Last Modified May 25, 2018
We respect the privacy concerns of our customers and we value your trust. This Privacy Notice is meant to help you understand what kind of information we collect, how we use it and what choices you can make. It applies to the Captricity, Inc. (“Captricity”) website located at captricity.com, or where this notice is posted. If you have any questions about this Privacy Notice, please contact us.
This Privacy Notice applies to the processing of personal data associated with the following activities:
With regard to our software products, we are a Processor of personal data and our software users are the Controllers. Our software products allow users to convert business documents and other materials into digital data that is organized and stored within our software platform (the “Services”). Information is provided to the Services by our software users, who are also known as our “Business Customers.” We process this data on the instruction of the Business Customer who submitted the data to us to perform the Services or in accordance with the Business Customer’s direction. Please note that Captricity does not fully control the data that is submitted to us by our Business Customers, we manage it as directed by the Business Customer who provided it.
Your information may be provided to us by our Business Customers if you have a business relationship with that Business Customer. We do not categorize personal data submitted to our Services for processing by our Business Customers. The nature of our Services prevents us from being able to identify specific personal data processed by our Services and conclusively attribute it to a specific individual without assistance from our Business Customers. As a result, if you have an inquiry or wish to exercise a right regarding personal data that Captricity processes on behalf of a Business Customer, we ask that you please contact the Business Customer directly to assist you.
WHAT INFORMATION DO WE COLLECT?
We collect personal information, or “personal data,” in order to operate our business and provide our products and services. “Personal data” is the information that identifies you as an individual. For example, your name or contact information.
INFORMATION WE COLLECT FROM ALL SITE VISITORS
We collect personal data when you visit our website or when you communicate with us. Some of the personal data we collect is provided by you and some of it is provided by third parties, such as through technology such as cookies. You may choose not to provide us with certain personal data; however, you may be unable to access certain functionalities of our website or unable to use a certain product or service. For example, we need your contact information in order to respond to you if you contact us with a question. The type of personal data we collect depends on the features of our website that you use or interact with and may include:
Contact Information. We collect your first and last name, email address, postal address, phone number, user name, social media handle or other similar contact information when you contact us or provide it.
Some Data Is Collected By Our Website. Our website automatically collects analytics data about site visitors which alone cannot be used to identify you. We use this information to learn about how our website is used. Information about the type of data collected automatically is below. In some circumstances we can associate some of this analytics data, such as an IP address, with a specific person. In such an instance, we treat this analytics information as personal data consistent with this Privacy Notice.
INFORMATION COLLECTED AUTOMATICALLY
To improve our website, products and services, we collect and use aggregated information which does not personally identify you. When you visit our website, we may automatically receive your computer’s internet protocol (IP) address, your operating system and browser type, the web pages you visit on our website, the address of any referring website, length of time spent on a webpage and your geographic location. This information is also used to operate, maintain, and manage our website. For example, we may calculate the average number of site visitors who visit a particular webpage on our website.
INFORMATION WE COLLECT FROM BUSINESS CUSTOMERS
If you are a Business Customer, we also collect personal data related to your use of our products and services. This may include:
Account or Billing Information. We collect data necessary to process your payment if you make purchases, such as your credit card or bank information. We also collect information related to your account such as your username or password.
Professional Information. We collect professional information such as the name, postal address, telephone number of your employer or your job title if, for example, you register a software product to your employer.
Product or Device Information. We collect product or device information including product performance, your purchase history, or product interests. We also collect usage data or error reports when you run our software.
Special Categories of Information. We process some “special categories” of data if our Business Customers provide it through their use of the Service. Special categories of data are: heath data, details about your race or ethnicity, religious or philosophical beliefs, sex life or sexual orientation, genetic or biometric data, political opinions, trade union membership, or information about criminal convictions or offenses. Our Business Customers categorize personal data when they use our software so that we may apply heightened security measures appropriate for processing these special categories of data.
THIRD PARTY LINKS ON OUR WEBSITE
HOW DO WE USE THE INFORMATION WE COLLECT?
We use the personal data we collect to communicate with you, to operate our business, and to improve our products and Services. We also use it to send you marketing offers that we think may interest you.
TO PROVIDE AND IMPROVE OUR SERVICES
We use data to understand how our products and services are used in order to improve them. For example, we use information about how our website is used to enhance our site. With regard to many of our products, Captricity is a service provider. As a service provider, we receive, store and process personal data on behalf of and on the instruction of our Business Customers. The data we receive from our Business Customers is used for managing transactions, reporting, invoicing, renewals and other similar activities related to the Services we provide our Business Customers.
TO COMMUNICATE WITH YOU
We use your personal data to respond to you when you contact us. We also use your personal data to communicate with you about Captricity products or Services, for example to inform you of product updates or of any changes to your account.
Marketing We use data we collect to communicate with you about promotions and marketing offers that we believe may interest you. To update your preferences or to opt-out of receiving certain communications, please see How to Access and Control Your Personal Data below.
WHY DO WE SHARE THE INFORMATION WE COLLECT?
We may share personal data with our independent contractors, vendors or other third parties to perform services on our behalf, to complete the transaction of a service you have authorized, or to provide information you have requested. We may also share personal data if required by law, to protect our customers or others, to maintain the security of our products or to operate our business. We will not sell or rent your personal data to third parties without your permission.
Captricity works with independent contractors who handle personal data on our behalf and at our instruction in order to provide our Services. These independent contractors may only use the data we share with them for the purposes which we specify and in accordance with this Privacy Notice.
THIRD PARTY SERVICE PROVIDERS
We share personal data with third parties who reasonably need to know in order to perform services on our behalf such as payment processing, technical services, or facilitating marketing activities and other promotions. These third parties may only use the personal data we share with them for the purpose that we have shared it.
COMPLIANCE WITH LEGAL OBLIGATIONS
We may access, preserve, use, or disclose your personal data if we have a good faith belief that the law requires us to do so, or that it is reasonably necessary to detect, prevent, and address security, technical issues, or fraud.
We may access, preserve, use, or disclose your personal data in order to protect the rights of the business, its property, its employees and others, or to enforce our billing or contracts. If we are involved in a merger, acquisition, sale or other change in ownership, personal data may be among the transferred business assets.
COOKIES & OTHER SIMILAR TECHNOLOGIES
Many web browsers are set up to accept cookies automatically, but you may change your cookie preferences through the options available in your web browser. . Please review the options available in the web browser that you are using to make changes to your cookie preferences. You may choose not to receive certain cookies, however please note this may affect the availability of certain features of our website.
Session Cookies provide information about how a website is used during a single browser session while a user is visiting a website and usually expire after the browser is closed.
Persistent Cookies remain on your device between different browser sessions for a set amount of time in order to enable the website to remember user preferences, settings, or actions across other sites.
First-Party Cookies are cookies set by the website you are visiting. They have the same domain or subdomain as what is in your browser’s address bar.
Third-Party Cookies are set by third parties that are different from the website you are visiting. These cookies have a different domain or subdomain than what is in your browser’s address bar.
We use third party marketing services which set cookies and other similar technologies to collect data about your online activity in order to provide more relevant advertising including on other websites that you visit where we may buy advertising.
DO NOT TRACK DISCLOSURE
Do Not Track is a privacy preference that can be set in a web browser. At this time our website does not recognize Do Not Track browser settings or signals because there is no agreed upon standard for how to interpret these signals yet. For information about Do Not Track, please visit https://allaboutdnt.com/.
HOW DO WE KEEP YOUR INFORMATION SECURE?
We maintain an information security program which utilizes certain physical, administrative and electronic safeguards to protect the security, confidentiality and integrity of personal data. While no method of data transmission or storage is 100% secure, and we cannot guarantee that our network or systems will never be compromised, we take reasonable measures to protect your personal data against loss, destruction, alteration, or unauthorized access or disclosure.
We require individuals who maintain an account with us to enter a password to access account information as a security measure. It is your responsibility to keep your password confidential. Please do not disclosure your password to persons unauthorized to access your account. If you suspect your password has been compromised, please contact us immediately.
Please note that as a service provider we do not control how certain data provided to us by our Business Customers is classified. We take security seriously but we rely on our Business Customers to accurately categorize the personal data they provide to us through use of our software or Services. It is the responsibility of our business customers to accurately categorize personal data so that we may apply heightened security measures to certain categories of sensitive data where appropriate. For example, if our Business Customers categorizing certain personal data as health data, we will know to treat the data consistent with HIPAA, HITECH and other applicable healthcare related privacy laws.
DATA TRANSFERS AND PROCESSING
We store data in the United States. Captricity works with a global network of independent contractors to provide the Services and we share access to personal data collected through our site or provided by our Business Customers with these third parties in locations around the world for the purposes described in this Privacy Notice. Countries where we process data may have data protection laws that differ from those in your own country.
EU Site Visitors: If you provide personal data through our website, we process your personal data, including any necessary data transfers out of the European Economic Area (“EEA”), if it is necessary for the performance of a contract taken at your request or concluded in your interest, or when you have consented to such processing.
The retention period for data we process can vary based on certain circumstances or obligations. We retain personal data for as long as it is necessary to provide the products or services you have requested or for other legal compliance or essential business purposes such enforcing our contracts, maintaining the security of our products, or dispute resolution.
With regard to personal data provided by our Business Customers, we do not provide data back-up services and are not a data store of record. We store this data for the period of time necessary to perform the associated contract. This includes converting the data to electronic format and returning it to the Business Customer consistent with our Services. Once the data is returned to the Business Customer it may be further updated by the Business Customer. Because we are not a data store of record, we do not update the data that we store to account for updates that a Business Customer makes to its data outside of the Services we provide. Individuals seeking current data should contact the Business Customer.
CHILDREN’S ONLINE PRIVACY
Minors are ineligible to purchase Captricity products. Our website is a general audience site and is not intended for use by children under 18. If you become aware that a child under 18 has provided us with personal data, we ask that you notify us by email at firstname.lastname@example.org. Should we become aware that a child under age 18 has provided personally identifiable information through our website, we will take steps to immediately delete it.
HOW TO ACCESS AND CONTROL YOUR PERSONAL DATA
You have choices about how to manage your personal data and what types of communications you receive from us. If you contact us we will endeavor to respond to your inquiry within 30 days. Please note that we may have a legal obligation to preserve certain data and that we may need to request information from you in order to confirm your identity. This is to ensure that your personal data is not disclosed to a person who does not have a right to receive it.
Captricity Account: You can view or edit personal data connected to your account by logging into your Captricity account online.
Marketing Communications: You may choose to opt-out of receiving certain email communications from us by following the instructions in the email to unsubscribe.
Access To Your Personal Data: If you have provided personal data directly to us, you may contact us by email or postal mail to request access to, correct, change or delete your personal data.
EU Site Visitors: In accordance with the requirements of Regulation (EU) 2016/679, or “GDPR,” if you are an EU visitor, you have certain rights and may make a “Subject Access Request” to exercise them. Under certain circumstances, you have the right to: Request access to your personal data; Request correction of your personal data; Request erasure of your personal data; Object to some processing of your personal data; Request restriction of processing of your personal data; Request the transfer of your personal data to you or to a third party; Withdraw your consent; Object to being subject to automated decision-making; or Lodge a complaint. In such an instance, we request that you first contact us directly to resolve any issue.
If you have not provided your personal data to Captricity directly, we ask that you please contact the Business Customer with whom you have a business relationship to exercise your rights. Captricity will work with the Business Customer to identify any relevant records the Business Customer may have provided to us for use of our Services.
HOW TO CONTACT US
1999 Harrison Street, 24th Floor
Oakland, California 94612
CHANGES TO OUR PRIVACY NOTICE
This Privacy Notice is effective as of May 25, 2018. From time to time it may become necessary to update or change our Privacy Notice and we encourage you to periodically check here for the most current version. If significant changes are made, we will provide you with appropriate notice, which may include conspicuous notice on our website, or email notification.
“HIPAA” means the Health Insurance Portability and Accountability Act of 1996. You can learn more at: https://www.hhs.gov/hipaa/for-individuals/faq/index.html.
“HITECH” means The Health Information Technology for Economic and Clinical Health (HITECH) Act. You can learn more at: https://www.hhs.gov/hipaa/for-professionals/special-topics/hitech-act-enforcement-interim-final-rule/index.html