Effective May 22, 2024
Introduction
Ezassi, Inc., including its affiliates (collectively, “Ezassi”), is strongly committed to the protection of the personal information that we collect and/or maintain in the course of our business activities (“Personal Data”). As part of this commitment, we have set out this Privacy Policy to describe the manner in which we treat our customers’ and prospective customers’ Personal Data when hosted on our cloud-based innovation and collaboration software applications (collectively, “Innovation Software”), as well as Personal Data we collect via other means, such as through our website, www.ezassi.com, and its subdomains and related domains (collectively, “Site”), and from third parties. Please read this document carefully, as it describes how Ezassi collects, uses, shares and secures the personal information you provide. It also describes your choices regarding use, access and correction of your personal information.
Personal Data We Collect
- Innovation Data
Ezassi’s Innovation Software is a powerful, customizable open innovation management software system which helps our customers cultivate and implement innovation faster and more effectively. Ezassi’s Innovation Software allows our customers to upload, evaluate and visualize ideas and information related to the innovation process (“Innovation Data”). Our customers choose the types of Innovation Data they upload into the Innovation Software. Ezassi does not collect or use the Innovation Data for any purpose other than as described in this Privacy Policy, to provide the innovation management services our customers request or as otherwise described in the agreement between us and our customer.
- Web Site and Other
We may collect and use the following information via the Site or other activities:- If you express an interest in obtaining additional information about our services, request customer support, use our “Contact Us” or similar features, register to use our Site, sign up for an event or webinar, or download certain content, we generally require you to provide us with your contact information, such as your name, job title, company name, address, phone number, email address, or username and password in order to fulfill your request;
- If you register for an event, we may also require you to provide us with financial and billing information, such as billing name and address and credit card number so that we may process your payment;
- If you register for an online community that we host, we may ask you to provide a username, email address, photo and/or biographical information such as your occupation, social media profiles, company name, and areas of expertise to improve the quality of our Site;
- If you use and interact with our Site, we automatically collect log files and other information about your device and your usage of our Site through cookies, web beacons or similar technologies, such as pages visited, IP addresses, browser type and operating system, Internet service provider or mobile carrier, location data, and other identifiers, so that we may analyze trends, monitor and administer the Site, enforce our security policies and terms of use, provide a more tailored and personalized experience for our users, and gather demographic information about our user base as a whole;
- If you receive email from us, we may place web beacons in marketing emails that notify us when you click on a link in the email so that we may better understand your interests and needs;
- If you visit our offices, you may be required to register as a visitor and to provide a copy of your government issued identification and the date and time of arrival for security purposes.
Our Site contains links to other websites, applications and services maintained by third parties (“Third Party Sites”). Our Site also includes social media features, such as the Facebook “like” button, the “Tweet” button and other social media widgets (“Social Media Widgets”). The privacy practices of Third Party Sites and Social Media Widgets are governed by the respective third-party’s privacy policy, which we encourage you to review to better understand their privacy practices. If you are logged into your social media account, it is possible that the respective social media network can link your visit of our Site with your social media profile.
- We may also collect information about you from other sources, including third parties from whom we have purchased Personal Data, and combine this information with Personal Data provided by you. This helps us to update, expand and analyze our records, identify new customers, and create more tailored advertising to provide services that may be of interest to you. In particular, we may collect: business contact information, including mailing address, job title, email address, phone number, web use behavior data, IP addresses, social handles, LinkedIn URL and third-party data providers for the purposes of targeted advertising, delivering relevant email content, event promotion and profiling.
Data Retention
Ezassi retains Innovation Data according to the terms of the Subscription Agreement and as long as necessary to satisfy our legal obligations. Other Personal Data may be retained for a period of time consistent with the original purpose of the collection. After expiry of the retention periods, your Personal Data will be deleted and/or properly anonymized.
Personal Data We Share
As a matter of practice, Ezassi does not disclose, trade, rent, sell or otherwise transfer personal information provided to us, except as set out in this Privacy Policy.
- We may disclose or transfer personal information to our contracted partners, consultants and suppliers who provide services on our behalf (collectively, “Service Providers”). Our service providers are given only the information they need to perform their designated functions, and we do not authorize them to use or disclose personal information for their own purposes. These services may include:
- providing, managing, and securing our cloud computing infrastructure, including data backup and resiliency;
- event registration and management for events and webinars;
- marketing assistance and customer service;
- audit, analysis or other business functions.
- We and our Service Providers may provide personal information in response to a search warrant or other legally valid inquiry or order, or to an investigative body in the case of a breach of an agreement or contravention of law, or as otherwise required or permitted by applicable law. We may also disclose personal information where necessary for the establishment, exercise or defense of legal claims and to investigate or prevent actual or suspect loss or harm to persons, data or property.
- Personal Data collected from the Site may be shared with our affiliated companies in order to deliver the products and services we offer or in order to undertake analysis of our database such as aggregate profiling of our Registered Users.
- In the event that we are, or substantially all of our assets are, acquired (whether by merger, consolidation, or purchase), Personal Data and Innovation Data will be transferred. In addition, if we become the subject of a bankruptcy proceeding (whether voluntary or involuntary), we or our trustee in bankruptcy may sell, license, or otherwise dispose of such information in a transaction approved by the bankruptcy court. In such circumstances, Registered Users will be notified via e‑mail or through a prominent notice posted on the Site.
Security Measures
We maintain appropriate technical, physical and organizational measures to protect Personal Data and Innovation Data, including assuring that third-party service providers who access or handle personal information on our behalf and affiliates maintain such safeguards. However, no method of Internet transmission or electronic storage is 100% secure or error-free, so it is not possible to guarantee absolute security.
You must protect against unauthorized access to your password and to your computer, and be sure to sign off when finished using a shared computer. If we have given you or you have chosen a password which enables you to access certain portions of our Site, you are responsible for keeping this password confidential. You should not share your password with anyone. If you have reason to believe that your interaction with us is no longer secure (e.g., if you feel that the security of any account you might have with us has been compromised), please notify us immediately (see “Contact Us” below).
Opt Out
You may be able to opt-out of certain processing. For example, if you would like to discontinue receiving our newsletter, you may update your email preferences by using the “Unsubscribe” link found in the emails we send. You may also configure your browser to reject cookies, web beacons, and other statistical analysis tools, though doing so may affect the performance or functionality of the Site. For additional help, please contact us in accordance with the “Contact Us” section below.
Children
Our Site is not directed at children. We do not knowingly collect Personal Data from children under the age of 16. If you are a parent or guardian and believe your child has provided us with Personal Data without your consent, please contact us as described in the “Contact Us” section below and we will take steps to delete such Personal Data from our systems.
EU General Data Protection Regulation
The European Union has taken a monumental step in protecting the fundamental right to privacy for every EU resident with the General Data Protection Regulation (GDPR) which is effective from May 25, 2018. This regulation enhances the data privacy protections for EU citizens and is a mandatory requirement for any company with access to personal data of EU citizens. As a data processor serving many multi-national companies with employees in the EU, Ezassi is committed to full compliance with GDPR regulations and the protection of our customers’ Personal Data and Innovation Data.
- Legal Basis for Innovation Data
In the context of GDPR and with respect to Innovation Data, Ezassi is a data processor acting on behalf of and under the direction of our customers, who are the data controllers. Ezassi has worked extensively to ensure that our subscription and related agreements (“Subscription Agreements”) contain appropriate provisions for Personal Data we store, and balance the risks and responsibilities between us, our customers, and those individuals which our customers have authorized to use the Innovation Software (“Registered Users”). Ezassi’s legal basis for data processing of Innovation Data is based on the contractual obligations in the Subscription Agreements and in the employment contract or other such contracts as may exist between our customers and their Registered Users.
- Legal Basis for Other Personal Data
With respect to other Personal Data that Ezassi collects, Ezassi is the data controller. The legal basis for data processing in this case is consent and, accordingly, you have certain rights subject to local data protection laws:
- to access your Personal Data held by us;
- to rectify inaccurate Personal Data and ensure it is complete;
- to erase your Personal Data to the extent permitted by other legal obligations;
- to restrict our processing of your Personal Data;
- to transfer your Personal Data to another controller, subject to certain limitations;
- to object to any processing of your Personal Data carried out on the basis of your consent;
- not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects;
- to the extent we base the collection, processing and sharing of your Personal Data on your consent, to withdraw your consent at any time, without affecting the lawfulness of the processing based on such consent before its withdrawal.
- Limited Use of Data
When Ezassi processes Innovation Data received from a customer or Registered User, Ezassi does so pursuant only to the Subscription Agreement and the customer’s instructions and prior authorization. Ezassi processes other Personal Data only to the extent that the data subjects have given consent to such processing, or, in the case of anonymized, statistical data, according Ezassi’s legitimate interests.
- How to Exercise Your Rights
To exercise your rights, please contact us in accordance with the “Contact Us” section below. We try to respond to all legitimate requests within one month and will contact you if we need additional information from you in order to honor your request. Occasionally it may take us longer than a month, taking into account the complexity and number of requests we receive.
Regarding Innovation Data, Ezassi processes only the data which our customers and their Registered Users have chosen to share. Ezassi’s right to access, process, modify or delete such data is governed by the Subscription Agreement and Ezassi has only limited means of directly satisfying requests to erase, rectify or port Innovation Data. To ensure that EU citizens are able to exercise those rights, Ezassi’s data protection officer coordinates heavily with our customers’ data protection officers and, where appropriate, their EU member representatives. EU citizens with privacy concerns about Innovation Data may contact our data protection officer in accordance with the “Contact Us” section below. Please provide the name of the Ezassi customer who submitted your data when you contact us. We will refer your request to that customer, and will support them as needed in responding to your request within a reasonable timeframe.
If you need further assistance regarding your rights, please contact us using the contact information provided below and we will consider your request in accordance with applicable law. In some cases our ability to uphold these rights for you may depend upon our obligations to process personal information for security, safety, fraud prevention reasons, compliance with regulatory or legal requirements, or because processing is necessary to deliver the services you have requested. Where this is the case, we will inform you of specific details in response to your request.
Your Personal Data may be collected, transferred to and stored by us in the United States.
UPDATED 7/25/2023
For EU and Swiss Individuals: BBB National Programs Data Privacy Framework Services Notice for Personal Data Transfers to the United States
Ezassi complies with the EU-U.S. Data Privacy program Framework (EU-U.S. DPF) and the Swiss-U.S. Data Privacy program Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Ezassi has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework program Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF. Ezassi has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework program Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit //www.dataprivacyframework.gov/.
Pursuant to the BBB National Programs Data Privacy Frameworks, EU and Swiss individuals have the right to obtain our confirmation of whether we maintain personal information relating to you in the United States. Upon request, we will provide you with access to the personal information that we hold about you. You may also may correct, amend, or delete the personal information we hold about you. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the United States under Data Privacy Frameworks, should direct their query to privacy@ezassi.com. If requested to remove data, we will respond within a reasonable timeframe.
We will provide an individual opt-out or opt-in choice before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your personal information, please submit a written request to privacy@ezassi.com.
Ezassi is responsible for the processing of personal data it receives under the BBB National Programs Data Privacy Framework and subsequently transfers to a third party acting as an agent on its behalf. Ezassi complies with the Data Privacy Framework Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to the Data Privacy Framework, Ezassi is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, Ezassi may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
In compliance with the Data Privacy Framework Principles, Ezassi commits to resolve complaints about our collection or use of your personal information. EU and Swiss individuals with inquiries or complaints regarding our Data Privacy Framework policy should first contact Ezassi at: privacy@ezassi.com. Written inquiries may be addressed to:
Ezassi, Inc.
Attn: Privacy Officer
822 A1A North, Suite 104
Ponte Vedra Beach, FL 32082 USA
Ezassi has further committed to refer unresolved Data Privacy complaints to BBB National Programs Data Privacy Framework Services, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact or visit //bbbprograms.org/programs/all-programs/dpf-consumers/ProcessForConsumers for more information or to file a complaint.
In compliance with the EU-US Data Privacy Framework Principles, Ezassi commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to the DPF Principles. European Union and Swiss individuals with DPF inquiries or complaints should first contact privacy@ezassi.com.
Ezassi has further committed to refer unresolved privacy complaints under the DPF Principles to an independent dispute resolution mechanism, Data Privacy Framework Services, operated by BBB National Programs. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit //bbbprograms.org/programs/all-programs/dpf-consumers/ProcessForConsumers for more information and to file a complaint. This service is provided free of charge to you.
If your DPF complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See //www.dataprivacyframework.gov/s/article/G-Arbitration-Procedures-dpf?tabset-35584=2
Contact Us
The Data Protection Officer for Ezassi may be reached by email at privacy@ezassi.com. You may also send correspondence to:
Data Protection Officer
822 A1A North
Suite 104
Ponte Vedra Beach, FL 32082 USA
Please be sure to include in your request:
First and last name
Email address
Country
The name of the related Ezassi client
Details of your question, comment or request