Bipath LLC Privacy Policy

Effective June 1, 2020

Last Modified: July 14, 2020

Brief Summary

1. Introduction

Below is a summary of our practices when it comes to information collected when you visit Bipath site and/or use the Bipath customer portals and our products and services. If you are interested in learning about our practices relating to information we collect as a processor for our customers, visit our Platform Privacy (see below).

Please note that some Bipath customers may have special agreements with us that specify the collection, use, and sharing of their information. If those special agreements and this notice conflict, those special agreements will prevail.

For purposes of this notice, the words “our,” “us,” “we,” and “Bipath” refer to Bipath LLC and our affiliates (which includes any person or entity that controls us, is controlled by us, or is under common control with us, such as our subsidiary, parent company, or our employees). “You” refers to our customer, who is accessing their Bipath customer portal and using our products and services.

Before you submit any information on or through the Bipath Site or customer portal or use Bipath products of services, please carefully review this policy. You acknowledge and understand that, by using any part of the Bipath Site or service, your continued use of the Bipath Site, and/or continued provision of information to us will be subject to the terms of the then-current Privacy Policy.

2. What information we collect, how we collect it and why

Information you give to us directly on our website.

On some pages of the Bipath Site, you can fill in a web form to share your information with us directly, such as on our “Service Site” http://help.bipath.io, “Customer Portal” http://portal.bipath.io, http://bipath.io, http://www.bipathsoftware.comand also on http://www.contactcloud.us and http://www.brokertoolbox.io or any of our associated landing pages that bear the Bipath, Contact Cloud or the Broker Toolbox logos.. We collect the information you provide in response to those web forms. Occasionally, we may also offer opportunities for you to share your information with us such as through a survey, to sign up for a newsletter, or to register for or receive details about an event we are hosting. If you participate in those surveys, sign up for a newsletter, or register for an event, we will collect the information you provide to us in doing so.

Information we collect from you automatically

When you visit the Bipath Site, we and our service providers acting on our behalf automatically collect certain data using tracking technologies, like cookies. Our website might also collect personal information that is about you but individually does not identify you, and/or about your internet connection, the equipment you use to access our Website and usage details. We may also get information from other companies or third parties, or when we may use service providers to supplement the Personal Information you give us such as validating your mailing address to help us maintain the accuracy of your data and provide you with better service. We might also collect content or other information that you may provide or create when you interact with our Services

Information Collected From Other Sources

Privately Owned Databases:

Marketing, data analytic and social media-owned databases give us access to a range of information — like public data, survey data and beyond. This data sometimes includes your mailing address, your gender, your age, your household income and other demographic data.

Social Media Platforms and Other Third-Party Services:

(Social media platforms include Facebook. Third-party services include Google)

You can link your social media or other third-party accounts to a Contact Cloud or Broker Toolbox CRM Account. By linking the services, you authorize us to collect, store and use any information they may give us (e.g., your email address). You can disconnect your Contact Cloud or Broker Toolbox CRM account from third-party accounts at any time.

For more information, refer to our social login for Contact Cloud help article.

Customer Account Information

Customer Account Information is all the information that relates to the relationship between Bipath and its customers, like our customers’ names, contact information, and billing information, and records, federal EIN number.

Customer Usage Information

Customer Usage Information includes operational information like call or messaging logs, origination and termination points (i.e. to/from numbers), traffic routing information, API requests, or usage information.

3. What we use your information for

Information you give us directly on our website.

For information that you give to us directly through our “Service Site” http://help.bipath.io, “Customer Portal” http://portal.bipath.io, http://bipath.io, http://www.bipathsoftware.com and also on http://www.contactcloud.us and http://www.brokertoolbox.io or any of our associated landing pages that bear the Bipath, Contact Cloud or the Broker Toolbox logos, we will use that information to formulate a response to your inquiry and get back to you with our response. Similarly, if you provide us information directly in response to a survey or when signing up for an event, we will use the information you provide for the reason that you provided it to us.

Information we collect automatically

For information that we collect from you automatically through tracking technologies, we use this to understand how visitors to the Bipath Site are using it and which pages and features of the Bipath Site are most popular. This helps us understand how we can improve our website and track performance of our advertisements. In addition, tracking technologies are used to help improve the navigation experience on the Bipath Site, and to determine propensity-to-purchase calculations (i.e. an analysis of how likely a website user is to purchase our services based on an analysis of their browsing behavior).

We may also automatically collect certain usage information when you access our Services ("Usage Data"), such as Internet Protocol address ("IP address") and information derived from your IP address such as your geographic location, log files, unique device identifiers, pages viewed, browser type, any links you click on to leave or interact with our Services, and other usage information collected from cookies and other tracking technologies. We collect IP addresses to track and aggregate non-personal information, such as using IP addresses to monitor the regions from which users navigate to our Services.  We also collect IP addresses from users when they log into the Services as part of our log-in and security features.  We may also, when you enable location-based Services, collect Global Positioning System (GPS) location data and/or motion data. We may also collect Past transactional behavior conducted by You on the Services, Information about your company such as the name, size and location of your company and your role within the company, and Behavioral or demographic attributes, when tied to personal identifiers.

Bipath may also collect additional information through your dealings with and use of the Services and non-Bipath websites, which does not disclose your specific identity or does not directly relate to an individual. Additional information may include, but is not limited to:

We might also put together additional information with Personal Information, such as gathering geographical location from your IP address and combining all of this with behavioral data about your usage of the Services with your name. If we combine additional information with personal Information, we will treat the combined information as Personal Information.

We might also collect personal information from you if you log into our Services using a Third Party Social Network such as Facebook, Instagram or Snapchat.

Bipath may use your Personal Information it collects (unless otherwise prohibited by applicable law), for the following purposes:

(i) Information that you provide by filling in forms on our Website. This includes information provided at the time of registering to use our Website, subscribing to use our paid services, posting material or requesting further services. We may also ask you for information when you report a problem with our Website.

(ii) Account Registration. We may use your name, business address, phone number, and email address to register your Bipath Account for certain Services we provide and to communicate important information to you. We may obtain additional Personal Information about you, such as address change information, from commercially available sources, to keep our records current.  If you set up an administrator account that may be accessed by people other than you, please note that they may see and have the ability to change or delete your Personal Information.

(iii) Records and copies of your correspondence (including email addresses), if you contact us.

(iv) Your responses to surveys that we might ask you to complete for research purposes.

(v) Details of transactions you carry out through our Website and of the fulfillment of your orders. You may be required to provide financial information before placing an order through our Website.

(vi) Your search queries on the Website

(vii) To bill and collect money owed to us by our Customers. This includes sending you emails, invoices, receipts, notices of delinquency, and alerting you if we need a different credit card number. We use third parties for secure credit card transaction processing, and we send billing information to those third parties to process your orders and credit card payments.

(viii) To send you System Alert messages. For example, we may inform you of temporary or permanent changes to our Services, such as scheduled outages, new features, version updates, releases, abuse warnings, and changes to our Privacy Policy.

(ix) To enforce compliance with our Terms and Conditions and applicable law. This may include developing tools and algorithms that help us prevent violations.

(x) To protect the rights and safety of our Employees, Customers and third parties, as well as our own.

(xi) To meet legal requirements, including complying with court orders, valid discovery requests, valid subpoenas, and other appropriate legal mechanisms which includes responding to lawful requests by public authorities, including to meet national security or law enforcement requirements.

(xii) To communicate with our Customers about their account and provide customer support.

(xiii) To Let You Know About Other Services.  We may use your information to communicate with you about our Services and to give you offers for third party products and services that may be of use to you.

(xiv) To Improve Services and Develop New Services. We may use your information to personalize or customize your experience to develop new features or services, and to improve the overall quality of Bipath’s Services.

(xv) Feedback. We may use any information you volunteer to provide to us in surveys you answer and combine them with answers from other customers in order for us to better understand our Services and how we may improve them.  Of course, answering any survey is optional.

(xvi) To Provide Our Services and Operate Our Business. We may use your information to operate our business, including providing any Services that you have requested, provide you with support related to our Services, and to help us protect our Services, which includes taking action against fraud and protecting your information.

(xvii) Customer Service and Technical Support.  We may use your name, address, phone number, email address, how you interact with our Services, and information about your computer configuration to deal with and resolve questions you may have about our Services and to follow up with you about your experience.

(xviii) Publishing or Sharing Combined Information from Many Users In a Manner that Would Not Allow You or Any Other Person to be Identified Personally. We may prepare and share information about our customers with third parties, such as advertisers or partners, for research, marketing and/or promotional purposes but only in a way that would not allow you or any other person to be identified. For example, we may share demographic data that describes the percentage of our customers who use one of our services or who use a specific operating system. We or our third party partners may publicly report the aggregated findings of the research or analysis, but only in a way that would not allow you or any other person to be identified.

(xix) To provide information to representatives and advisors, including attorneys and accountants, to help us comply with legal, accounting, or security requirements.

(xx) To prosecute and defend a court, arbitration, or similar legal proceeding.

(xxi)  To provide suggestions to you. This includes adding features that compare Customers’ content or communications, using data to suggest products or services that you may be interested in or that may be relevant to you.

(xxii) To transfer your information in the case of a sale, merger, consolidation, liquidation, reorganization, or acquisition. In that event, any acquirer will be subject to our obligations under this Privacy Policy, including your rights to access and choice. We will notify you of the change either by sending you an email or posting a notice on our Website.

(xxiii) Customer Testimonials. We might at some point upload Customer testimonials on our Services that may contain Personal Information. Before doing so, we will obtain your consent to use your name and testimonial. If you ever desire to delete a testimonial, please contact us at privacy@Bipath.com.

(xxiv) Respond to Your Requests. Bipath may also use Personal Information in order to respond directly to your information requests.

(xxv) Third Party Social Networks. Bipath may use your Personal Information to connect with you on third party social networks. Bipath 's interactions with you on any third party social network would be subject to that network's privacy policies and terms of use.

(xxvi) We may use the information we have collected from you to enable us to display advertisements to our advertisers’ target audiences. Even though we do not disclose your personal information for these purposes without your consent, if you click on or otherwise interact with an advertisement, the advertiser may assume that you meet its target criteria.

You also may provide information to be published or displayed (hereinafter, “posted”) on public areas of the Website, or transmitted to other users of the Website or third parties (collectively, “User Contributions”). Your User Contributions are posted on and transmitted to others at your own risk. Although we limit access to certain pages/you may set certain privacy settings for such information by logging into your account profile, please be aware that no security measures are perfect or impenetrable. Additionally, we cannot control the actions of other users of the Website with whom you may choose to share your User Contributions. Therefore, we cannot and do not guarantee that your User Contributions will not be viewed by unauthorized persons.

Customer Account Information

When you sign up for an account with Bipath, you’ll be asked to give us information like your email, name, and address. You may be asked to create a password. We collect this Customer Account Information so that we know who you are, we can communicate with you about your account, and we can recognize you when you communicate with us through the customer portal or otherwise.

We use your email address in connection with your account password to authenticate your account and allow you to access your account information through the customer portal. And, we use your Account ID and Auth Token to authenticate that it is your application that is making requests to our APIs.

If two-factor authentication is set up for your account, we’ll ask you to enter a telephone number to which we will communicate verification codes to verify that it is you logging into your account.

If you elect to utilize Google authentication, then through this integration we will compare your registered email address to your Google authenticated email address Google will validate against our database to determine whether or not you are authorized to login and access our site. You may connect or disconnect Google authentication at any time by following our help guide here.

We also use contact information you provide to Bipath to communicate information regarding your account and the products and services you are using or to respond to an inquiry you have sent us. If you enable two-factor authentication, we’ll use the telephone number you provide in connection with that feature to send you verification codes.

When you sign up for a paid account or upgrade your account from a trial or account, we’ll ask you to provide our payment processor with your payment method information like your credit card information and/or your billing address. Our payment processor, acting on our behalf, gathers this so that we can bill you for your use of our products and services. Our payment processor will generally share your billing address with Bipath.

For some products, we may have to obtain a physical address from you. For example, to get a phone number in certain countries, local regulations may require us to have a physical address on file for you or your end user. We may also need your physical address or billing address for tax purposes. We may have to share your physical or billing address with the telecommunications carrier from whom Bipath obtained the phone number or local government authorities upon their request. Unless prohibited from doing so by law, we’ll let you know if we have to share your address like this.

We also gather information about you when you interact with our customer support team, sales team, or account management team. For example, when you contact our customer support team, you will be asked to give your account information and tell us the question you have or any problem you’re experiencing. We gather this information so that we can help you with your question or problem. When you communicate with our sales team or account management team, we’ll gather information about you, such as your use case and your business requirements, so that these teams are better equipped to assist you. We may also use this information so that we can improve our products and services and train our team members.

When you sign up for an account with Bipath, we’ll assign you an Account ID and a Global Account ID. For ContactCloud, your Account ID acts as a username, and a password If using our public API, you will also be assigned an authentication key that you will need to use in connection with making requests to our APIs. We keep a record of these credentials, so that when you login to your account or your application makes requests to our API using these credentials, we know that it is you making the requests.

Customer Usage Information

When you use our products and services, we collect Customer Usage Information. This may include information like what commands your application has communicated to Bipath through the API, what configurations you have made in your customer portal, your IP addresses, how many times you used a Bipath product or service, when the product or service was used by you or your end users, the number of website visits, calls, messages, or form entries that occurred, the length of calls or messages, where those calls or messages originated or terminated, how those calls or messages were routed, and whether or not the connection was successful or failed.

We collect Customer Usage Information so that you can view it in the customer portal and you can manage your use of our products and services. We also collect it so that we can properly bill you for your use of our products and services, appropriately manage and route customer traffic, analyze and improve our products and services, and identify and solve problems that arise. We also use certain usage information to support regulatory requirements, such as calculation and reporting of tax or similar obligations.

4. Who we may share your information with

We share your information in the manner and for the purposes described below:

We do not share your information (including, but not limited to, the personal data of your end users) with third parties for their direct marketing purposes, unless you give us your consent to do so.

5. Information from Children

We do not knowingly collect any personal information directly from children under the age of 16. If we discover we have received any personal information from a child under the age of 16 in violation of this Privacy Policy, we will take reasonable steps to delete that information as quickly as possible. If you believe we have any information from or about anyone under the age of 16, please email us at: privacy@bipath.io.

6. Links to Other Websites

We are not responsible for the practices employed by websites or services linked to or from the Service, including the information or content contained therein. Please remember that when you use a link to go from the Bipath Service to another website, our Privacy Policy does not apply to third-party websites or services. Your browsing and interaction on any third-party website or service, including those that have a link or advertisement on our website, are subject to that third party’s own rules and policies.

7. Social Media Widgets

Our Website may include Social Media Features, such as the Facebook Like button and Widgets, such as the Share This button or interactive mini-programs that run on our site. These Features may collect your IP address, which page you are visiting on our site, and may set a cookie to enable the Feature to function properly. Social Media Features and Widgets are either hosted by a third party or hosted directly on our Site. Your interactions with these Features are governed by the privacy policy of the company providing it.

8. Advertising

We may partner with third-party ad networks to either display advertising on our Website or to manage our advertising on other sites. Our ad network partner might use cookies and Web beacons to collect non-personal information about your activities on this and other Websites to provide you targeted advertising based upon your interests. If you wish to not have this information used for the purpose of serving you targeted ads, you may opt-out by clicking here: http://optout.networkadvertising.org/ or here: http://www.youronlinechoices.com. Please note this does not opt you out of being served advertising. You will continue to receive generic ads.

9. How we secure your information

We use appropriate security measures to protect the security of your information both online and offline. These measures vary based on the sensitivity of the information that we collect, process, and store, and the current state of technology. Please note, though, that no website or internet transmission is completely secure, so while we strive to protect your information, we cannot guarantee that unauthorized access, hacking, data loss, or a data breach will never occur.

We will store your personal information for as long as is reasonably necessary for the purposes for which it was collected, as explained in this notice. In some circumstances we may store your personal information for longer periods of time; for instance, where we are required to do so in accordance with legal, regulatory, tax, or accounting requirements.

In specific circumstances we may store your personal information for longer periods of time so that we have an accurate record of your dealings with us in the event of any complaints or challenges, or if we reasonably believe there is a prospect of litigation relating to your personal information or dealings.

10. How we tell you about changes to our privacy practices

We may change our Privacy Policy from time to time. If we make changes, we’ll revise the “Last Updated” date at the top of this policy, and we will notify you of those changes through other reasonable means of communication, such as email. We will comply with applicable law with respect to any changes we make to this policy.

11. How to make choices about your information

Deletion, access, and changes to your information.

To request deletion of, access to, or to make changes to information we’ve collected from you via the Bipath Site, email us at: privacy@bipath.io. Please note that even if you request that we delete information we’ve collected from you, we may still retain information collected from you in an aggregated or anonymized form that does not identify you. We also will not delete your information if we are legally required to maintain it.

We may ask you for additional information to confirm your identity and for security purposes, before taking any action in respect of your information. We reserve the right to charge a fee where permitted by law; for instance, if your request is manifestly unfounded or excessive.

Promotional communications.

If you are receiving promotional emails from us, you can choose to stop receiving those by following the unsubscribe/opt-out instructions in those emails. You can also opt-out by contacting customer support at: privacy@bipath.io. Please note that even if you opt out of promotional communications, we may still send you non-promotional messages relating to things like updates to our terms of service or privacy notices, security alerts, and other notices relating to your access to or use of our products and services.

We will respond to your request within a reasonable timeframe and notify you of the action we have taken.

Cookies and tracking technologies.

How you make choices about cookies and other tracking technologies depends on the type of cookie or tracking technology being used. For details on how to manage your preferences for cookies and tracking technologies, please check out our http://www.contactcloud.us/legal.

12. How to resolve disputes relating to our privacy practices

If you have a dispute with us relating to our privacy practices, email us at: privacy@bipath.io.

13. How you can contact us

You may email us at: privacy@bipath.io.

Or, you may write to us at the address listed below.

Bipath LLC, 30 Newbury Street, Boston, MA  02116.

14. Additional information for EU residents

The following information is provided for the benefit of Bipath Site users resident in the European Union. Be advised that Bipath does not currently offer its Broker Toolbox CRM Services to residents in the European Union.

Lawful basis for processing. We will only collect, use and share your personal information where we are satisfied that we have an appropriate legal basis to do this. This will be because:

Your EU rights.

In addition to the erasure, access and correction rights referred to in section 12 above, you also have a right to object to direct marketing, and to any use of your personal information which is based on a ‘legitimate interest’ justification.

You also have a right to obtain a copy of personal information safeguards used for transfers outside your jurisdiction, and to lodge a complaint with your local supervisory authority.

To exercise any EU specific right, email us at: privacy@bipath.io.

International Transfers.

Bipath is based in the United States of America, and you understand that by browsing the Bipath Site your information will be stored on servers in that country, which has different standards of data protection.

In addition, we use service providers located around the world. We will take appropriate steps to ensure that transfers of personal information are in accordance with applicable law to protect your privacy rights and interests. Where we receive requests for information from law enforcement or regulators, we carefully validate these requests before any personal information is disclosed.

15. California Consumer Privacy Act – Information for California Consumers

California Consumer Privacy Act

We collect certain categories of personal information when you visit our site, and we use that information for business and commercial purposes. Please refer to the California Consumer Privacy Act tab below to view the categories and purposes for which we may collect personal information

If you wish to have Bipath not sell your personal information to a third party, please email us at: privacy@bipath.io.

You may have other rights in addition to the right to opt out of the sale of personal information to third parties. Please scroll down to view the California Consumer Privacy Act tab for an explanation of those rights.

Financial institutions collect personal information necessary to offer and provide financial products and services, as well as permitted by federal, state, and local law. The purposes for which Bipath and its affiliates collect personal information include, but are not limited to:

The categories of personal information that Bipath may collect include:

The business or commercial purpose for which Bipath may disclose your personal information, include but are not limited to:

Bipath has not sold personal information in the preceding 12 months. Bipath may choose to sell the above categories of personal information for any of the business or commercial purposes listed above in the future. If you would like to opt out of the sale of your personal information in the event Bipath does sell personal information in the future, you can submit an opt-out request by sending an email to us at: privacy@bipath.io. Personal information does not include publicly available information made available from federal, state or local records.

Your CCPA Rights

The California Consumer Privacy Act (CCPA) provides California residents rights regarding the collection and use of their personal information, subject to certain exceptions. An authorized party may submit requests on your behalf. The authorized party must provide a valid power of attorney, or proof of registration with the California Secretary of State as an authorized agent on your behalf.

Generally, California residents have the following rights:

Who does CCPA apply to?

CCPA applies to California residents only. For purposes of CCPA, a California resident is a person who currently lives in California, or is domiciled in California but is outside of the state for a temporary or transitory purpose. The rights described above do not apply to residents of other U.S. states or persons who reside outside of the United States.

There are certain activities, information, and circumstances involving the collection, use, processing, sale, or disclosure of personal information that are exempt or excluded from CCPA. CCPA exemptions and exclusions include, but are not limited to:

Personal information collected or sold if every aspect of the commercial transaction takes place wholly outside of California.

Deidentified or aggregate consumer information.

GLBA:The CCPA does not apply to personal information collected, processed, sold or disclosed pursuant to Gramm-Leach-Bliley Act and its implementing regulations (GLBA). GLBA is the federal law that regulates the collection, disclosure, and safeguarding of individuals' nonpublic personal information who obtain financial products or services primarily for personal, family, or household purposes from a financial institution. For example, if you are a California resident and you have a personal financial product with us, such as a personal credit card, the CCPA rights do not apply to the personal information associated with that account. There are other types of personal information that are not covered by the rights and limitations in the CCPA.

Fair Credit Reporting Act: CCPA does not apply to any activity involving the collection, maintenance, disclosure, sale, communication, or use of any personal information bearing on an individual's credit worthiness, credit standing, credit capacity, character, general reputation, personal characteristics, or mode of living by a consumer reporting agency, user or furnisher of consumer reports as defined under the Fair Credit Reporting Act.

Business-to-Business Relationships: Until January 1, 2021, CCPA access and deletion requests do not apply to personal information that (1) reflects written or verbal communications or transactions between Bipath and you, and (2) was collected while you were acting in the capacity of an employee, owner, officer, director, or contractor of a company, in the context of Bipath's business relationship with that company. For these purposes, a company includes sole proprietors, partnerships, non-profits, and government entities.

Employment Related Activity: Until January 1, 2021, CCPA access, opt out, and deletion requests do not apply to personal information that is (1) collected about you in the course of acting as a former or current job applicant, employee, owner, director, officer, or contractor of Bipath, and (2) used solely in the context of that role. This exemption also applies to personal information of others collected in the course of your acting in one of these roles, if it is your emergency contact information or necessary to administer your benefits.

What can I expect if I exercise any of my rights?

Opt Out

You will not receive a confirmation to a request to opt-out. Consistent with applicable law, we will opt you out of sales at your request.

Access

You will receive a response to your verified request within 45 days of submission, unless we notify you prior to the 45 days that the delivery date of response will be extended by an additional 45 days. Along with the response to the verified request, you will receive a copy of certain information Bipath has collected on you during the 12 months immediately preceding the date of your verified request. This will include any information provided in your verified consumer request form. Bipath is not obligated to provide a response more than twice in a 12-month period; this period begins upon your submission of the verified consumer request.

Deletion

Consistent with applicable law, we will delete your personal information in response to your request.

Do-Not-Sell. California consumers have the right to opt-out of our sale of their personal information. Opt-out rights can be exercised by using the OneTrust cookie consent module on our home page to opt-out of advertising cookies.

Other third-party businesses may collect information when you interact with our digital property, including IP addresses, digital identifiers, information about your web browsing and app usage, and how you interact with our properties and ads in order to provide you with relevant ads across the Internet and for other analytics purposes, and may sell that information to other businesses for advertising and other purposes. By visiting here www.privacyrights.info or optout.privacyrights.info, you can opt out from sales of this type of personal information by businesses that participate in the opt out tool. To make opt-out requests related to mobile apps on your device for businesses participating in the DAA’s CCPA App-based Opt-Out Tool, you can download the appropriate app at www.youradchoices.com/appchoices.

Verifiable Requests for Copy, Deletion, and Right to Know. Subject to certain exceptions, California consumers have the right to make the following requests, at no charge, up to twice every 12 months:

Deletion: the right to request deletion of their personal information that we have collected about you, subject to certain exemptions, and to have such personal information deleted.

Right to Know: the right to request that we disclose certain information about how we have handled your personal information in the prior 12 months, including the:

Submitting Requests. You can submit a deletion or right-to-know request by emailing us at: privacy@bipath.io; we will respond to verifiable requests received from California consumers as required by law. [Account holders may also submit requests in their account by going to the Help menu and using any of our customer support channels. We also ask you for additional information necessary to verify or process your request. We may also carry out checks, including with third party identity verification services, to verify your identity before taking any action with your personal information. We will respond substantively to your verifiable requests within 45 days, unless additional time (up to 45 additional days) is needed, in which case we will let you know.

Incentives and Discrimination. The CCPA prohibits discrimination against California consumers for exercising their rights under the CCPA and imposes requirements on any financial incentives offered to California consumers related to their personal information. Businesses may offer different prices, rates, or quality of goods or services if the difference is reasonably related to the value of the consumer’s data.

16. Bipath Platform Privacy Policy

Introduction

Below is a summary of our practices when it comes to information collected on your behalf when you use the Bipath customer portal and our products and services.

Please note that some Bipath customers may have special agreements with us that specify the collection, use, and sharing of their information. If those special agreements and this notice conflict, those special agreements will apply.

For purposes of this notice, the words “our,” “us,” “we,” and “Bipath” refer to Bipath and our affiliates (which includes any person or entity that controls us, is controlled by us, or is under common control with us, such as our subsidiary, parent company, or our employees). “You” refers to our customer, who is accessing their Bipath customer portal and using our products and services.

Before you submit any information on or through the Bipath customer portal or use Bipath products and services, please carefully review this Notice. You acknowledge and understand that, by using any part of the Bipath customer portal, products or services, your information may be collected, used, disclosed, and shared as further outlined below in this Notice.

Definitions

What is Bipath?

Bipath is a software development company that specializes in Customer relationship management, sales automation, contact center, omni-channel messaging (texting and calling) and calling software for organizations.  We give our customers tools and services to build highly productive sales, marketing and support workflows that are only limited by imagination.

Our customers are generally commercial financial brokerages, marketing agencies or businesses that use marketing and advertising as a means to promote products and services. Our customers generally use Bipath products and services to manage end to end financial lending transactions and /or track the performance of their marketing campaigns, their sales teams and their contact centers. Our customers then often have their own customers or users of the reporting they are compiling and the communication campaigns they are developing using Bipath products and services. To avoid confusion, we’ll call the individuals that use our customers’ applications the “end users.”

Bipath generally does not interact directly with our customers’ end users. Instead, end users interact with our customers’ websites or contact our customers (or their customers) via phone, text or form, which in turn interacts with our products and services. So, if you’re an end user of a website that has Bipath code running on it or calling a phone number that is managed by a Bipath customer, you should check out that customer’s terms of service and privacy policy to find out how they collect, use, store and share your information. We are not responsible for our customers’ privacy policies or privacy practices.

If you are resident in the EU, you should know that, in operating our products and services on behalf of our customers, Bipath operates as a processor only, and is not a controller in relation to any personal information processed about you. Therefore, Bipath cannot respond to requests to exercise rights under data protection laws – these should be directed to our customers.

What information we collect, how we collect it and why.

Customer Content

Customer Content consists of the communications that are sent through the use of Bipath products and services, like the body of a text message or phone call.

We may collect Customer Content in connection with your use of our products or services. For example, if you use our messaging services, we collect the messages being sent and received so that we can convey those messages to and from the carrier networks and surface the content in your customer portal and in our API. Similarly, to transmit voice calls to and from the telecommunications carrier networks, we have to collect the voice communications being sent and received to route them appropriately, and then surface that information in our portal and our API. You can also use our products and services to record voice communications or have them transcribed, in which case, we will also collect those voice recordings or transcriptions.

If you are using our tracking code on your website, we also collect on your behalf the information about the visitors to your website such as their IP address, their landing page, referring URL, and the online ads that led them to your website. The tracking code uses cookies to identify the visitors to your websites so that the tracking code can display the correct tracking number to your end users and associate phone, form, or text activity to the correct website visit.

If you are using caller ID services that we offer through a sub processor, we will collect information about your end users such as the caller’s name, phone number, and the city in which the phone number is registered (not available in all countries or for all phone numbers). In addition, Customers can enable our premium caller ID service which uses one of our sub processors to collect address and other demographic information about an end user, such as marital status and occupation.

As stated above, Customers have the control over which information they want to collect and what they are doing with that information. We provide the tools to collect the information. So, if you are an end user of one of our Customers and you believe that your information is being collected by them, you should check out their terms of service and privacy policy to find out how they collect, use, store, and share your information. We are not responsible for our Customers’ privacy policies or privacy practices.

You should not use Bipath products or services to receive, send, or otherwise process Personal Health Information (PHI) as defined by the Health Insurance Portability and Accountability Act of 1996 as amended (HIPAA), unless you have a Business Associate Agreement (BAA) with Bipath or your use case for Bipath products and services does not require a BAA. Bipath disclaims all liability for PHI sent, received, or processed through Bipath products or services without a Business Associate Agreement.

What we use your information for.

Generally, we use all the information that you provide to us or that we collect to provide our products and services to you, to deliver your communications to their intended destination, to provide reporting on your communication programs in your customer portal, to analyze our customers’ use of our products and services, to improve our products and services, and to detect fraudulent or unlawful activity in connection with Bipath accounts.

Below are some additional details regarding how we use categories of information we collect.

Customer Content.

We use Customer Content for the purposes of including it in your reporting in your customer portal or through the API, conveying it to and from telecommunications carrier networks, or recording and transcribing it per your instruction. We may also use Customer Content stored on our systems to troubleshoot issues such as call quality concerns.

Promotional emails.

We will use your email address to send you information about other Bipath products, services, or events that you might be interested in.  If we are required to do so by applicable law, we will obtain your prior consent before marketing to you.

You can choose not to receive marketing emails from Bipath at any time. If you wish to stop receiving Bipath marketing emails you may click on the unsubscribe link that will appear at the bottom of any Bipath marketing emails or you can contact customer support.

We will use publicly-available Customer Account Data about your company, such as your industry, the size of your company, and your company’s website URL, to help us understand our customer base better and to tailor information we send you about other Bipath products, services, or events.

If you provide us with a physical address in order to obtain a number for which Bipath is required to have your physical address on file, we’ll use that address so that we can confirm we can allow you to have that number. We may also check the physical address you provide and/or your billing address, as well as other information you provide or that we obtained from your use of our service about your identity such as your name, email address, and IP address, with our fraud prevention and identity validation providers (to confirm you have provided us with accurate details). We may also use your address information to calculate taxes. We may also have to share these addresses with the telecommunications provider from whom Bipath obtained the phone number or local authorities upon their request. Unless prohibited from doing so by law, we’ll let you know if we have to share your address information like this.

We use your payment information so we can bill you and be paid for your use of our products and services.

Who we may share your information with

Unless you give us your permission, we won’t share your Customer Content, Customer Account Data, or Customer Usage Data with third parties, except as described below:

We do not share your information (including, but not limited to, the personal information of your end users) with third parties for their direct marketing purposes, unless you give us your consent to do so.

International Operations and Transfers Out of the EEA and Switzerland

Please note that when you use our customer portal, or our other products and services, your Customer Content, Customer Account Data, or Customer Usage Data may be sent to the United States and possibly other countries. Some, but not all of this, may be in connection with routing your communications that are sent via our products and services in the most efficient way. We store customer information on servers located in the United States, and we may also store this information on servers and equipment in other countries.

We take appropriate steps to ensure that transfers of personal information are in accordance with applicable law and carefully managed to protect your privacy rights and interests, and that transfers are limited to countries which are recognized as providing an adequate level of legal protection or where we can be satisfied that alternative arrangements are in place to protect your privacy rights. To this end, where appropriate to do so (e.g. because our customer is established in the EU), we enter into appropriate data transfer agreements incorporating the EU Commission approved standard contractual clauses, or rely on other mechanisms provided for by data protection law. You have a right to ask our customers for more information about the safeguards they have in place to ensure the adequate protection of transferred information.

How we tell you about changes to our privacy practices.

We may change our Platform Privacy Notice from time to time. If we make changes, we’ll revise the “Effective” Date at the top of this notice, and we may provide additional notice such as on the Bipath website homepage, customer portal sign-in page, or via the email address we have on file for you. We will comply with applicable law with respect to any changes we make to this notice.

Your Choices About Your Information.

You may access and make changes to certain parts of your Customer Account Data through the customer portal. You also have access to Customer Content stored on our systems and various types of Customer Usage Data through the customer portal.

To request deletion of your Bipath account, email us at: privacy@bipath.io. You should know that deletion of your Bipath account will result in you permanently losing access to your account and all customer information to which you previously had access through your account. Please note that certain information associated with that account may nonetheless remain on Bipath servers in an aggregated or anonymized form that does not specifically identify you. Similarly, information associated with your account that we are required by law to maintain will also not be deleted.

If you are an end user of a customer that uses Bipath services, you should direct requests for access and/or deletion of your information, or other rights which may be available to you under applicable data protection laws, to the relevant customer in accordance with their own privacy policy.

Cookies and tracking technologies.

How you make choices about cookies and other tracking technologies depends on the type of cookie or tracking technology being used.

Information from Children

We do not knowingly collect any personal information directly from children under the age of 16. If we discover we have received any personal information from a child under the age of 16 in violation of this Policy, we will take reasonable steps to delete that information as quickly as possible. If you believe we have any information from or about anyone under the age of 16, email us at: privacy@bipath.io

How we secure your information.

We use appropriate security measures to protect the security of your customer information both online and offline. These measures vary based on the sensitivity of the information that we collect, process and store and the current state of technology. Please note though that no service is completely secure. So, while we strive to protect your information, we cannot guarantee that unauthorized access, hacking, information loss or an information breach will never occur.

You may access your account through our customer portal by using your email address and a password that you chose when you signed up for Bipath’s products and services. To protect the confidentiality of your customer information and protect from unauthorized use of your account, you must keep your password confidential and not disclose it to any other person. Please let us know right away if you think your password or API Auth Token was compromised or misused.

For additional information regarding Bipath’s security practices, email us at: privacy@bipath.io.