these specific purposes.
WHEN WE COLLECT INFORMATION ABOUT YOU
Information you give AssurX or our service providers. You may provide Personal Information when you: (i) access AssurX sites, (ii) request, purchase and use the Services, (iii) communicate with AssurX via phone calls, chat, email, web forms, social media and other methods of communication, (iv) subscribe to AssurX marketing material, (v) apply for a job, (vi) attend our events, or (vii) provide services to AssurX.
Information we collect about you and your device via Automated Means. Each time you visit an AssurX Website, view an AssurX advertisement on a third party-owned website or read an AssurX marketing email, we may automatically collect information about you via cookies, web beacons and other similar technologies. You can find out more about this in our Cookies Notice available at https://www.assurx.com/privacy-policy/cookie-policy.
Email communication. We use pixel tags and cookies in our marketing emails so that we can track your interaction with those messages, such as when you open the email or click a URL link that’s embedded within them. When recipients click on one of those URLs, they pass through a separate web server before arriving at the destination page on an AssurX Website. We use tools like pixel tags and cookies so that we can determine interest in particular topics and measure and improve the effectiveness of our communications.
Mobile. When you access one of our mobile-optimized Websites, we may receive information about your mobile device, including a unique identifier for your device.
Information we receive from other sources. We work closely with third parties (for example, advertising networks, analytics providers, search information providers) and may receive information about you from them.
Social Media Platforms. We may receive certain information that’s stored or processed by third parties, such as the social media sites Facebook®, Twitter® and LinkedIn® when you interact with us through these social media platforms. AssurX Websites may include social media features and widgets – such as the Facebook “Like” button and “share this” buttons. These features may collect your IP address as well as details of the pages you are visiting on AssurX Websites. Social media features and widgets are either hosted by a third party or AssurX Websites. Each social media platform has a privacy statement that specifically governs its use of social media features.
Public Forums, Blogs and the Customer Reference Program. AssurX Websites may feature bulletin boards, blogs or forums. Any Personal Information that you choose to submit via such a forum may be read, collected, or used by others who visit these forums, and may be used to send you unsolicited messages.
Third-party vendors. In order to provide the Services and improve AssurX Websites, we may engage the services of third-party vendors to supplying services to AssurX.
THE TYPES OF INFORMATION WE COLLECT
In order to access or use certain portions of the Sites, to enjoy the full functionality of the Sites, or to conduct or seek to conduct business with us, you may be prompted to provide certain information in the following ways:
Contact Information includes your name, company name, job title, telephone numbers, fax numbers, postal addresses, email addresses, or other addresses at which you receive communications from or on behalf of AssurX (“Contact Information”). When you are expressing an interest in obtaining additional information about the Services or signing up to use the Services, AssurX requires that you provide contact information (“Required Contact Information”).
Transactional Information includes information about the Services you use, and how you interact with us and the Services (for example through email or phone).
Billing Information includes financial qualification and billing information, such as billing name and address.
Optional Information includes your company’s annual revenues, number of employees, industry or similar information that helps us tailor our Services to you. Please note, that Optional Information is information that you do not have to provide unless otherwise agreed to between your organization and AssurX.
Information Collected by Automated Means includes information that we collect through commonly used information-gathering tools, such as cookies and web beacons. Such information includes standard information from your web browser such as:
browser type and browser language;
your Internet Protocol (“IP”) address;
your activities on AssurX Websites (such as the web pages viewed and the links clicked, number of visits, access time, device ID or other unique identifier, domain name, screen views, language information, device name and model, and operating system type);
the URL of the site from which you came and the site to which you are going when you leave AssurX Websites;
your computer operating system and/or mobile device operating system
Information Collected by Automated Means also includes information that we may collect about: your use of certain Service features; the functionality of the Services; when you click on ads; your participation in research initiatives like surveys about our Services.
Sensitive Information: AssurX will not intentionally collect or maintain, and do not want you to provide, any information regarding your medical or health condition, race or ethnic origin, political opinions, religious or philosophical beliefs or other sensitive information.
HOW WE USE YOUR INFORMATION
Unless otherwise stated herein, we use your information for providing you the Services that you have requested from us, as referred below:
To contact you. We use your Contact Information to get in touch with you. Here are some examples of reasons why we might contact you to: communicate with you about your orders or the Services you use; conduct surveys; send you announcements about the Services; notify you about our upcoming events; administer surveys, sweepstakes, contests, or other promotional activities or events sponsored by us or our business partners.
For marketing purposes. We use your Contact Information to recommend products and services that might be of interest to you, to send you marketing and advertising messages such as newsletters, announcements, or special offers or to notify you about our upcoming events. To provide you with marketing communications is not essential for the maintenance or existence of the legal relationship we may have with you at a certain point; thus, you may opt out from receiving such communications as described in section 3 below. Your decision to opt out from our marketing communications will not affect your ability to continue receiving the Services from AssurX.
To provide Services to you. AssurX needs Required Contact Information, Transactional Information, and Billing Information to: process orders and payments for our Services; provide the Services to you; provide access to secure areas of AssurX Websites; create and maintain your account and control access to it.
To protect our business. We use information we collect from users of the AssurX Websites and the Services to identify and protect against and investigate fraud, risk exposure, claims and other liabilities.
To manage everyday business needs. We use information to administer and manage our business; train our employees; help promote compliance with our terms of service or any other agreements between us; allow you to apply for a job; carry out research and development; carry out other purposes that are disclosed to you and to which you consent; or to comply with the law.
Other. Information you submit through on-line chat, email, and web form is archived and may be tied to information that we collect about your web visits. Your telephone call or a web conference may be recorded for training and quality purposes and we may enter information you provide via telephone, or other means of communication, into our systems and use it for the purposes described in this section.
(2) DISCLOSURE OF PERSONAL INFORMATION
Please note that the parties to whom we send your Personal Information may be located in another country. Some of the countries in which these parties are located may not have the same or substantially similar privacy laws as those applicable to your own jurisdiction. We will only be transferred to other third parties as permitted by applicable law in a country where AssurX operates and as described in this section.
Disclosure to our Service Providers. We may disclose, to the extent necessary for the provision of Services, Personal Information to third party service providers. Please be aware that our third party service providers may be located in a different country than you, so your Personal Information may be transferred outside of your country. We require that our third party service providers agree to keep confidential all information we share with them and to use the information only to perform their obligations in the agreements we have in place with them. These third party service providers are expected to maintain privacy and security protections that are consistent with AssurX’s privacy and information security policies. While we provide these third parties with no more information than is necessary to perform the function for which we engaged them, any information that you provide to these third parties independently is subject to their respective privacy policies and practices.
Disclosure to Others. Should you breach any of our terms and conditions (for example, our terms of service or the AssurX Website term) or if we are under a duty to disclose or share your Personal Information in order to comply with any legal or compliance obligation, we may disclose your information to any relevant authority. We may need to release the information we collect to third parties when we believe it is appropriate to comply with the law, to enforce our legal rights, to protect the rights, safety or property of our business and others, or to assist with industry efforts to control fraud, spam or other undesirable conduct and as needed to support auditing, compliance, and corporate governance functions. Additionally, we will provide information to a third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings). This information would be transferred under due diligence and appropriate controls.
Disclosure when we have your consent. We may also disclose your Personal Information and other information, for any other purpose disclosed by us when you provide the information, as otherwise required or permitted by law, and with your consent. Any such purposes may involve the transfer of your Personal Information across country borders.
Other. We may disclose information that does not identify any individual (e.g., anonymous, aggregated data) without restriction. For example, we may provide our advertisers or other third parties with reports that contain aggregated and statistical data about our users.
(3) MANAGING PERSONAL INFORMATION
Access, Opt-Out and Correction.
Access to Personal Information. We will supply Personal Information about you and that we hold in our own files within reasonable timeframes stipulated by executed agreement, by law or based on geographical location so long as it is required. Please note that some requests may be subject to a reasonable fee.
Opt-Out. If you wish to stop receiving marketing communications about product and support information, promotions, events, webinars, etc., please send an email to email@example.com.
Correction or Deletion of Personal Information. If you would like to correct, delete inaccuracies, or update the information we hold about you, or revoke consent previously granted, please follow these instructions:
If you’re an AssurX Websites visitor or a prospective customer please email GDPR@assurx.com.
Deleting your information (applicable based on executed agreements and based on geographical locations): If you would like us to delete/archive your Personal Information please contact us by using the details below and we will respond within a reasonable time. Please note that we may be required to retain certain information by law and/or for our own legitimate business purposes.
Client data access requests. Clients of our customers must contact our customer directly with any data subject access requests.
Choosing not to provide us with certain information. You can choose not to provide certain information when using AssurX Websites or Services, but this may prevent you from being able to take full advantage of the functions available online and it may prevent us from being able to provide you with Services.
(4) SECURITY OF YOUR INFORMATION
make use of encryption technology as appropriate;
use appropriate network access control technology to limit access to the systems on which AssurX Collected Information is stored; and
monitor for possible vulnerabilities and attacks
AssurX aims to safeguard and protect your personal data from unauthorized access, improper use or disclosure, unauthorized modification or unlawful destruction or accidental loss, and we utilize and maintains certain reasonable processes, systems, and technologies to do so.
Although AssurX implements reasonable technical and security controls, we cannot guarantee that the technical, physical and organizational measures we take will prevent every security threat or breach. Accordingly, we cannot be held responsible for unauthorized or unintended access that is beyond our control.
(5) DATA INTEGRITY and RIGHT TO ACCESS YOUR PERSONAL INFORMATION
Personal Information we collect is relevant for the purposes for which it is to be used. AssurX takes reasonable steps to help ensure that data is reliable for its intended use, accurate, complete, and current.
We will retain/archive your information for as long as needed to provide you Services or as long as needed to fulfill the purpose for which Personal Information was originally collected.
As noted in section 3 above, you have the rights to access, correct and request the deletion of your own Personal Information as applicable in executed agreements or legally, or based on geographical locations. You are also entitled to oppose to certain data processing practices or to revoke consent previously granted, to the extent permitted by executed agreement, applicable law, or based on your geographic location.
Please note that some requests may be subject to a reasonable fee, and all requests will be addressed as legally required.
If you wish to cancel your customer account or request that we no longer provide you the Services, please email firstname.lastname@example.org. In response, we will cancel or remove your information but may retain information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
(8) CUSTOMER DATA – PERSONAL INFORMATION OF OUR CUSTOMERS’ CLIENTS
If you believe you have provided data to somebody who hosts your Personal Information with us, then this applies to you:
Our customers are responsible for maintaining the security and confidentiality of their accounts and access to the hosted systems, and securing any Personal Information they store on or transmit to/from our hosted system.
If you are a client of one of our customers and would no longer like to be contacted by one of our customers that use our service, please contact the customer that you interact with directly.
(9) PRIVACY PRACTICES OF THIRD PARTIES
(10) INQUIRIES AND COMPLAINTS
For additional questions regarding your personal information in accordance with General Data Protection Regulation (GDPR) in the EU, contact GDPR@assurx.com. You have the right to contact your Supervisory Authority (as defined in the GDPR) for any disputes relating to access requests.
Please note that for all inquiries and complaints to AssurX, we may request proof of identity, and we reserve the right to charge a fee where permitted by law. We will endeavor to respond to your request within all applicable timeframes.