The Concinnity Company™

 Data Privacy Policy

This Privacy Policy applies to The Concinnity Company™ websites, including for Cloud Concinnity® Software as a Service.

Background

We at The Concinnity Company work hard to protect the security and privacy of your personal information (or data). We want you to understand the types of information we collect and how we collect, secure, process, use, and share the personal information you provide as well as the choices you have regarding use, access and correction of your information.

Your personal information is one piece of data (or a combination of different types of data) that could reasonably allow you to be identified. We may collect personal data about prospective and current users of our services. When we provide our Software as a Service  to client organizations, those organizations may provide us with personal information about their and their customers’ users. Also, we may collect personal data as part of the “Services” we provide.

You can generally visit our public facing  websites without actively entering any personal information about yourself. However, in certain areas of our public facing websites, we may ask you to contact us with questions or comments, or request more information about our services. In these cases, we may collect personal information from you directly as described below. Also, we may be required to collect certain personal information about you either by law or as a consequence of a contractual relationship we have with you or a client organization.

How we use your personal information and the legitimate interests those uses serve

We use your personal information for these legitimate reasons to:

Market our services: We may use your personal information provided to our public facing websites to place you into particular marketing segments in order to better understand your interests so that we send you marketing that will address your interests and needs. Where necessary, we will obtain your consent before sending such marketing messages.
Identify and authenticate you: We use your identification information to verify your identity when you access and use our services. This ensures the security of your personal information. In part, and when applicable, we do this to comply with our contractual obligations to you or a client organization.
Provide you with services: We process your personal information to provide the products and/or services you or your organization have requested. We may do this to comply with our contractual obligations to you or your organization.
Improve our services: We may analyze information about how you use our services to provide an improved experience for our users; this may include product testing and site analytics.
Communicate with you: We may use your personal information when we communicate with you; for example, if we are providing information about changes to terms and conditions of service or to respond to your questions.
Exercise our rights: We may use your personal information to exercise our legal rights where it is necessary to do so, for example to detect, prevent and respond to fraud claims, intellectual property infringement claims, alleged violations of law or to enforce applicable contract terms and conditions.
Comply with our obligations: We may process your personal information to, for example, carry out fraud prevention checks or comply with other legal or regulatory requirements, where this is best practice or explicitly required.
Customize your experience: When you use our products or services, we may use your personal information to improve your experience, such as by providing interactive or personalized elements and providing you with content based on your interests or your identified role.

The kinds of information we collect directly from you or from a client organization about you may include:

  • Personal details (name, title, employer or organization, as examples)
  • Contact details (phone number, email address, or postal address, as examples)
  • Additional information about your organization and your role or title
  • Demographic information (age, biographical information as examples)
  • Information we collect automatically from you, including data collected using cookies and other device identifying and analytic technologies. Please see our use of Cookies and other tracking technologies in our Cookie Policy.
  • Other information provided about you when a client organization uses our Services

 

We may also collect information in the course of our contractual  relationship with a client organization. The categories of information we collect in this context include:

  • Account information (such as user ID, contact details or answers to security questions); and
  • Information about your usage of our Services or the websites (such as support requests or information provided to us to resolve such support requests).

Other Information we may collect or process about you from others. We may collect/process  information about you from your employer, our service providers,  our business partners. The categories of information we collect from other sources may include:

  • Personal details (name, title, employer or organization, as examples)
  • Contact details (phone number, email address, postal address or phone number, as examples)
  • Additional information about your organization
  • Demographic information (age, education status, biographical information, as examples)

Special categories of personal data – as a processor

Some of the categories of information that we collect is as a processor in connection with provision of our Products or Services. This information may constitute special categories of personal data (also known as sensitive personal information). In particular, we may process personal data revealing religious or philosophical beliefs, racial or ethnic origin, or trade union membership, or data containing health information if such information is uploaded by a client organization and/or its agent or by our client organization or its customer related to our Services. We will not process such information for any other purpose other than as a provider of  our Software as a  Service in accordance with the terms of use for the Services.

 

Your understanding of your rights, and how to exercise them over your personal information, is very important to us.

Regarding your personal information, and subject to local law, you have the right to:

  • access your personal information
  • rectify any misinformation we hold about you
  • erase your personal information
  • object to/restrict our use of your personal information
  • receive your personal information in a usable electronic format so that you have the ability to transmit it to a third party (data portability)
  • lodge a complaint with your local data protection authority.

 

We will contact you if we need additional information from you in order to honor your requests. If you would like to discuss or exercise these rights, we encourage you to contact us. Please update or correct your information if it changes or if the personal information we hold about you is inaccurate.

 

Obtaining your consent to collect your personal information and your right to withdraw consent.

We, or when we have been contracted to provide Software as a Service to our client organization,  our client organization’s Customer the client organization or its Customer, may obtain your consent to collect and use certain types of personal information when   required to do so by law (for example, in relation to our direct marketing activities, Cookies and Tracking Technologies,  or when we process sensitive personal information, when you have consented to provide this kind of information ). If you have consented to our processing your personal information, you may withdraw your consent at any time by contacting us at the email provided in the “Contact” section of this Privacy Policy.

 

Information Sharing

We may share your personal information with third parties under the following circumstances:

  • Service providers and business partners. We may share your personal information obtained from our public-facing websites with our service providers and business partners that perform marketing services and other business operations for us. These companies are authorized to use your personal information only as necessary to provide these services to us pursuant to a contract and for these legitimate purposes: provision of customer support services, marketing purposes, internal reporting and customer insights and service optimization.
  • Legal regulatory, government authority, compliance with legal process or other third party.

We may share your personal information with these parties where we believe this is necessary to comply with a legal or regulatory obligation, or otherwise to protect our rights or the rights of a third party. Where permitted by law or regulation and reasonably practicable, we will attempt to notify the following types of parties of such requirements:

  • An authorized user of the company or organization
  • A data processor. We may share personal information as a data processor or subprocessor as authorized by contractual obligations to a client organization for provision of “Services” when supplying that client organization Software as a Service
  • An asset purchaser. We may share your personal information with any third party that purchases, or to which we transfer, all or substantially all of our assets and business. Should such a sale or transfer occur, we will exert reasonable efforts to ensure that the entity to which we transfer your personal information uses it in a manner that is consistent with this Privacy Policy. You will be notified via email and/or a prominent notice on our websites of any change in ownership or uses of your personal information

Information Security

We implement technical and organizational measures to ensure a level of security appropriate to the risk to the personal information we have collected and that we process. Our goal is to protect the ongoing integrity and confidentiality of personal information. We evaluate these measures on a regular basis.

Information Retention

We will keep your personal information for as long as we have a relationship with you. Once that ends, we will retain your personal information for a period of time that enables us to:

  • Maintain business records for analysis and/or audit purposes
  • Comply with record retention requirements under the law
  • Defend or bring any existing or potential legal claims
  • Resolve any complaints regarding the Services
  • Enforce our commercial agreements

We will delete your personal information when it is no longer required for these purposes. We will take appropriate measures to prevent any further processing or use of the data if, for technical reasons, we are unable to delete entirely your personal information from our systems.

International Data Transfer

Your personal information may be transferred to, stored and processed in various countries, including those that are not regarded as ensuring an adequate level of protection for personal information under European Union law or by the European Commission. Should that happen, we will put in place appropriate safeguards (such as contractual commitments) in accordance with applicable legal requirements to ensure that your data is adequately protected.

Links to Other Sites

Our public facing sites include links to other websites whose privacy practices may differ from our practices. If you submit personally identifiable information to any of those sites, your information is governed by their privacy policies. We are not responsible for the privacy practices or the content of any sites to which our public facing sites provide links. We encourage you to carefully read the privacy statement of any website you visit.

Social Media Widgets Our public facing websites include Social Media Features, such as the Facebook Like button, and Widgets, such as the Share this button or interactive mini-programs that run on our websites (the "Features"). These Features may collect your Internet protocol address, which page you are visiting on our website, and may set a cookie to enable the Feature to function properly. Social Media Features and Widgets are either hosted by a third party or hosted directly on our website. Your interactions with these Features are governed by the privacy statement of the company providing it.

Contact Us

If you are the data subject and have questions or concerns regarding the way in which your personal information has been used, or regarding an access request t, please contact us at privacy@theconcinnitycompany.com. We are committed to working with you to obtain a fair resolution of any complaint or concern about your data’s privacy. If, however, you believe that we have not been able to assist with your complaint or concern, you have the right to make a complaint to the applicable data protection authority.

Changes to the Policy

You may request a copy of this Privacy Policy from us using the contact details set out above. We may modify or update this Privacy Policy from time to time. If we change this Privacy Policy, we will notify you of the changes. Where changes to this Privacy Policy will have a fundamental impact on the nature of the processing or otherwise have a substantial impact on you, we will give you sufficient advance notice so that you have the opportunity to exercise your rights by objecting to the processing.

 

Last Updated: 10/28/2022