DocTract Privacy Statement

Overview

QUALEX CORPORATION d/b/a DocTract, including its wholly-owned subsidiaries (collectively, “Us”, “We”, “Our”, “DocTract” or the “Company”) is committed to protecting the privacy of individuals(“Visitor(s),” “You,” and derived adjective “Your”) who visit the Company’s Web Sites or who register to use our services (“Services”). The purpose of this Privacy Statement is to provide information on how we collect, store, share and use of Your Personal Data and the choices You have regarding the collection and use of Your Personal Data. This privacy statement is not intended to discuss the collection or use of personal information by a Customer’s use of the Services and does not apply to third-party websites, applications, or services that display or link to different privacy statements.

‍

QUALEX CORPORATION d/b/a DocTract complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce.

‍

QUALEX CORPORATION d/b/a DocTract has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF.

‍

QUALEX CORPORATION d/b/a DocTract has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) Program, and to view our certification, please visit https://www.dataprivacyframework.gov/

‍

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, QUALEX CORPORATION d/b/a DocTract commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner’s Office (ICO) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S.DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF.

‍

Binding Arbitration

In compliance with the EU-U.S. Data Privacy Framework (DPF),the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, individuals have the possibility, under certain conditions, to invoke binding arbitration to address any complaints regarding our compliance with the DPF Principles.

This option is available after the individual has:

Raised the issue directly with our organization and given us an opportunity to resolve it;
Used the independent dispute resolution mechanism designated by our organization; and
Pursued the matter through the appropriate DPF panel or regulatory authority.

If all other avenues have been exhausted and the issue remains unresolved, individuals may initiate binding arbitration as described in Annex I of the DPF Principles. Our organization is committed to honoring the terms and conditions for binding arbitration as set forth in Annex I.

‍

Liability for Onward Transfers

In accordance with the DPF Principles, our organization maybe liable in cases of onward transfer of personal data to third parties. We ensure that any such third parties provide at least the same level of protection as required by the DPF Principles.

‍

Should a third party that we engage to process personal data on our behalf do so in a manner inconsistent with the DPF Principles, we will remain liable unless we can demonstrate that we are not responsible for the event giving rise to the damage.

‍

1. Our User Privacy and Data Protection Principles

We take the security and use of your personal information seriously. We apply the following principles to use of your personal information:

We will use your personal information in a lawful, fair and transparent manner.
We will process personal data for the purpose it was intended.
We will only process the personal data that is needed for the intended purpose and not collect unnecessary additional information.
We will provide mechanisms and processes to make sure the personal data we hold is adequate and accurate.
We will store only as long as necessary for the intended use.
We will process your personal information with integrity and confidentiality.

2. Information we Collect and Receive

Information You provide to us. We will collect information that You provide directly to us voluntarily, which may include the following methods:

When You create a new user account for yourself. All information provided during the sign-up process can be collected, including, but not limited to Your email address, password, first name and last name.
If You tell us geographical information as part of additional user set-up, including which time zone You are currently located in.
Any information entered on Your behalf in order to create a user account for Your usage by a Security Administrator for Your organizational account. It is the responsibility of Your organization to obtain Your authorization to provide Us Your personal information.
Any and all information entered and submitted into any of our Contact Us forms on a Company website
Any billing information provided for payments for a Service provided by the Company
Any information provided during support requests and troubleshooting inquiries
Customer review of Our Services
Our sites and services are available to persons 18 of age and older. We do not knowingly collect, use, or disclose personal information about minor visitors.

Information we collect automatically. We automatically collect some information to improve our communications and Service offerings:

Device and usage data. When You visit our websites or use our services, information may be automatically collected. This may include information such as the type of device being used, the operating system, IP address, as well as the web address You came from and which URL you go to when you leave Our sites. When using the Services of the Company, additional usage information may be collected and logged which may include which features are being used, menu items selected, the duration of usage and frequency of usage.
Cookies and Other Technologies. We may also use cookies and other electronic tools placed by a third-party service provider to measure the effectiveness of our advertising and other information and help us understand what product information is of most interest to our customers and what kinds of advertising offers our customers like to see. Although the service provider logs the information coming from Company Websites or Service Offerings on our behalf, we control how that data may and may not be used. You can control the use of cookies at the individual browser level, but if You choose to disable cookies, it may limit Your use of certain features or functions on our website or service.
Google Analytics. We use a tool called “Google Analytics” to collect information about use of Our sites. Google Analytics collects information such as how often users visit Our sites, what pages they visit when they do so, and what other sites they used prior to coming to Our sites. We use the information we get from Google Analytics only to improve Our sites. Google Analytics collects only the IP address assigned to you on the date you visit Our sites, rather than your name or other identifying information. We do not combine the information collected through the use of Google Analytics with personally identifiable information. Although Google Analytics plants a permanent cookie on your web browser to identify you as a unique user the next time you visit Our sites, the cookie cannot be used by anyone but Google. Google’s ability to use and share information collected by Google Analytics about your visits to Our sites is restricted by the Google Analytics Terms of Use and the Google Privacy Policy. You can prevent Google Analytics from recognizing you on return visits to Our sites by disabling cookies on your browser.
Third Party Sources. As part of a Partner and other third-party relationships, we may obtain personal information in order to provide a Service to You.
We may engage in joint marketing campaigns with our third-party partners or may obtain personal information from a third-party partner if You request information through them about any of our services. We rely on our Partners to obtain proper permission before sharing Your data with us.
Marketing Vendors. We may engage in various marketing campaigns with third party vendors that can generate information that contains Your data. This may include advertising activities with Google that can provide demographic or other information for visitors to our websites.

3. How we use Your personal information

We use Your information to better improve our services offerings and refine our communications through various marketing activities, including website content. We will normally collect personal information from You only where we have Your consent to do so, where we need the personal information to perform a contract with You, or where the processing is in our legitimate business interests. This may include collection to:

Create new user accounts
To send emails and other communications
Perform customer support services
Respond to service inquiries and questions
To provide Services to individuals with authorized user accounts.
Complete billing for services
As required by applicable law, legal process or regulation
Develop and improve our websites and services
Send marketing communications based on Your activity and interests (Please refer to “How to Manage Your Personal Data” on how You can control the use of Your personal data)
With Your explicit consent, we may use Your information for testimonials or case studies with Your permission

The legal basis for processing your personal information is based on your Consent for our Public facing websites or under Contract for services provided under our Terms of Services agreement.

4. How we may share Your personal information

Customers determine their own policies and practices for the sharing and disclosure of Information, and We do not control how they or any other third parties choose to share or disclose Information. Personal information shared is completed under the principles listed in “How we use Your personal information”. We do not share Your personal information with third parties, except for the for the following situations:

Service Providers. We may use third party service providers to provide and support our services. Each third-party service provider has either entered into a binding agreement with Us that restricts the use of Your personal information to the Service being performed and falls within the principles of “How we use Your personal information”.
Customer Access. Administrators and users of the service may have access to Your data if they are within the same organization and have been granted access rights to Your related data.
Your personal information may be shared with authorized Partners for shared customers.
We use a third-party service provider to manage credit card processing. This service provider is not permitted to store, retain, or use billing information except for the sole purpose of credit card processing on our behalf.
Change in corporate structure. We may need to share Your personal information with third parties as in connection with or as part of negotiation of any merger, financing, acquisition, bankruptcy, dissolution transaction or proceeding involving the sales, transfer, divesture or disclosure of all or a portion of Our business or assets to another company.
To comply with applicable Laws. In response to any lawful request that compels the disclosure of personal information.
To enforce safety. In the event of an emergency to protect the vital interests of an individual

5. How to manage Your personal information

Communication Preferences. Individuals that are receiving communication emails that may be considered marketing in nature can “unsubscribe” by using the method outlined in the email itself. Service notifications and messages can be inactivated through user preferences of the system. Disabling system notifications may impact the functionality of the service and is not recommended by Us.
Updating and Correcting Account Information. Account information for individuals is maintained by the security administrator for your organization. If you have a request to manage Your data, you should contact your security administrator. If you are unable to submit your request to manage Your data through your security administrator, then contact us through the ‘Contact Us’ information in this document. Please include your name and email address when contacting us.

5.1. European Privacy Rights

In adherence to the applicable data protection in the EEA or United Kingdom, if applicable to You, include the rights below. Any right invoked that changes the structure of your personal information in our systems may prevent the use of Our Services.

Right of access. Upon written request sent to the “Contact Us” address, You may request to determine if Your personal information is stored in Our systems and the details of what is stored as constrained by any legal usage rights.

Right of Erasure. Upon written request sent to the “Contact Us”, You may request the removal of all personal information from Our systems once Your identity has been confirmed and the information is no longer necessary for the purposes for which it was originally collected.

Right of Data Portability. Upon written request sent to the “Contact Us” with the specific information being requested and recipient of the transfer, we will work with You to provide the information requested in an acceptable format.

Right to Restrict Processing. You can request that We restrict your personal information from any further processing in any of the following situations:

the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data;
the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead;
the controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defense of legal claims;
in case you object to the processing of your Personal Data by us, where based on our legitimate interest, for as long as it is required to review as to whether we have a prevailing interest or legal obligation in processing your Personal Data.

Right to Rectification. You have the right to request any corrections to your Personal Data maintained by us if it is inaccurate.

Right to Object. In certain circumstances, you have the right to object to the processing of your personal data where, for example, your personal data is being processed on the basis of legitimate interests and there is no overriding legitimate interest for us to continue to process your personal data, or if your data is being processed for direct marketing purposes. If you would like to object to the processing of your personal data, please contact us using the contact details provided below.

6. International Transfers of Data

We may transfer information that we collect about you, including personal information, to affiliated entities, or to other third parties (as provided herein) across borders and from your country or jurisdiction to other countries or jurisdictions around the world. If you are located in the European Union or other regions with laws governing data collection and use that may differ from U.S. law, please note that you are transferring information, including personal information, to a country and jurisdiction that may not have the same data protection laws as your jurisdiction, and you consent to the transfer of information to the U.S. and the use and disclosure of information about you, including personal information, as described in this Privacy Policy.

‍

DocTract may share personal data with third parties as indicated above and consistent with this Privacy Policy.

7. Representation for data subjects in the EU and the UK

We value your privacy and your rights as a data subject and have therefore appointed Prighter as our privacy representative and your point of contact.

‍
Prighter gives you an easy way to exercise your privacy-related rights (e.g. requests to access or erase personal data). If you want to contact us via our representative Prighter or make use of your data subject rights, please visit: https://prighter.com/q/13186877019

8. CCPA Compliance

The California Consumer Privacy Act codifies the data privacy rights of California residents. DocTract complies with the CCPA and does not ‘sell’ (as defined by the CCPA) any Customer Information.

9. Data Security

The security of your personal information is important to us. We follow generally accepted standards to protect the personal information submitted to us, both during transmission and once it is received. If you have any questions about the security of your personal information, you can contact us using the information found in “Contact Us”. No transmission of data over the internet can be guaranteed 100% secure. You acknowledge and agree that the security integrity, and privacy of the data exchanged through Our Sites is not guaranteed.

10. Dispute Resolution or Filing a Complaint

DocTract commits to the resolution of complaints about your privacy and our collection or use of your personal information. DocTract takes its users’ privacy concerns seriously. European Union and Switzerland individuals with inquires or complaints should first email or write to DocTract at the address found in “Contact Us”.

‍

In your letter, please describe in as much detail as possible the ways in which you believe that we have not complied with this Privacy Policy. We will investigate and verify your complaint in a timely manner.

‍

Qualex Corporation d/b/a DocTract. is subject to the investigative and enforcement authority of the United States Federal Trade Commission (FTC).

11. Data Retention

We will retain your personal information for the period necessary to fulfill the purposes outlined in this Privacy Policy unless a longer retention period is required or permitted by law, for legal, tax or regulatory reasons, or other lawful purposes.

‍

When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

12. Changes to this Privacy Policy

We may change this statement from time to time. If we make any changes to this statement, we will change the “Last Updated” date above. If we make any material changes we will notify you by email (sent to the email address specified on your Account) or by means of a notice on this website prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices. You agree that your continued use of our Site, Applications or Services after such changes have been published to our statement will constitute your acceptance of such revised statement.

13. Contact Us

If you have any questions about this Privacy Statement, Our Web sites, or want to exercise your Data Access Rights regarding Personal Information please contact us at:

Attn: Privacy

39555 Orchard Hill Place, Suite 200,

Novi, MI

United States

48375

Email: privacy@doctract.com