FAQ - AccessETHOS

PRIVACY POLICY

(“Ethos,” “we,” “us,” “our”) is committed to protecting your privacy and ensuring you have a positive experience on our website and in using our Platform, products and services (collectively “Services”).

This Privacy Policy (together with our Terms of Use and any other documents referred to in it, “Policy”) describes the types of information that we may collect from you or that you may provide to us and our practices for collecting, using, protecting and disclosing that information.
If you give us personal information, we will treat it according to this policy. This Policy may be updated from time to time and our website will indicate when the policy has been updated. You may access the current version at any time by clicking on the “Privacy Policy” link at the footer on our website. In some agreements with our users and licensees, we may have provisions related to handling of personal information which may supersede the provisions of this privacy policy.

INFORMATION WE COLLECT

We will collect, process and store personal data only if it is directly provided to us by you. You may do this in your capacity as the user of our Site and Platform. Personal information covers any information which relates to you as an identifiable person or a legal entity. Below are examples of the type of data that this may include:

· “Identity Data” may include forenames and last name, personal or job title and position, location, or similar identifier.

· “Contact Data” may include physical address, email address and telephone number.

· “Transaction Data” may include requests for products and services you have made to us, or in relation to products or services that we have supplied to you.

· "Technical Data” may include internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system, platform and other technology on the devices used to access the Platform.

· “Usage Data” may include enquiries submitted by you, information supplied, and how you use our Platform.

· “Marketing Data” may include details of any preference that you have advised us of in relation to marketing communications from us.
· Additional personal information that you provide to us, directly or indirectly, through your use of our Platform and Site, associated applications, associated social media platforms and/or accounts from which you permit us to collect information.

· Any other personal information requested by us and/or provided by you or a third party.

We may also collect non-personal data such as aggregated data which is data that may be obtained from your personal data, but which does not directly or indirectly identify you. This may include Profile and Usage Data detailing how you use our Platform and areas that you have interacted with.

How do we collect your personal data?

We collect your data from direct interactions with us in person, by phone, email or otherwise or where you have supplied your Identity and Contact Data.

We also collect your data through automated technologies or interactions with our website, including use of the web enquiry form or the chat, where we may collect in addition Transaction, Technical, Usage Data and Marketing Data.

Storage and Security

We are committed to ensuring that the personal information we collect is secure. In order to prevent unauthorized access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure personal information and protect it from misuse, interference, loss and unauthorized access, modification and disclosure.

We cannot guarantee the security of any information that is transmitted to or by us over the Internet. The transmission and exchange of information is carried out at your own risk. Although we take measures to safeguard against unauthorized disclosures of information, we cannot assure you that the personal information we collect will not be disclosed in a manner that is inconsistent with this Privacy Policy.

Disclosure of Personal Information to Third Parties
We may disclose personal information to:
- third party service providers for the purpose of enabling them to provide their services, including (without limitation) IT service providers, data storage, web-hosting and server providers, maintenance or problem-solving providers, professional advisors and payment systems operators;

- our employees, contractors and/or related entities;

- our existing or potential agents or business partners; courts, tribunals, regulatory authorities and law enforcement officers, as required by law, in connection with any actual or prospective legal proceedings, or in order to establish, exercise or defend our legal rights;

- third parties, including agents or sub-contractors, who assist us in providing information, or products or services to you. This may include parties located, or that store data, outside of the United States of America; and

- third parties to collect and process data, such as Google Analytics or other relevant businesses. This may include parties that store data outside of United States of America.

Data accuracy

It is important that the data that we hold about you is accurate and up to date. In the event that your data changes please notify us so that we can update our records.

Personal information: How long we keep it

We retain personal information only for as long as necessary for the uses we have set out above. Individual jurisdictions have different regulatory and legal retention requirements and we are bound to keep certain personal data in accordance with these requirements.

Personal information: How we store and process it

All personal information we gather from you may be processed and stored in any one of our locations and may subsequently be transferred to other countries for further processing, storage, or use by either entity
or third-parties on our behalf. Our staff who need to access personal information to perform their roles will have access to it and have agreed to comply with our policies on data protection.

We also use a number of third-parties to provide services on its behalf. These services may include, but are not limited to, handling, processing and delivery of mailings, providing customer support, hosting websites, processing transactions, performing statistical analysis of our Services, and providing systems and software for administrative functions, such as sales processing, accounting and finance management, and procurement. In such cases, we remain the controller of the personal data, and the third-parties are only permitted to process the data in accordance with our instructions, and in compliance with all applicable data protection regulations in relation to their processing activities.

Disclosure of your information

There are a range of circumstances where we may disclose your data to third parties. These may include (i) regulatory bodies as required by applicable law, (ii) our suppliers who may be involved in the fulfilment of our services to you (iii) third party marketing, where you have consented for us to do so.

Security

We take the confidentiality of personal information very seriously and use recognized security and access controls to protect the information from unauthorized access, loss, misuse, alteration or corruption. We have procedures and processes in place to ensure that your personal information is managed appropriately. However, we will always recommend that you take your own precautions to protect your own personal data whilst using the Internet, including our Platform.

Cookies

We use Cookies to know when you’ve logged into our Site and Platform, remember your preferred site language, location, and other preferences, and may also use cookies to help us understand how our customers use our Services and to deliver advertisements relevant to your interests. This information allows us to personalize the user experience and improve the quality of our Services. Our third-party partners may also use Cookies to provide us with services and for advertising.

Children’s Privacy

We do not knowingly collect Personal Information from children under the age of 13. If we learn that we have collected Personal Information on a child under the age of 13, we will delete that data from our systems. We encourage parents and guardians to go online with their children. Here are a few tips to help make a child’s online experience safer: Teach children never to give Personal Information (such as name, address, phone number, school, etc.) unless supervised by a parent or responsible adult. Know the sites your children are visiting and which sites are appropriate. Look for website privacy policies. Know how your child’s information is treated.

Consent to Transfer, Processing and Storage of Personal Information

We may transfer your Personal Information to the United States, to any our affiliate worldwide, or to third parties acting on our behalf for the purposes of processing or storage, and by providing any Personal Information you fully understand and unambiguously consent to such transfer, processing and storage of such information.

California Residents’ Rights

California law grants California residents certain rights and imposes restrictions on particular business practices as set forth below.

Do-Not-Sell: California residents have the right to opt-out of our sale of their personal information. We do not sell your personal information.

Notice at Collection: We are required to notify California residents, at or before the point of collection of their personal information, the categories of personal information collected and the purposes for which such information is used, and this Privacy Notice above serves this purpose.

Verifiable Requests for Right to Delete, Right to Copy and Right to Know. Subject to certain exceptions, California residents have the right to make the following requests free of charge:

Request to Delete: California residents have the right to request deletion of their personal information that we have collected about them, subject to certain exemptions, and to have such personal information deleted, except where necessary that we maintain such personal information in order to:

Complete the transaction for which the personal information was collected, provide a good or service requested by the California resident, or reasonably anticipated within the context of a business’s ongoing business relationship with the California resident, or otherwise perform a contract between the business and the California resident.

Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute those responsible for that activity.

Debug to identify and repair errors that impair existing intended functionality.

Exercise free speech, ensure the right of another California resident to exercise his or her right of free speech, or exercise another right provided for by law.

Comply with the California Electronic Communications Privacy Act pursuant to Chapter 3.6 (commencing with Section 1546) of Title 12 of Part 2 of the Penal Code.

Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the businesses’ deletion of the information is likely to render impossible or seriously impair the achievement of such research, if the California resident has provided informed consent.

Enable solely internal uses that are reasonably aligned with the expectations of the California resident based on the consumer’s relationship with the business.

Comply with a legal obligation.

Otherwise use the California resident’s personal information, internally, in a lawful manner that is compatible with the context in which the California resident provided the information.

Request for a Copy: California residents have the right to request a copy of the specific pieces of personal information that we have collected about them in the prior 12 months, up to twice every 12 months, and to have this delivered either (a) by mail or (b) electronically in a portable and, to the extent technically feasible, readily useable format that allows the individual to transmit this information to another entity without hindrance.

Request to Know: California residents have the right to request that we provide them certain information, up to twice every 12 months, about how we have handled their personal information in the prior 12 months, including the:

- categories of personal information collected;

- categories of sources of personal information;

- business and/or commercial purposes for collecting and selling their personal information;

- categories of third parties/with whom we have disclosed or shared their personal information;

- categories of personal information that we have disclosed or shared with a third party for a business purpose;

- categories of personal information collected; and

- categories of third parties to whom the residents’ personal information has been sold and the specific categories of personal information sold to each category of third party.

- Submitting Requests. Requests to delete, for a copy, and/or to know may be submitted by contacting us at info@accessethos.com. We will respond to verifiable requests received from California consumers as required by law.

Incentives and Discrimination.

The CCPA prohibits discrimination against California residents for exercising their rights under the CCPA and imposes requirements on any financial incentives offered to California residents related to their personal information.

Discrimination:

Businesses may not discriminate against residents who exercise their rights under CCPA. Discrimination may exist where a business denies or provides a different level or quality of goods or services, or charges (or suggests that it will charge) different prices or rates or impose penalties on residents who exercise their CCPA rights, unless doing so is reasonably related to the value provided to the business by the residents’ data.

Disclosure of Incentives:

If businesses offer financial incentives for the collection, sale or deletion of California residents’ personal information, residents have the right to be notified of any financial incentives offers and their material terms, the right not be included in such offers without prior informed opt-in consent, and the right to be able to opt-out of such offers at any time. Businesses may not offer unjust, unreasonable, coercive or usurious financial incentives. We do not offer any incentives.

California Privacy Rights under California’s Shine-the-Light Law

Under California’s “Shine the Light” law (Cal. Civ. Code § 1798.83), California residents who provide us certain personal information are entitled to request and obtain from us information about the personal information (if any) we have shared with third parties for their own direct marketing use. Such requests may be made once per calendar year for information about any relevant third party sharing in the prior calendar year. California residents who would like to make such a request may submit a request in writing by emailing us at info@accessethos.com. The request should attest to the fact that the requester is a California resident, and provide a current California address.

Provisions specific to EU Citizens

Rights of EU Citizens under the GDPR If you are a citizen of the European Union you have certain rights relating to how others handle your personal information.

These rights are:
1. The right to be informed how your personal information is being used.
2. The right of access your personal information and how it is processed.
3. The right to rectify personal information which is inaccurate or incomplete.
4. The right to erasure – also known as ‘the right to be forgotten’, this refers to an individual’s right to have their personal data deleted or removed.
5. The right to restrict processing, that is, the right to block or suppress processing of your personal data.
6. The right to data portability – this allows individuals to retain and reuse their personal data for their own purpose.
7. The right to object, in certain circumstances, to use your personal data in a manner different from the purpose for which it was provided.
8. Right to prevent automated decision making or profiling based on your data without human intervention.

You may also have the right to make a GDPR complaint to the relevant Supervisory Authority. A list of Supervisory Authorities is available here: https://edpb.europa.eu/about-edpb/board/members_en

Third party links

You might find links to third party websites on our Site and Platform. If you click a link to a third-party website and visit that site, you may be allowing that site to collect and share certain data about you. These websites should have their own privacy policies, which you should check. We do not accept any responsibility or liability for their policies whatsoever as we have no control over them.

Complaints

If you wish to raise a complaint regarding our use of your personal data then please contact info@accessethos.com.

Changes to this policy

We may update these policies to reflect changes to the website and customer feedback. Please regularly review these policies to be informed of how we are protecting your personal data. We welcome any queries, comments or requests you may have regarding this Privacy Policy. Please do not hesitate to contact us.