Effective Date
March 1, 2021
Total Care Holdings LLC, CallCorp, and its Group Companies (collectively “Company”, “we”, “us”, and “ours”) is committed to protecting your privacy. This Privacy Notice (“Notice”) describes how Company processes Personal Data in its capacity as a controller (i.e. Company decides what Personal Data is collected and what it is used for) or processor (i.e. Company only processes the data as per the controller’s instructions), as the case may be. This policy is applicable to Company Products (web platform and mobile applications) and to Company public websites, www.callcorp.com. In this policy, the term “Website” shall have the same meaning as defined in the Terms of Service (“Terms”). It also describes your choices regarding use, access and correction of your Personal Data.
DEFINITIONS
The capitalized terms used in this Notice but not defined herein shall have the same meaning as defined in the Terms of Service.
WHOM DOES THIS NOTICE APPLY TO?
This Notice applies to (i) entities or individuals, including End-Users and Users, who access our Service(s) and by using the Services have agreed to the Terms (hereinafter referred to as the “Customer”) and (ii) individuals (“Individuals”) from whom Company collects data as a controller as specified below.
ANY QUESTIONS?
If you have questions or complaints regarding our privacy notice or practices, please contact us at privacy@callcorp.com.
WHAT PERSONAL DATA DOES COMPANY COLLECT AND WHY?
- A) Personal Data we collect and process for our own purposes: Collected Data
When you visit our Websites, use our platform or participate in Company’s events, Company may collect information, which may include Personal Data, from Individuals as set forth below (collectively referred to as “Collected Data”). For the purposes of General Data Protection Regulation (GDPR), Company shall be the controller for the Collected Data – this means that Company decides what Collected Data is processed and why.
When does Company process Collected Data?
1) Sign-up, billing and Account information.
When you subscribe and sign-up to any of our Service(s), we may collect your (i) contact information such as name, e-mail address, mailing address, IP address, geographic location, or phone number of the Account admin; (ii) billing information, such as credit card number and billing address; (iii) name and e-mail address when Account admin/Agent(s) provide feedback from within the Service(s); and (iv) unique identifiers, such as username, account number or password.
Subject to this Notice and the Terms, we will use such data, including without limitation, to (i) provide you the Service(s); (ii) send you communication from the Service(s); (iii) assess needs of your business to determine or suggest suitable Service(s); (iv) send you requested information about the Service(s); (v) respond to customer service requests, questions and concerns; (vi) administer your Account; (vii) send you promotional and marketing communications (where you have requested us to do so); and (viii) facilitate your transactions with other users when you use our Service(s).
2) Company Careers.
When you apply for an open position by populating the application form, we may collect your (i) contact information, such as name, email address, mailing address, phone number, links to your social networking profiles; and (ii) any other information contained in the resume that you submit to us.
Subject to this Notice, we will use such data to evaluate you for the open position that you have applied for or any position that we consider you suitable for at the time you submit your resume or at any later date. Unless you notify us otherwise by an email to careers@callcorp.com, we will retain such data for a period of 1 year for archival purposes. If you wish to update the data you provided to us, you may do so by contacting us at careers@callcorp.com.
For the purposes of evaluating you for an open position, you understand that we may internally rate you based on parsing of your resume and your information. If you do not wish to be rated by us, please do not provide us your information.
3) Events.
When you attend an event conducted by Company, including webinars or seminars, we may collect your contact information such as name, e-mail address, designation and company name.
Subject to this Notice, we will use such data, including without limitation, to (i) assess needs of your business to determine or suggest suitable Service(s); (ii) send you requested information about the Service(s); (iii) send you promotional and marketing communications (where you have requested us to do so); and (iv) respond to your questions and concerns.
4) Program Registrations.
When you register for any of our programs through a registration form on our Websites, we may collect information such as name, e-mail address, company name and website URL, company details, location and contact information. Subject to this Notice, we will use such data, including without limitation, to (i) facilitate your use of the program portal for which you have registered; (ii) send you communication from within the Service(s); (iii) send you requested information about our Service(s); (iv) respond to your requests, questions and concerns; and (v) send you promotional and marketing communications (where you have requested us to do so).
5) Public forums, Forms and Newsletters.
When you visit our publicly accessible community forums and blogs or submit any forms on our Website, you should be aware that any information you provide in these areas may be read, collected, and used by others who access them. Further, we may collect your (i) contact information such as name, e-mail address, mailing address, or phone number; (ii) information about your business, such as company name, company size, business type; and (iii) a short bio about you to identify you as the author of the post. When you actively subscribe to our newsletters, we collect your e-mail address to share our newsletters with you.
Subject to this Notice, we will use such data, including without limitation, to (i) assess needs of your business to determine or suggest suitable Service(s); (ii) send you requested information about the Service(s); (iii) send you promotional and marketing communications (where you have requested us to do so); and (iv) respond to your questions and concerns.
6) Cookies, Sub-Processors and Similar Technologies.
We use cookies and similar technologies in analyzing trends, administering the website, tracking users’ movements around the site, and gathering demographic information about our user base as a whole. We may receive reports based on the use of these technologies on an individual and aggregated basis. Most web browsers support cookies and users can control the use of cookies at the individual browser level. Please note that if you choose to disable cookies, it will limit your use of certain features or functions on our Websites and services.
As is true of most websites, we gather certain information automatically and store it in log files. This information may include internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, the files viewed on our Website (e.g., HTML pages, graphics, etc.), operating system, date/time stamp, and/or clickstream data. We link this automatically-collected data to other data we collect about you. We do this mainly to improve services We offer you, to improve marketing, analytics, and/or Website performance and functionality.
Use of Cookies
This Cookie Statement explains how the Company uses cookies and similar technologies to recognize you when you visit our Websites. It explains what these technologies are and why we use them, as well as your rights to control our use of them.
What are Cookies?
Cookies are small pieces of information stored on your hard drive, not on the Company Website. Cookies set by the website owner (in this case, Company) are called “first party cookies”. Cookies set by parties other than the website owner are called “third party cookies”. Third-party cookies enable third party features or functionality to be provided on or through the website (e.g. like integrated features, interactive content and analytics). The parties that set these third party cookies can recognize your computer both when it visits the website in question and also when it visits certain other websites.
Why do we use cookies?
We use first-party and third-party cookies for several reasons. Some cookies are required for technical reasons in order for our Websites to operate, and we refer to these as “essential” or “strictly necessary” cookies. Other cookies also enable us to track and target the interests of our users to enhance the experience on our Websites. Third parties serve cookies through our Websites for advertising, analytics and other purposes. This is described in more detail below.
Cookies served through our Websites
The specific types of first and third-party cookies served through our Websites and the purposes they perform are described in the table below (please note that the specific cookies served may vary depending on the specific Website you visit). Please contact privacy@callcorp.com for list of first and third-party cookies or to “Opt-out” if you do not want to be tracked by a provider.
Sub-processors
Sub-processors are third-party businesses engaged by a processor for performing data processing on behalf of a controller. According to the GDPR, these companies are also accountable for the protection of an individual’s personal data. Data protection obligations of sub-processors are to be established by way of contract or other legal acts under the Union or Member State law. This includes providing sufficient guarantees to implement appropriate technical and organizational measures as specified in the regulation.
Company uses sub-processors to assist in providing services as described in the our Terms of Service or a similar services agreement customers may have signed with us.
Governance
Company partners with organizations that like itself adhere to global standards and regulations. Apart from evaluation for technical requirements, Company ensures examination of data protection measures, compliance with Company’s security requirements and security audit reports before close of contract. Initial agreements include review and approval of – provision for breach notification in the event of unwarranted data incidents, and necessary security measures for data protection.
Agreements
As part of Company’s Terms of Service for compliance, Company, upon request, provides all EU customers a data processing addendum (DPA) that covers its obligations under the GDPR. If you operate in this region, you may request a copy of the DPA. Company DPA automatically applies to the processing of EU personal data and no additional paperwork is required in this regard.
List of Sub-processors
Company utilizes both infrastructure and services specific vendors to provide product and services to its Controllers (Company’s customers) and end-users. To obtain a current list of Company’s Sub-processors, please contact support@callcorp.com.
Infrastructure & Services Sub-processors:
Company products and services operate on cloud platforms, listed in the table below. Company holds control and access to data hosted on these services and resides in corresponding data center facilities based on location or choice (plan) of the Controller (Company’s customer). Data subsequently remains in the data center unless, shifted to ensure performance and availability of services, or specifically agreed between the Controller and Company as per the needs of the Controller. To obtain a current list of the services and purposes for which these infrastructure service providers have been engaged, please contact support@callcorp.com.
To be able to provide specific functionality within its products and services, Company partners with third-party services. These entities are sub-processors with access to service data (limited to purpose and use of indicated services) to obtain a current list of Our partners providing third-party services, please contact support@callcorp.com.
7) Analytics.
Apart from the aforementioned information collected by us, we automatically receive and record certain Personal Data of yours when You visit our Websites. This includes device model, IP address, the type of browser being used, usage pattern through cookies and browser settings, query logs and product usage logs. We also collect clicks, scrolls, conversion and drop-off on our Websites and Service(s) to render user journeys in real-time. Subject to this Notice, we will use such data and Service Data, including without limitation, to (i) assess needs of your business to determine or suggest suitable Service(s); (ii) send you requested information about the Service(s); (iii) respond to customer service requests, questions and concerns; and (iv) for any analytical purposes.
You authorize Company and its service providers to perform analytics on such Collected Data and Service Data, to (i) improve, enhance, support and operate the Websites; and (ii) compile statistical reports and record insights into usage patterns. You acknowledge that Company uses Collected Data and Service Data, as the case may be, for the aforementioned purposes.
8) Testimonials.
We may post your testimonials/comments/reviews on our Websites which may contain your Personal Data. Prior to posting the testimonial, we will obtain your consent to post your name along with the testimonial. If you want your testimonial removed, please contact us at privacy@callcorp.com.
9) Marketing communications.
When you have agreed to, we may use your email address, collected as part of Collected Data, to send our newsletters and/or marketing communications about our products and services. Where you have so requested, we will also send you marketing communications about our third-party partners. If you no longer wish to receive these communications, you can opt-out by following the instructions contained in the emails you receive or by contacting us at privacy@callcorp.com.
What is our legal basis for processing Personal Data (EEA and Swiss Visitors only)?
If you are a Visitor from the European Economic Area or Switzerland, our legal basis for collecting and using the Personal Data described above will depend on the Personal Data concerned and the specific context in which we collect it.
However, we will normally collect Personal Data from you only where we need the Personal Data to perform a contract with you, or where the processing is in our legitimate interests or rely upon your consent where we are legally required to do so and not overridden by your data protection interests or fundamental rights and freedoms. In some cases, we may also have a legal obligation to collect Personal Data from you or may otherwise need the Personal Data to protect your vital interests or those of another person.
If we ask you to provide Personal Data to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your Personal Data is mandatory or not (as well as of the possible consequences if you do not provide your Personal Data).
Similarly, if we collect and use your Personal Data in reliance on our legitimate interests (or those of any third party), we will make clear to you at the relevant time what those legitimate interests are.
If you have questions about or need further information concerning the legal basis on which we collect and use your Personal Data, please contact us using the contact details provided below.
- B) How we process Service Data
For purposes of the GDPR and the Swiss Federal Act on Data Protection, we are the processor when we process Service Data as per your instructions. We are the controller of Service Data when we process Service Data for improving our Service(s) as expressly permitted by you according to this Notice. Service Data, as defined in the Terms, means all electronic data, text, messages or other materials, including Personal Data of Users and End-Users, submitted to the Service(s) by you through your Account in connection with your use of the Service(s), including data collected under “Other Information” and “Mobile Applications” below.
If you are an EEA or Switzerland-based customer, then you are responsible for compliance with the applicable data protection law where you are the “controllers”. In your role as a controller, you are authorizing, on behalf of you and your authorized agents and End-Users, and representing that you have the authority to provide such authorization to the processing and transfer of Personal Data in and to the United States and other countries which may have different privacy laws from your or their country of residence. As the controller, it shall be your responsibility to inform the End-Users about the processing, and, where required, obtain necessary consent or authorization for any Personal Data that is collected as part of the Service Data through your use of the Service(s). We will take all steps reasonably necessary to ensure that the Service Data is treated securely and in accordance with this Notice. We will work with you to help you provide notice to your customers concerning the purpose for which Personal Data is processed by Us.
As the processor of Personal Data on your behalf, we follow your instructions with respect to the Service Data to the extent consistent with the functionality of our Service(s). We implement technical, physical and administrative measures against unauthorized processing of such information and against loss, destruction of, or damage to, Personal Data.
Except as expressly permitted by you under this Notice, we do not own, control or direct the use of Service Data, and only access such information as reasonably necessary to provide the Service(s) (including to respond to support requests), as otherwise authorized by you or as required by law. Unless we explicitly agree otherwise in writing, you will not process sensitive personal data (such as health data) on our platform.
Other Information.
Where a User or End-User uses the Service(s), we automatically receive and record certain information of such user. This information includes device model, IP address, the type of browser being used, usage pattern through cookies and browser settings, query logs and product usage logs (collectively referred to as “Other Information”).
Mobile Applications.
When you download, install and use our Mobile Applications, we automatically collect information on the type of device you use, operating system version, and the device identifier (or “UDID”).
We use mobile analytics software to allow Us to better understand the functionality of our Mobile Software on your phone. This Software may record certain information such as how often you use the application, the events that occur within the application, aggregated usage, performance data, and where the application was downloaded from. We do not link the information we store within the analytics software to any personally identifiable information you submit within the Mobile Applications.
Subject to this Notice, we will use such data to (i) provide and manage Mobile Application; (ii) if you have opted in to receiving push notifications, send you push notifications from time-to-time in order to update you about any events or promotions that we may be running and/or update you about new features to our Service(s); (iii) send you promotional and marketing communications (where you have requested us to do so). If you no longer wish to receive these types of communications, you may turn them off at the device level.
Improving and enhancing our Service(s).
You expressly authorize us and the service providers we use to process the Service Data in our systems to (i) provide, improve, enhance, support and operate the Service(s) and its availability; (ii) develop new products and services including improving our products and services using machine learning technologies; and (iii) compile statistical reports and record insights into usage patterns.
SINGLE SIGN-ON
You can log in to our Websites using sign-in services such as, but not limited to, Google, Facebook Connect, Microsoft, and LinkedIn. These services will authenticate your identity and provide you the option to share certain Personal Data with us such as your name and e-mail address. Services like Google, Facebook Connect, Twitter, LinkedIn give you the option to post information about your activities on our Websites to your profile page and to share information with others within your network.
SOCIAL MEDIA FEATURES
Our Websites include social media features, such as the Facebook “Like” button, the “Share This” button or interactive mini-programs. Where you interact with these features, they may collect your IP address, which page you are visiting on our Websites, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on our Websites. Your interactions with these features are governed by the privacy notice of the company providing them. Please see our Cookies Policy for further information.
SHARING OF PERSONAL DATA
We process Personal Data in the United States and the European Economic Area (“EEA”) and in other countries through third parties that we may use.
We may also share your Personal Data as follows:
- With a third-party assisting Company in providing you the Service(s) (“Sub-Processors”). Our Sub-Processors are given access to Customer’s Account and Service Data only as reasonably necessary to provide the Service(s) and will be subject to confidentiality obligations in their service agreements;
- With third-party service providers providing services, such as research and analytics, anti-spamming and anti-phishing services, marketing and data enrichment;
- For email users : with third parties (sub contractors) to permit such parties to provide services that help us to provide our business activities, which may include assisting us with marketing, advertising our product/service offerings, or providing, maintaining and improving the features and functionality of the Services, among other things. All third parties are engaged under contract and obliged to meet appropriate security requirements and comply with all applicable legislation;
- With third-party payment processors who process your credit card and other payment information for Company but are otherwise not permitted to store, retain or use such information;
- With third party partners for the purpose of assisting us in onboarding you and providing any further support needed to use our Service(s);
- With affiliates within Company and companies that we will acquire in the future when they are made part of the Company group for customer support, marketing, technical operations, account management or organizational purposes and to provide, enhance and improve the Service(s);
- If we are involved in a merger, reorganization or other fundamental corporate change with a third party, or sell/buy a business unit to/from a third party, or if all or a portion of our business, assets or stock are acquired by a third party, with such third party including at the due diligence stage. In accordance with applicable laws, we will use reasonable efforts to notify you of any transfer of Personal Data to unaffiliated third party.
All such transfers are covered by the service agreements with the relevant recipients and we have taken appropriate safeguards to ensure that your Personal Data will remain protected in accordance with this Privacy Notice. Further details can be provided upon request.
HOW DOES COMPANY KEEP PERSONAL DATA SECURE?
We use appropriate technical and organizational measures to protect the Personal Data that we collect and process. The measures we use are designed to provide a level of security appropriate to the risk of processing your Personal Data.
While information security risks are always evolving, so are the controls. The controls, so implemented, are periodically reviewed as part of internal and external audits. If you have questions about the security of your Personal Data, please contact us immediately as described in this Privacy Notice.
EEA AND SWISS SPECIFIC RIGHTS
- A) Collected Data
If you are an individual resident in EEA or Switzerland, you have the following data protection rights regarding Collected Data:
- If you wish to access, correct, update or request deletion of your Personal Data, you can do so at any time by contacting us.
- You can object to processing of your Personal Data, ask us to restrict processing of your Personal Data or request portability of your Personal Data. Again, you can exercise these rights by contacting us.
- You have the right to opt-out of marketing communications we send you at any time. You can exercise this right by clicking on the “unsubscribe” or “opt-out” link in the marketing emails we send you. To opt-out of other forms of marketing (such as postal marketing or telemarketing), please contact us.
- Similarly, if we have collected and process your Personal Data with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your Personal Data conducted in reliance on lawful processing grounds other than consent.
- You have the right to complain to a data protection authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority.
If you seek access to, or wish to correct, update, modify or delete Personal Data (hereinafter referred to as a “Request”) which forms a part of Collected Data, please contact us at privacy@callcorp.com. We respond to all requests we receive from individuals wishing to exercise their data protection rights within a reasonable timeframe in accordance with applicable data protection laws.
- B) Service Data
We acknowledge that you have the right to access your Personal Data. Company has no direct relationship with the individuals whose Personal Data it processes. If you seek access to, or wish to correct, update, modify or delete Personal Data (hereinafter referred to as a “Request”) which is part of the Service Data and processed by us on behalf of our Customer or if you are an End-User of one of our Customers and would no longer like to be contacted by one of our Customers that uses our Service(s), you should direct your query to our Customer i.e, the controller. If requested to remove data, We will respond within a reasonable timeframe.
If you are a Customer of our Service(s) and wish to raise a Request on behalf of your Users and End-Users in connection with Service Data, you may raise a ticket on the support portal of the relevant Service. Please note that if a Customer has subscribed to more than one Service, a Request on a particular Service support portal is specific to that Service only and separate Requests need to be raised across other relevant Service support portals.
CALIFORNIA-RESIDENT SPECIFIC RIGHTS
To the extent you are a ‘consumer’ as defined under the California Consumer Privacy Act of 2018 (“CCPA”) and Company is a ‘business’ as defined under CCPA, the following applies to you:
Subject to the provisions of the CCPA, you have the right to request in the manner provided herein, for the following:
- Right to request for information about the:
– Categories of Personal Data Company has collected about you.
– Specific pieces of Personal Data Company has collected about you.
– Categories of sources from which the Personal Data is collected.
– Business or commercial purpose for collecting Personal Data.
– Categories of third parties with whom the business shares Personal Data.
- Right to request for deletion of any Personal Data collected about you by Company.
If you seek to exercise the foregoing rights to access or delete Personal Data which constitutes ‘personal information’ as defined in CCPA, please contact us at privacy@callcorp.com. We respond to all requests we receive from you wishing to exercise your data protection rights within a reasonable timeframe in accordance with applicable data protection laws. By writing to us, you agree to receive communication from us seeking information from you in order to verify you to be the consumer from whom we have collected the Personal Data from and such other information as reasonably required to enable us to honor your request.
The list of categories of Personal Data collected and disclosed about consumers are enlisted under the heading “What Personal Data Does Company Collect and Why?”.’ and the list of categories of third parties to whom the Personal Data was or may be made disclosed are enlisted under the heading “Sharing of Personal Data”. Separately, Company does not sell your Personal Data.
OTHER COMMUNICATIONS
If you are our Customer, we will send you announcements related to the Service(s) on occasions when it is necessary to do so. For instance, if our Service(s) is temporarily suspended for maintenance, we might send you an email. Generally, you may not opt-out of communications which are not promotional in nature. If you do not wish to receive them, you may deactivate your Account.
RETENTION OF PERSONAL DATA
If you wish to request that we no longer use your Collected Data, please contact us at privacy@callcorp.com.
Personal Data contained in the Service Data is retained and deleted in accordance with the Terms.
Notwithstanding the foregoing, we will retain Collected Data and Service Data as necessary to comply with our legal obligations, for litigation/defense purposes, maintain accurate financial and other records, resolve disputes, and enforce our agreements.
LINKS TO THIRD-PARTY SITES
Our Websites contain links to other websites that are not owned or controlled by Company. Please be aware that we are not responsible for the privacy practices of such other websites or third parties. We encourage you to be aware when you leave our Websites and to read the privacy policies of each and every website that collects Personal Data.
CHILDREN’S PERSONAL DATA
Company does not knowingly collect any Personal Data from children under the age of 16. If you are under the age of 16, please do not submit any Personal Data through our Websites or Service(s). We encourage parents and legal guardians to monitor their children’s Internet usage and to help enforce this Notice by instructing their children never to provide Personal Data through our Service(s) or Websites without their permission. If you have reason to believe that a child under the age of 16 has provided Personal Data to us through our Websites or Service(s), please contact us and we will endeavor to delete that information and terminate the child’s account from our databases.
AMENDMENTS
Amendments to this Notice will be posted to this URL and will be effective when posted. If we make any material changes, we will notify you by means of a notice on this Website prior to the change becoming effective and if you are our Customer, via e-mail (specified in your Account). Provided we will not be notifying you if we amend the Notice to make additions, deletions or modifications to the list of cookies from time to time to keep the list of cookies current and accurate. You should frequently visit this Notice to check for amendments. Your continued use of our Websites or the Service(s) following the posting of any amendment, modification, or change to this Notice shall constitute your acceptance of the amendments to this Notice. You can choose to discontinue use of the Websites or Service(s), if you do not accept the terms of this Notice, or any modified version of this Notice.
LEGAL DISCLOSURE
We, including our Group Companies reserve the right to disclose your personal data contained in Collected Data and Service Data as required by applicable law, in response to lawful requests by public authorities, including meeting national security or law enforcement requirements and when we believe that disclosure is necessary to protect our rights and/or to comply with a judicial proceeding, court order, or other legal process served on us. Collected Data and Service Data will also be shared between our Group Companies for the activities permitted under the Terms and this Notice.
In the event Company goes through a business transition, such as a merger or acquisition by another company, or sale of all or a portion of its assets, Customer’s Account, Collected Data and Service Data will likely be among the assets transferred. A prominent notice will be displayed on our Websites to intimate you of any such change in ownership or control and Customers will be notified via an email from privacy@callcorp.com.
CONTACTING COMPANY
If you have any questions about this privacy notice or your dealings with the Company, you can contact us at privacy@callcorp.com or via postal mail at CallCorp, PO Box 458, St. George, UT 84771 for the attention of the Data Protection Officer with a copy to privacy@callcorp.com.