skip to Main Content

Privacy Policy

Last Updated: March 20, 2020

iContracts, Inc. (“iContracts,” “we,” “us,” or “our”) developed this Privacy Policy to explain how we collect, use, disclose, and protect your Personal Information (defined below), and your choices about the collection and use of your Personal Information.

This Privacy Policy applies to Personal Information collected or processed in connection with us providing PolicyStat and related services to our customers (collectively, the “Service”).

For purposes of privacy laws applicable in the United Kingdom (“UK”), including the General Data Protection Regulation (the “GDPR”) and the UK Data Protection Act 2018, the “data controller” is iContracts (please see Section 12 for contact information).    Please note, however, that as a service provider, we primarily use Personal Information on behalf of and at the direction of our customers (e.g., your employer).  Where we process Personal Information under the instructions of our customers, our customers are the “data controllers,” and their privacy policies and procedures shall apply.

 

To jump to a section of this Privacy Policy, please click a link below:

  1. Types of Personal Information We Collect and Use
  2. How We Use Personal Information
  3. Disclosure of Personal Information
  4. How We Protect the Confidentiality of Personal Information
  5. Your Privacy Rights
  6. Opting Out of Communications
  7. Personal Data Transferred from the EU or UK to The United States
  8. Retention of Personal Information
  9. Other Websites and Services
  10. Children’s Privacy
  11. Changes to Our Privacy Policy
  12. How to Contact Us

 

1.      Types of Personal Information We Collect and Use

Personal Information” is information that relates to an identified or identifiable individual.  This section describes the Personal Information collected by us through the Service and the sources from which we collect Personal Information.

 

  1. Information that You or Your Employer Provides Us

To establish a user account, we collect your name, email address, job title, and account credentials.

In addition, we may request other information about you through forms on the Service.  For example, to help identify the policies most relevant to you, we ask for your office location.  The exact information we need to collect will depend on the purpose of the form.  We will indicate on each form whether a field is required.

  1. Information We Receive from Your Use of the Service

We collect the following types of information automatically through your use of the Service:

  • Cookies, Device Identifiers, and Similar technologies

When you use or access the Service, we use cookies, device identifiers, and similar technologies such as pixels, web beacons, and local storage to collect information about how you use the Service.  We process the information collected through such technologies, which may include Personal Information, to help operate certain features of the Service to help us analyze the usage of the Service for product improvement and maintenance.

We use Google Analytics as one analytics service to help us analyze the traffic on the Service.  For more information on Google Analytics’ processing of Personal Information, please see “How Google uses data when you use our partners’ sites or apps.”

We do not include any features on the Service that allow a third party to track you, in personally identifiable form, over time and across third party sites. We do not respond to Do Not Track signals sent to us by your browser at this time.

  • Log File Information

When you use the Service, our servers automatically record information, including your Internet Protocol address (“IP Address”), browser type, referring URLs (e.g., the site you visited before coming to our Service), number of clicks, and how you interact with links on the Service, domain names associated with your internet service provider, pages viewed, and other such information (collectively, “Log File Information”). We use Log File Information collected from our implementation of the Service to identify potential threats and vulnerabilities, and in analyzing the effectiveness of our Service to improve the Service’s function and content.

2.      How We Use Personal Information

We use your Personal Information where it is required by law, to perform our obligations under an agreement with you, or to pursue our or our customers’ legitimate interests, including:

  • Enabling secure use of the Service;
  • Administering our customer accounts, including billing and support;
  • Providing, analyzing, administering, supporting, and improving the Service; and
  • Protecting our rights or our property, including the exercise or defense of legal claims.

3.      Disclosure of Personal Information

We will not disclose your Personal Information except as set forth in this Privacy Policy or with your consent.

This section describes to whom we disclose Personal Information, and for what purposes:

  • Affiliated Entities. We share Personal Information with affiliated entities for the purposes described in Section 2, “How We Use Personal Information.”
  • Our Service Providers. We employ service providers to perform tasks on our behalf and to assist us in providing the Service, such as hosting and infrastructure providers and analytics services. When we use third party service providers, we only disclose to them any Personal Information that is necessary for them to provide their service and we have a contract in place that requires them to keep your information secure and not to use it other than in accordance with our specific instructions.
  • Companies Involved in Mergers and Acquisitions Transactions. If we sell or otherwise transfer part or the whole of our business or our assets to another organization (g., in the course of a transaction like a merger, acquisition, bankruptcy, dissolution, or liquidation), any information collected through the Service, including Personal Information, may be among the items sold or transferred.
  • Law Enforcement, Government Agencies, and Courts: We may disclose Personal Information at the request of law enforcement or government agencies or in response to subpoenas, court orders, or other legal process to establish, protect, or exercise our rights or to defend against a legal claim or as otherwise required or allowed by law, or to protect the rights, property, or safety of any other person. We may also disclose Personal Information to investigate or prevent a violation by you of any contractual or other relationship with us or your illegal or harmful activity.

 

You may contact us if you would like to opt-out of Personal Information (i) being disclosed to a third party (except for service providers who perform task(s) on behalf of and under our instructions); or (ii) being used for a purpose that is materially different from the purpose(s) for which it was originally collected or subsequently authorized by you.  We will promptly review all such requests in accordance with applicable laws.

4.      How We Protect the Confidentiality of Personal Information

We use commercially reasonable safeguards to help keep the information collected through the Service secure. Despite these efforts to store Personal Information in a secure operating environment that is not available to the public, we cannot guarantee the security of Personal Information during its transmission or its storage on our systems. Further, while we attempt to ensure the integrity and security of Personal Information, we cannot guarantee that our security measures will prevent third parties such as hackers from illegally obtaining access to Personal Information. We do not represent or warrant that Personal Information about you will be protected against, loss, misuse, or alteration by third parties.

5.      Your Privacy Rights

Depending on where you are located, you have may the right to access, amend, delete, export, or object to or restrict the processing of, certain categories of Personal Information. If you would like to exercise the above rights you may submit a request to privacy@rldatix.com.   We will promptly review all such requests in accordance with applicable laws.  Where we process Personal Information on behalf of one of our customers (e.g., your employer), we may redirect your request to such customer.

Depending on where you are located, you may have a right to lodge a complaint with a supervisory authority or other regulatory agency if you believe that we have violated any of the rights concerning your Personal Information.  Before you do so, we encourage you to first reach out to us, so we have an opportunity to address your concerns directly.

6.      Opting Out of Communications

We send notifications or other information via email (“Communications”). You may choose to stop receiving Communications by following the unsubscribe instructions in any Communication you receive. Please note that certain Service-related Communications are necessary for the proper functioning and use of the Service and you may not have the ability to opt out of those Communications.

7.      Personal Data Transferred from the EU or UK to The United States

iContracts complies with the EU-US Privacy Shield Framework  (collectively, “Privacy Shield”) as set forth by the US Department of Commerce regarding the collection, use, and retention of Personal Data from European Union (the “EU”) member countries and the United Kingdom (“UK”). iContracts has certified to the Department of Commerce that it adheres to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement, and Liability. A violation of our commitment to Privacy Shield may be investigated by the Federal Trade Commission and/or the United States Department of Commerce. If there is any conflict between the policies in this Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, to the extent available, please visit https://www.privacyshield.gov.

In compliance with the Privacy Shield Principles, iContracts commits to resolve complaints about your privacy and our collection or use of Personal Data about you. Persons from the EU or the UK who have inquiries or complaints regarding this Privacy Policy should first contact us via email at: privacy@rldatix.com.

iContracts has committed to refer unresolved privacy complaints under the EU-US to JAMS, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://www.jamsadr.com/eu-us-privacy-shield for more information and to file a complaint.

These recourse mechanisms are available at no cost to you. Damages may be awarded in accordance with applicable law. Please note that if your complaint is not resolved through these channels, under limited circumstances, a binding arbitration option may be available before a Privacy Shield Panel. In cases of onward transfer to third parties of data of EU or UK individuals received pursuant to the Privacy Shield, iContracts is potentially liable.

8.      Retention of Personal Information

The length of time we retain Personal Information is determined by a number of factors, including the purpose for which we use that information and our obligations under applicable laws. We do not retain Personal Information in an identifiable format for longer than is necessary.
We may need your Personal Information to establish, bring or defend legal claims.

The only exceptions to this are where:

  • the law requires us to retain Personal Information for a longer period, or delete it sooner;
  • you exercise your right to have the information erased (where it applies) and we do not need to retain it in connection with any of the reasons permitted or required under the law; or
  • in limited cases, the law permits us to keep your Personal Information indefinitely provided we put certain protections in place.

 

9.      Other Websites and Services

We are not responsible for the practices employed by any websites or services linked to or from our Service, including the information or content contained within them.  We encourage you to investigate and ask questions before disclosing your Personal Information to third parties.

10.  Children’s Privacy

We do not knowingly collect or solicit any Personal Information from children. In the event that we learn that we have collected Personal Information from a child without parental consent, we will promptly take steps to delete that information.

11.  Changes to Our Privacy Policy

We may modify or update this Privacy Policy from time to time, so please review it periodically. We may provide you with notice of material changes to the Privacy Policy as appropriate under the circumstances. Unless otherwise indicated, any changes to this Privacy Policy will apply immediately upon posting to the Service.

12.  How to Contact Us

If you have any questions about this Privacy Policy, please contact us at privacy@rldatix.com.

Our representative in the UK, as required by the GDPR, can be contacted at:

RL Datix

C/O Data Protection Officer

Swan Court, 11 Worple Road

London, England

SW19 4JS

+44 208 971 1971

privacy@rldatix.com

Back To Top