EZ Digital, LLC  Business Customer Privacy Policy

Commitment to Privacy

EZ Digital, LLC (“we”, “us” and “our”) is a business unit offering software as a service (SaaS), enterprise hosting, remote managed services and other analytics solutions, and the subject-matter experts to manage them. We provide these solutions to organizations (“you” and “your”) and your employees, consumers, patients and students (“data subjects”) around the world.  We also partner with other affiliated companies that provide products and services that enhance and add functionality to your EZcard and to your EZcard experience.

The privacy of your data subjects is important to us. We are providing this policy to describe and explain our information practices and the measures we take to protect their privacy and comply with applicable law and our obligations. This policy also describes your choices regarding use, access and correction of your data subjects’ personal data so that you can better understand our practices and ensure that they are consistent with any privacy notices you have made available to them.

Scope of Policy

This Privacy Policy describes how the EZ Digital, LLC business unit collects, receives, accesses, uses and discloses certain personal data that it receives in connection with enterprise hosting, SaaS, remote managed services and other analytics offerings, and governs EZ Digital, LLC’s use of such personal data to provide those offerings to customers pursuant to our agreements with them.

This Privacy Policy does not apply to information collected by EZ Digital, LLC from visitors to EZcard.com, information collected by EZ Digital LLC in connection with individuals’ creation of a EZ Digital LLC Profile, or information collected by EZ Digital LLC through other offerings. For information about how EZ Digital LLC collects, uses and discloses information through EZ Digital LLC.com, the EZ Digital LLC Profile and other EZ Digital LLC offerings, please see the EZ Digital LLC Privacy Statement.

Data Processed and Purposes of Processing

EZ Digital, LLC collects and processes two kinds of personal data: Customer Information and Client Information.

Customer Information is information that we receive from you, or from a third party at your direction, about your data subjects. We collect only the Customer Information that you provide to us or direct us to collect in order to provide services to you. Customer Information may include personal data about different types of individuals, including: consumers, employees, patients, students, donors, volunteers, business clients, suppliers and other business partners. Such personal data may include basic contact information, such as name, postal address, email address and phone number, as well as more sensitive personal information, such as financial information, personal health information, clinical trial data, demographic information, purchase information, market-research information, and employee and student performance information. Indeed, EZ Digital, LLC may obtain any type of data about any type of individual that you upload to our products, send to us through online or offline mechanisms, or direct us to collect from third-party aggregators, such as Dun & Bradstreet.

We operate under the assumption that it is your obligation as a data controller to notify individuals whose personal data may be included in your Customer Information about the personal data you collect and the purposes for which you collect it, to obtain their consent to our processing of their personal data, where required, and to ensure that such personal data is reliable for its intended use, accurate, complete and current. We have no direct relationship with the individuals whose personal data is included in Customer Information we process.

We collect and process Customer Information only for the purpose of providing services to you and in accordance with our agreements with you. In certain situations, we may supplement Customer Information provided by you with information from other sources. This is done only when you specifically request, and we agree to, such supplementation. This supplementation of Customer Information is for the sole purpose of providing services to you. We will retain Customer Information for the duration stipulated in our agreement with you, or longer, as necessary to comply with our legal obligations, resolve disputes or enforce our agreements.

Client Information is personal data about people in your organization, such as account managers and users, who interact with EZ Digital, LLC and its systems. Client Information usually is limited to name, work email address, work phone number and job title. We collect Client Information through online forms, email, phone and other written means that you use to provide it to us. We use Client Information to support your account, maintain our business relationship with you, respond to your inquiries and perform accounting functions.

Client Information may also include User Information. User Information is information generated by computers that interact with our systems. User Information may be collected through the following:

We may also use User Information to help us prevent and detect security threats, fraud or other malicious activity, and to ensure the proper functioning of our products and services.

EZ Digital, LLC may additionally use Customer Information and Client Information for the following purposes:

Third-Party Websites

If requested by you, and agreed to by EZ Digital, LLC, EZ Digital, LLC’s systems may be configured to enable you and your users to access other third-party websites whose privacy practices may differ from those of EZ Digital, LLC. If you or your data subjects submit personal data to any of those websites, such information is governed by their privacy statements. We encourage you and your data subjects to carefully read the privacy statement of any website you or your data subjects access through our systems.

Data Access and Correction; Choices for Limiting Use and Disclosure

The EU-US and Swiss-US Privacy Shield Frameworks require that EU and Swiss data subjects have rights to access personal data about themselves that an organization holds and, more specifically, a right to: (1) obtain confirmation whether personal data about them is being processed; (2) have the data communicated to them so they may verify its accuracy and the lawfulness of the processing; and (3) have the data corrected, amended or deleted.

With respect to Customer Information, we operate under the assumption that it is your obligation as data controller to provide your data subjects a means of accessing their data and requesting that such data be corrected, amended or deleted. Under our current business model, we have no direct interaction with your data subjects and so have no direct way for them to submit these requests to us. If you are an EZ Digital, LLC customer, and you receive such a request from a data subject about whom we host personal data, and you would like our assistance in responding to that request, please contact our privacy office at help@EZcard.com or Legal Division/Privacy Officer, EZ Digital LLC P.O. Box 1, Greenville, IL 62246. We will respond to requests within 30 days of receipt.

With respect to Client Information, certain EZ Digital, LLC systems enable users to access and amend or correct their own personal data. Otherwise, if you or your users would like to request access to or correction of Client Information, please contact our privacy office at help@EZcard.com or Legal Division/Privacy Officer, EZ Digital LLC P.O. Box 1, Greenville, IL 62246. We will respond to requests within 30 days of receipt.

The EU-US and Swiss-US Privacy Shield Frameworks require that participants offer data subjects a choice to opt out of uses and disclosures of their data that are materially different from the purposes for which that data was originally collected or subsequently authorized. For data that is considered “sensitive data” under EU data protection rules and the Swiss-US Privacy Shield (for example, EU Personal Data relating to medical or health conditions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership or sex life), Privacy Shield participants must obtain an affirmative opt-in from data subjects for disclosures of such data or for the use of such data for purposes other than those for which it was originally collected or subsequently authorized.

With respect to Customer Information, we operate under the assumption that it is your obligation as data controller to obtain from your data subjects the appropriate consent to transfer their data to us and for us to process their data, to provide agreed-upon services to you and to disclose their data to third parties, consistent with this Policy and our agreements with you. We will not share, sell, rent or trade with third parties for their marketing purposes any Customer Information collected by us, unless you direct us to do so and have the appropriate authorization to do so. If your data subject would no longer like to be contacted by you or by EZ Digital LLC at your direction, please inform the data subject to contact you, as EZ Digital, LLC’s customer, directly.

We will not use or disclose Client Information for purposes that are materially different than those described in this Policy, or subsequently authorized, without offering data subjects a choice to opt out of such uses or disclosures.

Data Security

We take reasonable measures that are designed to protect personal data from loss, misuse and unauthorized access, disclosure, alteration and destruction. Some of our security measures include the following:

If we confirm that your Customer Information has been accessed or used by unauthorized individuals, we will contact your designated representative to coordinate our response to the incident. If you have any questions about the security of your personal information, you can contact us at help@ezcard.com or Legal Division/Privacy Officer, EZ Digital LLC P.O. Box 1, Greenville, IL 62246.

Onward Transfers to Third Parties

EZ Digital, LLC may disclose personal data to business partners and subcontractors, as necessary, for the purpose of providing our offerings and performing other requested services, or as otherwise appropriate in connection with a legitimate business need. These companies are authorized to use your personal information only as necessary to provide these services to us. We may also disclose personal data you provide to other EZ Digital LLC entities and/or business parties for purposes compatible with those described in this Policy and in accordance with our agreements with you. We will not disclose personal data to third parties for purposes other than those described in this Policy, except at your direction and with your authorization. Disclosures of EU and Swiss Personal Data will be carried out in accordance with Privacy Shield requirements relating to onward transfers. We will not sell, rent or lease your personal data to others.

We may also disclose personal data to a third party, as necessary, in connection with the sale or transfer of all or part of our business. In these situations, we will require the recipient of the data to protect the data in accordance with this Policy or otherwise take steps to ensure that the personal data is appropriately protected. If EZ Digital, LLC is involved in a sale or transfer of all or part of our business, you will be notified via email and/or a prominent notice on our website of any changes to EZ Digital, LLC’s ownership or uses of your personal data, and of choices you may have regarding your personal data.

EZ Digital, LLC may also disclose personal data as required or permitted by law, such as in response to lawful requests by public authorities, including to meet national security or law enforcement requirements, or when we believe in our sole discretion that disclosure is necessary or appropriate to protect our rights or to comply with a judicial proceeding, court order, law-enforcement request or other legal process.

EZ Digital LLC is a global corporation with subsidiaries and business partners in more than 80 countries and with technical systems that cross borders. Personal data collected on EZ Digital, LLC systems may be transferred across state and country borders and stored or processed in the United States or any other country in which EZ Digital LLC, its subsidiaries, affiliates or business units maintain facilities for the purposes of data consolidation, storage and information management. By using our systems, your organization consents to any such transfer of information outside of your country of residence. EZ Digital LLC, its subsidiaries, affiliates and business units will handle your information collected by our systems in a consistent manner, as described here, even if the laws in some countries may provide less protection for your information. Our privacy practices are designed to protect your personal data all over the world.

Inquiries and Complaints

If you have questions or concerns regarding this Policy or our handling of your personal data, you should first contact us by sending an email to help@EZcard.com or by regular mail to the attention of:

Legal Division/Privacy Officer

EZ Digital LLC P.O. Box 1, Greenville, IL 62246.

We will respond within a reasonable time frame.

If you do not receive acknowledgement of your inquiry, or your inquiry has not been satisfactorily addressed, please contact the US-based third-party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.

Changes to This Policy

We reserve the right to modify this Policy at any time. When we make only minor modifications, we may do so without notifying you. When we make material modifications, we will notify the person you have designated to us to receive such notifications 30 days in advance of the changes. It is your responsibility to keep current the contact information we have on file for that designated representative.

Effective Date: May 25, 2018