Privacy Policy

‍

Effective Date: November 30, 2022

Last Updated on: November 30, 2022

This privacy policy (“Policy”) explains how Coverself Inc. or any of its affiliates or subsidiaries. (“We”, “Us”, “Our”) Processes Personal Data collected from You.

1. DEFINITIONS

Capitalized terms not specifically defined herein shall have the meaning ascribed thereto in the Terms.

1.1. “Controller” means the natural or legal person, public authority, agency, or other body which alone or jointly with others, determines the purposes and means of the processing of Personal Data.

1.2. “Customer” means the entity that has entered into an agreement with Us or accepted the Terms for the subscription and use of the Platform.

1.3. “End-User” means any person or entity with whom the Customer interacts using the Platform.

1.4. “Personal Data” means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

1.5. Process/Processing” means any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

1.6. “Terms” shall mean the service agreement entered into between Us and the Customer governing the use of the Platform or the Terms of Service available at https://www.coverself.com as applicable.

1.7. “You” and “Your” means an identified or identifiable natural person who (i) visits or uses the Website(s); (ii) is a User of the Platform from whom We collect Personal Data as specified in clause2 of this Policy; or (iii) any other natural person from whom We collect Personal Data under clause2 of this Policy.

2. PERSONAL DATA COLLECTED BY US

2.1. You directly provide Us with most of the data We collect. We collect Personal Data from You directly as follows: a) We collect account information including name, e-mail address and phone number of the administrator of the Customer’s Account; b) When You create an account or sign-in as a User of the Customer, We collect information required for authentication of such User’s access to and use of the Customer’s Account; c) When You submit forms on Our Website(s) or as You use interactive features of the Website(s), including providing feedback or suggestions and testimonials, making requests, participation in surveys, contests promotions or sweepstakes, We collect Your feedback, name and e-mail address; d) When You attend an event conducted by Us, including webinars or seminars, We may collect Your contact information such as name, e-mail address, phone number, designation, company name and company email; e) When You interact with Us on public forums, Our social media channels, Our community forums, or Our blogs, We collect the information You provide Us while interacting with Us and Personal Data such as Your name, location and any information You provide in Your bio while registering with such forums; f) When You apply for a job with Us, whether through Our Website(s) or otherwise, We collect Your Personal Data, including your resume, in connection with Your job application; g) When You are a representative of Our business partners, suppliers or vendors, We collect Your name, e-mail and contact information.

2.2. We may also receive Your Personal Data indirectly as follows: a) from third-party sources like marketing lists, databases and social media but only where We have checked that these third parties either have Your consent or are otherwise legally permitted or required to disclose Your Personal Data to Us; b) When a User uses the Platform, We automatically collect information on the type of device they use, and the operating system version; c) When You use or view Our Website(s),information is collected via Your browser’s cookies as described in clause 11 herein; d) We may also collect or receive Your Personal Data from other sources such as Our business or channel partners through whom You create or access Your Account, publicly available sources, email addons and/ or through the combining of information We obtain from third parties along with the Personal Data You provide to Us; e) You can log in to the Platform using sign-in services which will authenticate Your identity and share certain Personal Data with Us such as Your name and email address.

‍

2.3. The Website(s) includes social media features and widgets that are either hosted by a third-party or hosted directly on the Website(s) and Your interaction with these social media features and widgets is governed by the privacy statement of the companies that provide them. You should check Your privacy settings on these third-party services to understand and change the information sent to Us through these services.

3. LEGAL BASIS FOR PROCESSING (EEA REGION)

3.1. If You are a data subject from the European Economic Area, Our legal basis for collecting and using the Personal Data described above will depend on the Personal Data concerned and the specific context in which We collect it.

3.2. We will normally collect Personal Data from You only where it is needed to perform a contract with You, where the Processing is in Our legitimate interests and not overridden by Your data protection interests or fundamental rights and freedoms, or where We have Your consent. In some cases, We may also have a legal obligation to collect Personal Data from You. If We Process Personal Data with reliance on Your consent, You may withdraw Your consent at any time.

3.3. If You have questions or need further information concerning the legal basis on which We collect and use Your Personal Data, please contact Us using the contact details provided under clause 14.

4. PURPOSES FOR WHICH PERSONAL DATA WILL BE PROCESSED

We Process Your Personal Data to: a) facilitate Your access to the Website(s) and Platform; b)process and complete payment transactions for Your use of the Platform; c) provide customer service and support to Users in relation to the use of the Platform; d) to authenticate a User’s identity and help the User log into Our Platform; e) send You communication on Your use of the Platform, updates on Our Terms or other policies governing Your use of the Platform; f) send You communication on new features in the Platform or new service offerings; g) perform Our obligations or receive products/services in accordance with any contract that We may have with You or Your organization, if You are Our vendor; h) Organize events or for other marketing/ promotional activities; i) investigate and prevent fraudulent transactions, unauthorized access to the Website(s)and Platform, and other illegal activities; j) evaluate You for the job position that You have applied for or any position that We consider You suitable for, to ensure that We can make the best recruitment decisions if you have applied for a position with Us, and k) for other purposes for which We obtain Your consent.

5. SHARING OF PERSONAL DATA

5.1. You acknowledge that We will share Your Personal Data with Our group companies and third-party service providers so that they may facilitate Your use and access to Our Platform and/or to send information or updates on the Platform if You are using the Platform.

5.2. When We Process Your order where You are a Customer, We may send Your Personal Data to and also use the resulting information from credit reference agencies to prevent fraudulent purchases.

5.3. We share Personal Data with Our third-party service providers that host and maintain the Our Website(s), applications, backup, storage, payment processing, analytics and other services. These third-party service providers may have access to or Process Your Personal Data for the purpose of providing these services to Us.

5.4. We may share Your Personal Data with third-party providers who assist Us in marketing and promotions in compliance with applicable laws.

5.5. We may be required to disclose Your Personal Data in response to: a) lawful requests by public authorities, including to meet national security or law enforcement requirements; b) subpoenas, court orders, or legal process, and/or c) to establish or exercise Our legal rights or defend against legal claims.

5.6. We may share Your Personal Data to assist investigation and prevention of illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of the Terms, or as otherwise required by law.

5.7. We may also share Your Personal Data with an entity to which we divest all or a portion of Our business, or otherwise in connection with a merger, consolidation, change in control, reorganization or liquidation of all or a portion of Our business.

6. INTERNATIONAL TRANSFER

6.1. We mainly Process Personal Data in the United States of America. However, We may transfer Personal Data outside the United States of America for the purposes referred to in clauses 4 and 5.We will ensure that the recipient of Your Personal Data offers an adequate level of protection that is at least comparable to that which is provided under applicable data protection laws.

6.2. If You are a resident of the European Economic Area and when Your Personal Data is Processed outside EEA, We will ensure that the recipient of Your Personal Data offers an adequate level of protection, for instance by entering into standard contractual clauses for the transfer of Personal Data as approved by the European Commission (Article 46 General Data Privacy Regulation, 2016), or We will ask You for Your prior consent to such international data transfers.

7. SECURITY OF PERSONAL DATA

We use appropriate technical and organizational measures to protect the Personal Data that Wecollect and Process. The measures We use are designed to provide a level of security appropriate tothe risk of Processing Your Personal Data. If You have questions about the security of Your PersonalData, please contact Us immediately as described in this Policy

8. RETENTION OF PERSONAL DATA

8.1. We retain Personal Data collected where an ongoing legitimate business requires retention of such Personal Data.

8.2. In the absence of a need to retain Personal Data under clause 8.1 above, We will either delete it or aggregate it, or, if this is not possible then We will securely store Your Personal Data and isolate it from any further processing until deletion is possible.

9. YOUR RIGHTS

You are entitled to the following rights:

9.1. You can request Us for access and correction of Your Personal Data.

9.2. If We have collected and processed Your Personal Data with Your consent, then You can withdraw Your consent at any time. Withdrawing Your consent will not affect the lawfulness of any processing We have conducted prior to Your withdrawal, nor will it affect Processing of Your Personal Data conducted in reliance on lawful processing grounds other than consent.

9.3. You have the right to complain to a data protection authority about Our collection and use of Your Personal Data. For more information, please contact Your local data protection authority as specified by the applicable data protection laws.

9.4. You have the right to opt-out of marketing communications We send You at any time. You can exercise this right by clicking on the “unsubscribe” or “opt-out” link in the marketing e-mails We send You. To opt-out of other forms of marketing (such as postal marketing or telemarketing), please contact Us.

9.5. If You are a resident of the EEA, UK, or Switzerland, You are also entitled to the following rights:

• You can request Us for deletion and erasure of Your Personal Data.
• You can object to the Processing of Your Personal Data, ask Us to restrict Processing of Your Personal Data or request portability of Your Personal Data.

9.6. If You seek to exercise Your rights under this clause, please contact Us at the details provided in clause 14. We will verify any requests before acting on the request and respond to all requests We receive from individuals wishing to exercise their data protection rights within a reasonable timeframe in accordance with applicable data protection laws.

9.7. In circumstances wherein We receive protected health information (“PHI” as defined under 45 CFR160.103) governed by the Health Insurance Portability and Accountability Act (“HIPAA”) from or on behalf of the Customer (as defined under HIPAA), the Customer is the Covered Entity, as defined under HIPAA. We will use, disclose and protect PHI in accordance with a business associate agreement signed between Us and the Customer. You may enforce Your rights, if permitted under HIPAA, by contacting the Customer.

10. NOTICE FOR CALIFORNIA RESIDENTS

10.1. Clause 10 applies only to California residents and the Personal Information We collect as Business. “CCPA” means the California Consumer Privacy Act of 2018 as amended by the CPRA. “CPRA” means the California Privacy Rights Act. For the purposes of this section, the terms “Business”, “Business Purpose”, “Consumer” “Personal Information”, “Sale/Sell”, “Service Provider” and“ Sensitive Personal Information” shall have the meaning given to them under the CCPA.

10.2. The categories of Personal Information We have collected in the twelve (12) months prior to the Effective Date and that We may collect include:

• Identifiers such as a real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, a device identifier, an internet protocol address, cookies;
• Personal information categories listed in the California Customer Records statute such as name, contact information, education, employment, employment history and financial information;
• Protected classification characteristics under California or federal law such as gender and date of birth;
• Commercial information such as Transaction information, purchase history, financial details and payment information;
• Internet or other electronic network activity information, including, but not limited to, browsing history, search history and information regarding a Consumer’s interaction with an internet website, app or advertisement;
• Geolocation data;

10.3. We may collect these categories of Personal Information under 11.1 for Business Purposes as described in the clause 4 of this Policy.

10.4. We do not Sell Your Personal Information for Our Business Purposes.

10.5. You are entitled to the following rights under the CCPA:

        10.5.1. You can request Us to disclose Your Personal Information We collect, share and disclose.

         10.5.2. You can request Us to delete Your inaccurate Personal Information.

         10.5.3. You have the right to opt out of any Sale of Your Personal Information, if any such sale occurs.

          10.5.4. You can request us to limit the use of Your Sensitive Personal Information.
          10.5.5. You have the right to not be discriminated against for exercising Your rights under CCPA.

10.6. California Consumers may make a request pursuant to their rights under the CCPA by contacting Us at the details provided in clause 14. We will verify any requests before acting on the request and respond to all requests We receive from individuals wishing to exercise their data protection rights within a reasonable timeframe in accordance with the CCPA.

11. COOKIE POLICY

11.1. Cookies are text files that are placed on Your computer to collect standard internet log information and visitor behavior information by Us. When You visit the Website(s), We may collect Personal Data automatically from You through cookies or similar technology. We also set cookies to collect information that is used either in aggregate form to help Us understand how Our Website(s) is being used or how effective Our marketing campaigns are, to help customize the Website(s) for You or to make advertising messages more relevant to You.

11.2. Essential Cookies: We set essential cookies that enable core functionality such as security, network management, and accessibility. You may not opt-out of these cookies. However, You may disable these by changing Your browser settings, but this may affect how the Website(s) functions.

11.3. Analytics, Customization and Advertising Cookies: We set these cookies to help Us improve Our Website(s) by collecting and reporting information on how You use it. The cookies collect information in a way that does not directly identify anyone.

11.4. When You visit the Website(s), a cookie banner will be displayed providing additional information about cookies and options to opt out of non-essential cookies as required by applicable laws.

12. PRIVACY OF CHILDREN

12.1. We recognize the importance of children's safety and privacy. We do not request, or knowingly collect, any Personal Data from children under the age of 16. If a parent or guardian becomes aware that his or her child has provided Us with Personal Data, they should write to Us at the email address provided in clause 14.

13. NOTICE TO END-USER AND OTHER EXCLUSIONS

13.1. Our Platform is intended for use by enterprises. Except for the Personal Data collected from Users under clause 2 for the purposes mentioned under clause 4, this Policy is not applicable to Our Processing of any Personal Data transmitted by the Customer as We will only act as a Processor of such Personal Data and such Processing will be governed by the Terms. In such a case, the End User’s data privacy questions and requests should be submitted to the Customer in its capacity as a Controller. If the End-user is an individual who interacts with a Customer using Our Platform, the End-User will be directed to contact Our Customer for assistance with any requests or questions relating to their Personal Data. We are not responsible for Customers’ privacy or security practices which may be different from this notice. Customers of Our Platform are solely responsible for establishing policies for and ensuring compliance with all applicable laws and regulations, as well as any and all privacy policies, agreements, or other obligations, relating to the collection of Personal Data in connection with the use of Our Platform by End-Users.

13.2. Our Website(s) contain links to other websites. Our Policy applies only to Our Website(s), so if You click on a link to another website, You should read their privacy policy. We encourage You to review the privacy statements of any such other websites to understand their Personal Data practices.

14. CONTACT INFORMATION

You may contact Us if You have any enquiries or feedback on Our data protection policies and procedures, or if You wish to make any request, in the following manner:

Kind Attention: Raghavendra Pawar

Email Address: privacy@coverself.com

Address: 2261 Market Street #4882, San Francisco, CA 94114

15. CHANGES TO THE POLICY

We keep this Policy under regular review and may update this webpage at any time. This Policy may be amended at any time and You shall be notified only if there are material changes to this Policy.