Content

Privacy Policy

Last updated on September 25, 2025

INTRODUCTION

Welcome to Mitratech Holdings, Inc., (“Mitratech”, “Our”, “We”, or “Us”)! We understand the impact Our privacy practices may have on You when You share data with Us, and therefore we are committed to protecting Your privacy in all aspects of Our business. This Privacy Policy explains what information We collect from Our end-users, clients, partners and Site visitors (“You”, “Yours”); how We use that information; and the rights You may have with respect to Your Data. This Policy applies to Mitratech and its subsidiaries (a list of all subsidiaries can be found at https://mitratech.com/legal-notice/entity-and-subsidiaries/).

To use certain features of Our Site or access specific services and/or products available through the Site, We may process certain Personal Data. You will be provided with the mechanisms necessary to manage your preferences regarding the processing of Personal Data that is not necessary for the provision of the Services, such mechanisms are described in this Privacy Policy. If you do not agree to the processing of Personal Data essential to the functionalities of the Site or the Services You request, You might not be able to use those specific features or Services.

YOUR ACCEPTANCE OF THIS POLICY AND MODIFICATIONS

WE MAY CHANGE THIS PRIVACY POLICY FROM TIME TO TIME IN OUR SOLE AND REASONABLE DISCRETION. IF WE MAKE MATERIAL CHANGES THAT ALTER YOUR RIGHTS OR IMPACT YOUR PERSONAL OR SENSITIVE DATA WITH US, WE WILL NOTIFY (AND WHERE APPLICABLE, REQUIRE YOUR ACTIVE CONSENT) YOU BY REVISING THE DATE AT THE TOP OF THIS WEBPAGE AND PROVIDING YOU WITH WRITTEN NOTICE (SUCH AS ADDING A STATEMENT TO OUR HOMEPAGE AND SENDING YOU AN EMAIL OR NOTIFICATION). ANY AMENDED PRIVACY POLICY SHALL SUPERSEDE ALL PRIOR VERSIONS AND SHALL BE DEEMED ACCEPTED UPON YOUR CONTINUED USE OF THE SITES AND/OR SERVICES, UNLESS AGREED OTHERWISE IN AN ENFORCEABLE AND VALID WRITTEN AGREEMENT BETWEEN US AND YOU.

IMPORTANT PRIVACY PRACTICE NOTES

First and foremost, We do not sell or share Your Data with any third-party that is not required to provide You with the Services and/or Site.

Some of Our subsidiary Services may collect, store, require, transmit, or otherwise process sensitive data, individually identifiable health information or PHI via the Site or Services in connection with use of the Sites and/or Services.

Our Site, Services, and communications may involve interactions with various third parties regarding Your Personal Information. We engage trusted Sub processors to perform specific services on Our behalf. Your data, when processed by these providers acting as Sub processors, is covered by the terms of this Privacy Policy.

Mitratech’s Sites, Services and/or communications may contain, for your convenience, links to websites or other online services or products provided by third parties, when You click on such links and leave our Site, any information you provide directly to those third parties, or that they collect from you, will be governed by their respective privacy policies. We are not responsible for the content, privacy practices, or data security of these independent third-party sites or services, and we encourage you to review their policies before sharing any Personal Information.

Mitratech may use SSO integrations to offer third party solutions and/or products, and such links and integrations do not mean that (a) We endorse such websites, products, and/or services; (b) We represent and/or warrant the quality, usability and/or accuracy of the information presented by the third party provider; nor (c) We represent and/or warrant their privacy practices and data security. You acknowledge and agree that We are not liable or responsible, fully or in part, for the collection and/or use of Your information by third parties and/or third-party websites, offerings, services and/or products, even if such offerings are made through Mitratech’s Sites and/or Services. The privacy and data practices of third parties are governed by their respective privacy policies.

Mitratech, as a standard practice, does not knowingly or specifically collect, use or require any Data about minors under the age of 18. Mitratech Sites are not intended for minors under the age of 18, and the Services should not be used by individuals under the age of 18. Consistent with the COPPA requirements, if You believe We have mistakenly or unintentionally collected such information without first receiving a parent or legal guardian’s verified consent, please notify Us so that We may delete the information from Our servers. We will use any collected information solely to inform the child that use of the Site and Services is prohibited, and any collected Data will be immediately deleted.

LASTLY, MITRATECH DOES NOT PROVIDE PROFESSIONAL LEGAL, TAX OR ACCOUNTING ADVICE AND/OR SERVICES. YOU SHOULD SEEK INDEPENDENT PROFESSIONAL ADVICE IN THESE AREAS IF NEEDED.

  1. DEFINITIONS
    The following terms are frequently used in this Policy and are defined here for Your reference.
    “Affiliate” includes any entity owned, whether wholly or partially, by Mitratech Holdings, Inc.“Business Information” ​includes ​Your job title or department; Your employer’s name, phone number, postal address, payment information, type of company, company industry, and company size.“COPPA” means the Children’s Online Privacy Protection Act.“Data” means, collectively, the following information: Order Information, Payment Information, Personal Information, Usage Data, Business Information, User Information, Sensitive Data, and User Content.“Data Controller” is the entity or natural person that determines the purpose(s) for which and the means by which personal data is processed. In this instance, Mitratech may be the Data Controller.“Data Processor” means an entity or natural person, public authority, agency or other body which processes personal data on behalf of a controller. In some instances, Mitratech may be the Data Processor.

    “Data Subject” means a natural person whose personal data is processed by Us.

    “Consent” is any freely given, specific, informed, and unambiguous indication of the data subject’s wishes, by a statement or by a clear affirmative action, written or verbal, that signifies agreement to the processing of personal data relating to the You.

    “Cookies” means small text files that can be read by a web server in the domain that put the cookie on your hard drive.

    “Client” means, a customer that is authorized by Us to access and use the Services or a portion thereof or a customer directly contracted with Us for Mitratech Services.

    “EEA” means the European Economic Area.

    “FDPA” means the Swiss Federal Data Protection Act.

    “Mitratech” means, Mitratech Holdings, Inc., and its Affiliates, “Mitratech” or “We”, or “Us”.

    “GDPR” means the UK/EEA General Data Protection Regulation.

    “Order Information” may include company names, contact name and information, products/services purchased, shipping address, telephone number, email address, billing address.

    “Partner” means an entity purchasing subscriptions to the Services and authorized by Us to provide access to and use of the Services or a portion thereof to a Client, or on behalf of a Partner’s Client.

    “Payment Information” means information required to process any orders for the Services, such as Your name, credit card information, billing information, address, expiration dates and processing codes.

    “Personal Information” means information associated with or used to identify You, such as: (a) Your first and last name, email address, postal address, phone number, and some Usage Data under applicable law.

    “PIPEDA” means the Personal Information Protection and Electronic Documents Act.

    “PHI” means protected health information as defined under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Privacy Rule.

    “Policy” means this Privacy Policy as updated and amended from time-to-time.

    “Sensitive Data” any information relating to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person, or information that reveals race, ethnic origin, sexual orientation, political opinions, religious or philosophical beliefs, or trade union membership, or that concerns an individual’s health.

    “Services” means the Mitratech services, solutions, applications, and products.

    “Sites” means Mitratech’s website located at www.mitratech.com and its subpages and Affiliate subdomains.

    “Third-Party Service Provider” means a third-party performing work for Us or a portion of the Services on Our behalf.

    “Usage Data” means information about Your activity on the Site or Services that, by itself, does not identify You, such as: (a) browser type, operating system, webpages visited, access times, links clicked, and the page visited before navigating to Our Site or Services; (b) technical information about the computer or mobile device You use to access Our Site or Services, including hardware model, operating system and version, unique device identifiers, location data, IP address, domain name, internet service provider, or network information; (c) information searched for, observed, or accessed while using the Services; or (d) metadata related to User Content, such as date, time, or location.

    “User Content” means content uploaded or submitted by Users such as information, documents, images, photographs, videos, notes, sounds, data, and posts.

    “UDID” means Your city location, device model and version, and device identifier.

    “User Information” means information such as name, username, password, email address, phone number, and address.

    “User” means any individual or entity that uses the Site and/or Services or a portion thereof on behalf of a Client or Partner or through the account or passwords of either, whether authorized or not, including, without limitation, the employees, contractors, and/or agents of either.

    “You” or “Your” means the individual visiting, accessing, or using the Site and/or Services in his/her/their individual capacity or as a User, Partner, or Client, as the context requires.

Data We Collect and How We Use It

  1. When We Collect Data From You
    We may collect Data from You when You:

    1. Visit Our Site and/or use Our Services;
    2. Interact with one of Our chatbots or digital assistants;
    3. Interact with one of Our artificial intelligence (AI), generative artificial intelligence (GenAI), large language model (LLM), and/or machine learning (ML) powered features, tools, solutions, products and/or services;
    4. Interact with Us online, through a webinar, on the phone, hotlines, customer support, customer services, correspondence through email or through Our Site;
    5. Interact with Us (including any of Our employees, agents, representatives, partners, Affiliates and/or contractors) in person, at an event or trade show;
    6. Opt-in to Our direct marketing campaigns, newsletters, alerts, notifications, promotions, offers and deals;
    7. Submit User Content to Us directly or through Our Sites and/or Services;
    8. Submit a form or contact Us on Our Sites;
    9. Post information, comments, testimonials, or reviews online about Us;
    10. Interact with targeted online content that We or Our Third-Party Service Providers provide to You via third-party websites, communications or applications;
    11. When You are referred to Us by an Affiliate or a third-party with Your consent; and
    12. When You interact with third-party social media accounts of Ours, such as Facebook and Instagram.
  2. Data We Collect and How We Use It
    Depending on the way You use Our Sites and/or Services, We may collect Data for the following purposes:

    1. Personal Information and Business Information
      We collect Personal Information that You voluntarily provide to Us when (1) You create an account to use the Services or sign an order form; (2) when You express an interest in obtaining information about Us or Our Services, or when You sign up to receive emails, marketing, and promotional information from Us; (3) when You fill out a form or contact customer support on Our Site or otherwise contact Us, both online or offline, such as at trade shows or fairs; (4) when a Partner who gives You access to the Sites and Services shares such information with Us in order to provide You with the Sites and Services; and/or (5) when an Affiliate or third party, with Your consent, shares Your Personal Information with Us in order to provide You with marketing and/or transactional Services. All Personal Information that You provide to Us must be true, complete and accurate, and You must notify Us of any changes to such Personal Information.We may also collect Business Information provided to Us directly by a Partner that is sponsoring Your access to the Services, or an Affiliate or third party that has referred You to Us. We may also collect Personal Information, Business Information, User Information and/or Order Information from an Affiliate in order to process a referral, cross-sell and/or partnership requested by You.We use Your Personal Information solely to provide You with the Services and/or Site, and We do not share such Personal Information with any third-party not required to provide You with the Services and/or Site. We may, upon Your request or Consent, share Your Personal Information with Our Affiliates for the purposes outlined herein. You own Your Personal Information – We only process it to provide You the Services.
  3. Payment Information
    When You purchase Services on Our Sites, sign up to use the Services or enter into an order form with Us, We may collect Payment Information required to process Your order(s). We do not store any Payment Information. Instead, We use third-party payment gateways to process Your Payment Information. You (1) represent and warrant that the Payment Information provided is accurate and that You have the right and/or authorization to use and provide Us with that Payment Information; (2) agree to the collection of Your Payment Information for the purposes outlined herein; and (3) when applicable, agree to the applicable automatic renewal and charges to the payment method provided if You have voluntarily opted into automatic renewal services and/or subscriptions. All Payment Information is stored by a secure third-party payment gateway that is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS).If You enable any applications, products, services, or content that integrate with the Services and/or Sites, and that are provided by a third-party for use with the Services: (a) any use by Your or an end user of such third-party products and content is solely Your responsibility (b) You acknowledge that the third-party may have access to Your Data only in connection with the integration of the Services and the third-party services, and Mitratech will only be responsible for its collection, control, sharing, use, disclosure, modification or deletion of Your Data.We are not liable or responsible for payment issues, security incidents or data breaches and associated losses that occur to third-party payment gateways.
  4. Usage Data and UDID
    If You are visiting the Sites and/or using the Services, We may automatically collect Usage Data, such as Your IP address, the date and time of the visit and how long You remained on Our Site, the referral URL, the pages visited on Our Site or related third-party applications, and information about the device and browser (such as, browser type and version and operating system). We may also collect visitor data through third party services such as Google Analytics, in order to better understand visitor behavior, demographics, locations, page views, time spent on the Site or affiliated third-party applications, and other metrics and analytics used to provide and improve the Site and Services. In addition to the information We collect on Our Site, We may also collect Your city location, device model and version, device identifier (or “UDID”), and OS version.This information is collected to maintain the security and operation of Services, and for Our internal analytics and reporting purposes. We do not share or sell Usage Data. We use this information to help diagnose problems with and secure Our servers, to administer the proper functioning and legitimate use of Our websites, and to improve the nature and marketing of the Services. Your IP address is also used to gather broad demographic information that does not personally identify You.
  5. User Content
    We may collect User Content that You provide to Us through Our Sites and/or Services. By uploading or providing Us with User Content, You represent and warrant that You have the rights, consents, authorities and/or licenses required to upload such User Content. We collect User Content and used it as outlined in this Policy.We may, depending on the Services You are subscribed for, and by which means You are able to access the Services, share User Content with affiliates , administrators, employers, sponsor, broker or Partner authorized by You. You may have the right to opt-out of that sharing in certain circumstances. We do not own any User Content uploaded to or created through the Sites and Services. Clients own the User Content uploaded to or created through the Sites and Services.
  6. Online Identifiers and Cookies
    We may use cookies, web beacons, server logs, and similar tracking technologies (“Data Collection Tools”) to collect Usage Data so that We may improve Your experience with the Sites or Services. We may also collect information using web beacons (also known as “tracking pixels”). Web beacons are electronic images that may be used with Our Site, Services, or emails. We collect devices, cookie identifiers, or others such as the ones used for analytics and marketing, and other similar data. The information We receive via cookies and similar technology do not contain any personally identifying information, but they do enable Us to improve Your experience using the Services. Most web browsers are set to accept cookies by default. If You prefer, You can usually choose to set Your browser to remove cookies and to reject cookies. If You choose to remove cookies or reject cookies, this could affect certain features or services of the Services or third-party applications. We encourage anyone who uses cookies to follow appropriate privacy standards and policies but is not responsible for cookies placed by third parties.We use this information to help Us improve Your experience with the Site or Services; see which areas and features of the Site or Services are popular; count Site visits; help deliver cookies; understand usage and campaign effectiveness; and determine whether an email has been opened and acted upon. We also use the information We collect to market Our Site to those who have shown interest in Our Services. Cookies allow Us to store user preferences and settings; enable sign-in; provide interest-based advertising; combat fraud; and analyze how Our websites and online services are performing. For more information visit Our ​​Cookie Notice.
  7. Feedback
    We may collect Your Data when You provide Us with any feedback relating to the Sites and/or Services. Feedback that You provide to Us is owned exclusively by Us, except for any portion that contains Your owned Data. Feedback and/or testimonials can be provided to Us online, by phone or by email. We only use feedback to analyze, develop and/or improve Our business, Sites, Services and customer support. You will not have any ownership, credit and/or royalty rights, titles or interests in and to any work product created, whether directly or indirectly, by Us from Your feedback, or a portion thereof.
  8. Mobile Device Data
    We may automatically collect device information (such as Your mobile device ID, model and manufacturer), operating system, version information and IP address. We use Mobile Device Data for internal analytics purposes only. We do not sell or share this data with any third-party, unless required to provide You the Services or Site.
  9. Order Information
    When You sign an order form with Us to purchase and use the Services, We collect Your Order Information. This Order Information is necessary for Us to process Your order, track, calculate and apply any applicable credits, offers or promotions, and to contact You with invoices, billing information and account information.
  10. Third Parties
    In the case that Data is transmitted to Us by third parties, We will take measures to ensure that the Data have been collected lawfully in accordance with the relevant legal provisions, and that the use of such data for the intended data processing activities is permitted. We will do this by implementing contractual safeguards, performing due diligence and process data pursuant to applicable laws. If We did not obtain Personal Information directly from You, We will inform You about the type(s) of Personal Information We received from the Third Parties, the purposes for which it collects and uses Personal Information, and the types of non-agent third parties to which Mitratech discloses or may disclose information, and the choices and means Mitratech offers individuals for limiting the use and disclosure of their Personal Data.

 

GENERAL USE OF DATA; PROCESSING; AND TRANSFERS

  1. Use of Data
    In general, We use Data to provide Our Sites and Services, to perform Our contractual agreements with Our Partners, Clients and Users, and for related business purposes, such as, product development, marketing, legal compliance, and other similar business and legal purposes, such as: 

    1. To provide the Site and Services;
    2. To operate, maintain, develop, improve, or personalize the Services or other products and services We offer;
    3. To provide customer service or support, or to respond to Your comments, questions and requests;
    4. To send technical notices, updates, security alerts, and support or transactional messages relating to Your account;

For the following purposes, Sensitive Data and User Content will be excluded unless we have your Consent:

    1. To share aggregate, de-identified or anonymized Data with authorized third-parties;
    2. To communicate with You about products, offers, promotions, rewards, and events We or others offer, or provide news and information We think will be of interest to You, unless You have opted-out;
    3. To monitor and analyze trends, usage, and activities in connection with Our Services;
    4. To provide advertisements about content or features more relevant to You, unless You have opted-out;
    5. To assess the effectiveness of and improve advertising and other marketing and promotional activities on or in connection with the Services;
    6. To process Your transactions and send You related information, such as confirmations and invoices;
    7. To refer You to Affiliates to which You request or Consent;
    8. To help Us develop new products and services or improve Our existing Services;
    9. To power, provide and/or develop solutions, offerings, products and/or services powered by artificial intelligence and/or machine learning;
    10. To improve Mitratech’s artificial intelligence models, services and features that are intended for Your use with the Services;
    11. To provide data insights to a Client’s Partner or sponsor;
    12. To enforce Our Terms of Service and other applicable agreements or policies; and
    13. To carry out any other lawful purpose for which information was collected.We may derive information or draw inferences based on information collected when You access or use the Services. For example, We may make inferences about Your interest in Our products and services based on Your location, browsing behavior, usage behavior, and past purchases. To improve the Services, information collected may be used in an aggregated or deidentified manner. We may combine Data provided to Us directly by You with information from other sources, such as social media or data brokers, and use the combined information as described in this Policy. Sensitive Data and User Content are not used for any other purposes besides the consented purposes.
  2. Machine Learning. Your Personal Information, and with Your Consent Sensitive Data and User Content may also be used by Us and its Affiliates, or shared with authorized Subprocessors, contractors and/or agents to:
    1. develop, train (unless otherwise provided), or enhance artificial intelligence or machine learning models, products, services, features, and/or intellectual property, that are part of or may become part of Our Services, including third-party components of the Services (collectively referred to as, “AI Services”); and
    2. analyze, assess and/or gather information related to Your outputs, inputs, usage, functionality, and/or feedback relating to the AI Services, which shall be used in an aggregate or deidentified form.Nothing in this section will reduce or limit Our obligations to comply with applicable data protection and privacy laws. Data Subjects represent and warrant that Data Subjects have all rights, titles, interests or licenses in and to the Data, and You authorize Us to process Your Data for the purposes listed herein
  3. Processing of Data
    We will only process Your Data as outlined in this Policy and for the purposes indicated herein. We may process Your Data in the following countries:

    United States  Hosting, processing 
    Australia  Hosting, processing 
    India  Hosting, processing 
    Mexico  Hosting, processing 
    European Union  Hosting, processing 

    Nonetheless, We require that all hosting services, sub-processors, and third-party Service Providers are limited in their access, usage, sharing and disclosure through contractual commitments and required security and privacy standards and measures.

  4. Onward Transfers of Data
    You understand and agree that Mitratech may transfer Your Data to authorized third party providers in the following territories outlined in the preceding clause.For some business processes, it is necessary to pass on Data relating to clients or partners to third parties. If the recipient is located in a third country, he/she must guarantee an adequate level of data protection in line with this statement. This does not apply if the data transmission is carried out owing to a statutory obligation, or to any other permissible legal obligation. The recipient must be bound under contract only to use the data for the specified purpose.
  5. All uses of User Content and Sensitive Data will comply with this section, and to the extent of any inconsistency or contradiction with respect to uses set out elsewhere herein, this section shall control.

Mitratech will obtain assurances from their agents that they will safeguard sensitive information consistently with this statement. Examples of appropriate assurances that may be provided by agents include but are not limited to: a contract obligating the agent to provide at least the same level of protection as is required by the relevant Data Privacy Principles, being subject to the EU General Data Protection Regulation (Regulation (EU) 2016/679), or being subject to another European Commission adequacy finding. When Mitratech becomes aware that an agent is using or disclosing sensitive information in a manner contrary to this statement, Mitratech will take reasonable steps to prevent or stop the use or disclosure. Mitratech may be required to disclose an individual’s personal information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements.

Mitratech primarily stores data about clients and visitors to the Mitratech website in the United States. To facilitate Mitratech’s global operations, Mitratech may transfer and access such information from around the world, including from other countries in which Mitratech has operations, such as the United States, Mexico, United Kingdom, countries within the European Union, India, Singapore and Australia. A list of the Mitratech’s global offices is available upon request. This statement shall apply even if Mitratech transfers data to other countries.

In the case that data is transmitted to Mitratech by third parties, it must be ensured that the data have been collected lawfully in accordance with the relevant legal provisions, and that the use of such data for the intended data processing activities is permitted.

SECURITY, INCIDENTS, DISCLOSURE AND RETENTION

  1. How We Keep Your Data Safe
    We are committed to protecting Your Data and We implement appropriate and industry standard administrative, technical, organizational and physical safeguards designed to safeguard the information that We collect such as:

    1. Secure Sockets Layer (SSL) technology protects Data on Our Site using both server authentication and data encryption, ensuring that user data is safe, secure, and available only to authorized persons. Every time You send Us Your credit card number and Your billing and shipping information, We use the industry-standard SSL technology to prevent the information from being intercepted. We also encrypt Your credit card number when We store Your order.
    2. Our computer systems are hosted in cloud services that We have selected, in part, based on their representation that they use a firewall, intrusion detection systems, and other advanced technology to prevent interference or access from outside intruders.
    3. We store Your Data in a secure operating environment and is only accessible to Mitratech employees, agents and contractors on a need-to-know basis. Contracts are in place that require others to keep Your Personal Information private and secure. This requires a careful breakdown and separation, as well as implementation, of roles and responsibilities.
    4. Our technical safeguards include:
      1. Unique password requirements and limited employee access;
      2. Destruction, deletion or de-identification of Data, when permissible and applicable;
      3. Industry standard security protocols;
      4. Employee training on how to handle sensitive data, breach notice and procedures;
      5. Secure Technology (SSL), server authentication and Data encryption and use of firewall to host data;
      6. Designated security coordinator on the Mitratech team;
      7. Sub-processors, sub-contractors and third-parties are bound to same security practice obligations;
      8. Backups; and
      9. Periodic audits and penetration testing.
      10. Network IsolationMitratech has implemented industry standard security methods, technologies, and processes to safeguard sensitive information from unauthorized access and unlawful processing or disclosure, as well as accidental loss, modification, or destruction.Nonetheless, no information system can be made 100% secure. This means that Mitratech cannot guarantee the absolute security of Your Data. Moreover, We are not responsible for the security of information You transmit to Us over networks that Mitratech does not control, including the internet and wireless networks, or the data that is stored on Your device. You should only access the Services within a secure environment.
  2. What We Do in the Event of a Verified Data Breach  
    Mitratech will comply with all applicable international, federal and state laws that require notification to individuals, entities, state agencies, or federal agencies in the event of an actual security incident or data breach, depending on the location of the Data Subject. When Mitratech reasonably suspects and/or becomes aware of an unauthorized disclosure, data breach or security incident concerning any Data, We will notify the affected User, Client, Partner, or individual as soon as possible, and mitigate the damage of such incident or breach to the greatest extent reasonably possible. In the event of an actual data breach or the unauthorized access or disclosure of any sensitive or personal data, We will notify You in writing as soon as possible outlining the following information if available and known:
    1. What happened (date of incident or breach, if possible, or estimated date of incident, or the date range within which the breached occurred);
    2. What information was involved (list the type of personal information);
    3. What We are doing to help resolve or mitigate the issue (and if there was any delay in providing this notice due to law enforcement investigation);
    4. What You can do to help Us;
    5. How You can get more information or contact Us;
    6. Information about what We have done to protect individuals whose information has been breached;
    7. Advice on steps that the person whose information has been breached may take to protect himself or herself; and
    8. Information about the steps We have taken to cure or remediate the breach and the estimated timeframe for such remediation.To protect Your Data, We may suspend Your use of the Services, without notice, during an investigation if any breach of security is suspected. Such suspension will not be considered a breach of any applicable agreement, order form, service level agreement or master agreement between Us and You.
  3. Disclosure of Your Data 
    MITRATECH DOES NOT SELL, SHARE, LICENSE, TRADE OR OTHERWISE SHARE YOUR PERSONAL INFORMATION OR ANY PERSONALLY IDENTIFIABLE INFORMATION WITH ANY ENTITY OR PERSON, EXCEPT AS EXPRESSLY DESCRIBED IN THIS POLICY OR WHEN WE HAVE A LEGAL BASIS TO DO SO. YOU ALWAYS HAVE THE RIGHT TO WITHDRAW ANY CONSENT YOU PREVIOUSLY PROVIDED BY CONTACTING US AT [email protected].In addition to Our processing and transferring practices outlined above, Mitratech may disclose Your Data in the following circumstances and as otherwise permitted by applicable law:
    1. With Your Consent
      With Your consent or at Your direction, including if We notify You through Our Sites or Services that the information You provide will be shared in a particular manner and You provide such information.
    2. With Your Consent
      With Your consent or at Your direction, including if We notify You through Our Sites or Services that the information You provide will be shared in a particular manner and You provide such information.
    3. With Partners
      With partners, so they understand their Client’s use of the Services and related needs, or to perform functions initiated by Partners or on behalf of Clients or Users. Data subjects must consent to the sharing of their Senstive Data and User Content before the transfer.
    4. With Affiliates
      With Our Affiliates to permit cross-sell referral initiatives, except Senstive Data and User Content.
    5. With Our Sub-processors or Third-Party Services Provider
    6. With Our Sub-processors that process Your Data in order for You to access and use the Services.
    7. Disclosure To Authorizing Persons
      If You use the Services on behalf of another person or organization (such as Your employer), Mitratech may provide Your Data to that authorizing person/organization. Mitratech has no control over the use of Your Data by the authorizing person/organization, and that use is not subject to this Policy. If You do not wish Your Data be disclosed to the person/organization on whose behalf You use the Services, You shall directly contact that employer and provide Us with a written notice of Your right to opt-out of such sharing. If You opt-out to such sharing, We cannot guarantee that the Services will still be available to You.
    8. Disclosure to Service Providers
      Mitratech may provide Your Data to its affiliated businesses or suppliers and Service Providers for use in connection with the operation of Our websites and as desirable to procure and deliver the Services. Some Service Providers and contractors used on the Sites and/or for Our Services include, without limitation, products, services, processing payment services, analytics services, customer support services, billing, product providers, internal administrative services, maintenance of the Services, and providing business services to Us or to You.  Mitratech requires its affiliated businesses, suppliers, and Service Providers to agree to use Your Data only for the purposes for which it is provided to them and to protect the privacy of Your Personal Information in a manner that is consistent with this Policy. If You do not wish for Your Personal Information to be disclosed to Mitratech’s affiliates and/or Service Providers, You might not be able to use Our Site and/or Services.
    9. Disclosure in Business Transfers
      If We go through a business transfer, such as consolidation, merger, restructuring, acquisition, or sale of part or all of Our assets, You acknowledge and consent to the transfer of Your Data. You further acknowledge and consent to the continued use of Your Data by the recipient, so long as they comply with this Policy or a similar policy. In this event, You will be notified via email and/or a prominent notice on the Sites, of any change in ownership or business transfer, use of Your Data, and the choices and rights You may have regarding Your Data. Mitratech is not liable for the actual or potential acquiring organization’s future use and disclosure of Your Data.
    10. Law Enforcement and Legal Disclosures
      Mitratech may disclose Your Data to its legal counsel, other professional counsel or to a government agency that has asserted its lawful authority to obtain the information. Mitratech may also disclose Your Data if Mitratech has reasonable grounds to believe the information could be useful in the investigation of unlawful activity. Mitratech may also disclose Your Data to comply with a federal or state investigations, subpoenas, warrants or an order made by a court, person, or body with jurisdiction to compel the production of information, or to comply with court rules regarding the production of records and information. Mitratech has no control over, or liability for, those persons’ use and disclosure of Your Data, and that use and disclosure is not subject to this Policy. We will, however, do Our best to only disclose the necessary and required Data.
    11. Disclosure of Aggregated and De-identified Information
      Mitratech may provide and sell aggregate statistics, which is owned by Mitratech, about Our Clients, sales, traffic patterns, and related website and product information to third parties, but these statistics will not include personally identifying information. For example, We will not tell third parties that You used a certain function, but We may tell third parties how many customers in demographic groups utilize certain functions, and Your information may be used solely to place You in that general demographic group.To the extent permitted or required by applicable law, You can opt-out of having Your information shared with a third party, by contacting Us at [email protected]. However, please note that opting-out of information sharing or collection may affect Your ability to use the Mitratech Services.
  4. Data Processing Grounds
    Mitratech may process information on behalf of its Partners, Clients and Users, in which case We shall be considered Data Processors. We will only use Your Data if We have a lawful basis for doing so. Lawful bases for processing include Consent, contractual necessity, and Our legitimate business interests or the legitimate interest of others, as further described below. You have the right to request that Your personal information or Data not be processed by Us. However, this may impair the quality and deliverability of Our Services.

    1. Contractual Necessity
      We may process Data to perform Our obligations and/or exercise Our rights under this Policy and/or the incorporated Terms of Use, or services agreements which enables Us to provide You with the Mitratech Services. When We process Data due to contractual necessity, failure to provide such Data will result in Your inability to use some or all portions of the Services that require such Data.
    2. Legitimate Interest
      We may process Data when We have a legitimate business interest. Our legitimate business interests may include operation, analysis and/or improvement of the Mitratech Services; marketing the Mitratech Services; provision of customer support; protection from fraud or security threats; completion of corporate transactions; and compliance with legal obligations.
    3. Consent
      In some cases, We process Data based on the Consent You expressly grant to Us at the time We collect such Data. When We process Data based on Your Consent, it will be expressly indicated to You at the point and time of collection, and You will have the right to withdraw such Consent. To withdraw Your Consent, please email Us at and indicate Your Mitratech user ID or email address associated with the Mitratech Services so that We can verify and honor Your request. If Mitratech collects Sensitive Personal Information, such as personal information specifying medical or health conditions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership or information specifying the sex life of the individual, We will request consent before collecting it.
    4. Other Processing Grounds
      From time to time, We may also need to process Data to comply with a legal obligation pursuant to court order, subpoena, audits, investigations, judgments, or legal demands, if it is necessary to protect the vital interests of You or other data subjects, or if it is necessary for a task carried out in the public interest.
  5. Data Retention Policy
    Unless You request the deletion of Your Data, We keep the Data We collect for so long as reasonably necessary to fulfill the purposes for which the Data was collected, to perform Our contractual and legal obligations, and for any applicable statute of limitations periods for the purposes of bringing and defending claims. When We have no ongoing legitimate business need to process Your Data, We will not use Your Data and We may delete, de-identify it, or anonymize it, or keep it in a de-identified manner. We may also aggregate and de-identify Your Data for on-going reporting and analytical needs. If this is not possible (for example, because Your Data has been stored in backup archives), then We will securely store Your Data and isolate it from any further processing until deletion is possible. If You have elected to receive marketing communications from Us, We retain information about Your marketing preferences for a reasonable period of time from the date You last expressed interest in Our Products or brand, such as when You last opened an email from Us or ceased using Your Account. We retain information derived from cookies and other tracking technologies for a reasonable period of time from the date such information was created. We keep this information for analytics and internal business purposes.
  6. Do Not Track
    Some web browsers and mobile operating systems include a “Do Not Track” (“DNT”) feature or setting that signals to websites and online services that You do not wish for Your online activities to be tracked. At this time, Our Sites and Services do not respond to DNT signals or requests from these browsers or devices. However, We understand the importance of privacy and are committed to providing meaningful choices regarding the collection of personal information. You may still have the option to control the collection and use of certain information through other means, such as adjusting Your device or browser settings or opting out of certain data collection practices as described in Our Policy. Please note that Our third-party service providers, affiliates, and other parties may have their own policies regarding DNT signals and may or may not honor them. We encourage You to review the privacy policies of these third parties to understand their practices regarding tracking technologies.

YOUR DATA RIGHTS

  1. Your Data Rights (All U.S. Residents)
    You have certain rights with respect to Your Data, and We want to help You review and update Your information to ensure it is accurate and up-to-date. We may limit or reject Your request in certain cases, such as if it is frivolous, unverified or unduly burdensome, if it jeopardizes the rights of others, if it is not required by law, or if the burden or expense of providing access would be disproportionate to the risks to Your privacy in the case in question, or if it materially alters the way We provide the Mitratech Services to You. In some cases, We may also need You to provide Us with additional information, which may include personal information, to verify Your identity and the nature of Your request. We will take reasonable steps to respond to all requests within 45 calendar days.If You wish to exercise any of the following rights, You may do so by contacting Us at [email protected]:

    1. Access
      You can request more information about the Data We hold about You and request a copy of such Data.
    2. Rectification
      If You believe that any Personal Information that We hold about You is incorrect or incomplete, You can request that We correct, edit or supplement such information.
    3. Erasure
      You can request that We delete some or all of Your Personal Information from our systems. Please note that if You request the deletion of information required to provide the Service to You, Your Account will be deactivated and You will lose access to the Service, forfeiting all refunds, credits and other outstanding or earned items. If any personally identifiable data is collected through the use of the Services, We will ensure that it is destroyed, returned, or modified to make it unreadable or indecipherable, at the end of Your use of the Services, unless required to be retained and maintained in original form pursuant to law enforcement, legal proceeding, court order or subpoena. Disposition shall include (1) the shredding of any hard copies of any Personal Information or Data; (2) erasure, freezing, anonymization or de-identification; or (3) otherwise modifying the Personal Information in those records to make it unreadable or indecipherable.
    4. Portability
      You can ask for a copy of Your Personal Information to be provided to You in a machine-readable format. You can also request that We transmit the data to another controller where technically feasible.
    5. Withdrawal of Consent
      If We are processing Your Personal Information based on Your consent (as indicated at the time of collection of such data), You have the right to withdraw Your consent at any time by writing to Us. Please note, however, that if You exercise this right, You may have to then provide express consent on a case-by-case basis for the use or disclosure of certain of Your Personal Information, if such use or disclosure is necessary to enable You to utilize some or all of Our Services.In some cases, We serve just as Data Processors on behalf of Client. If applicable, all requests to withdraw Consent of the Data Subject shall be directed to and completed by Client. All withdrawal of Consent requests addressed to Us will be redirected to Client. After receiving and validating a request to delete Your information or to withdraw consent from You, Client shall instruct Us to process this request. If We are processing Data based on Your consent obtained by the Client (as indicated at the time of collection of such data), Client shall confirm to Us Your withdrawal of consent. Please note, however, that if You exercise this right, You may have to then provide express consent to Client on a case-by-case basis for the use or disclosure of certain Data, if such use or disclosure is necessary to enable Client to utilize some or all of the Services.Excluding the section above, all Data Subjects that are Users of the Services shall have the right to withdraw their Consent from the processing of their Data. For all questions related to the end Users’ rights over their Data, You may email Us at [email protected].
    6. Objection
      You can contact Us to let Us know that You object to the further use or disclosure of Your Personal Information for certain purposes, such as for marketing purposes.
    7. Restriction of processing
      You can ask Us to restrict further processing of Your Personal Information.
    8. Opt out of marketing electronic communications
      You may opt out of receiving newsletters and other marketing communications sent directly from Us by using the “unsubscribe” function included in all marketing emails. You will not be able to unsubscribe from transactional Mitratech emails or emails containing important information regarding Your account, rights and/or responsibilities with respect to Our Services.Therefore, You will continue to receive account notices and transactional emails so long as You have an account with Mitratech.
    9. Disable cookies
      You can disable cookies before visiting the Sites. However, if You do so, You may not be able to use certain features of the website properly.
    10. Right to file a complaint
      You also have the right to file a complaint about Mitratech’s data and/or privacy practices with respect to Your Personal Information with the supervisory authority of Your jurisdiction.
    11. Exercising your rights
      If you would like more information or would like to exercise the access and deletion rights described above, please submit a privacy-related request by doing the following:

      1. Calling us at this toll-free phone number: 1 888 784 7224; or
      2. Emailing us at [email protected] describing the nature of your request;
        Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your personal information. You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must provide sufficient information that allows us to reasonably verify you are the person about whom We collected personal information or an authorized representative, which will require proof that the person is authorized to act on your behalf. Additionally, the verifiable consumer request must describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it. We cannot respond to your request or provide you with Personal Data if We cannot verify your identity or authority to make the request and confirm the personal information relates to you. We will only use personal information provided in a request to verify the requestor’s identity or authority to make the request. We endeavor to comply with a request within 45 days of its receipt. If We require more time (up to 90 days), We will inform you, in writing, the reason for the delay. Any information We provide will only cover the 12-month period preceding the request’s receipt.
  2. Links to Other Websites
    The Mitratech Sites and/or products may contain links to other sites, products, services, offerings and/or information, operated by independent third parties, that We think may be of interest to You or are offered as part of our Services. Mitratech encourages third parties to follow appropriate privacy standards and policies. Mitratech makes no warranties and/or representations regarding the privacy and data practices of any third party website You may access through Our websites, platform, applications, or communications.

      1. This statement embodies the internationally accepted principles of data protection and privacy, without replacing existing national laws. It applies in all cases as far as it is not in conflict with the respective national law; additionally, the national law shall apply if it makes greater demands. National law applies in the case that it entails a mandatory deviation from, or exceeds the scope of, this statement for data protection. This statement also applies in countries in which there is no corresponding national legislation in place.

 

Supplemental Rights for California Residents 

  1. California Disclosures
    If You are a California resident, You have certain additional rights concerning Your data under the California Consumer Privacy Act of 2018 (“CCPA”), as amended by the California Privacy Rights Act (CPRA), as further described below.
  2. Personal Information Collected
    We will never sell for monetary remuneration Your Personal Information without Your prior written consent. We only share Data and information so that We can provide the Services and help Our partners and third-party affiliates provide the Services to You. We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular user, household or device (“CCPA Personal Information”). In particular, We have collected the categories of personal information from Our Sites Users within the last 12 months outlined in Appendix A, for the purposes described in this Policy.Personal Information does not include publicly available information, information from public government records, de-identified or aggregated consumer information, or other information excluded from the CCPA’s scope. We will not collect additional categories of Personal Information or use the Personal Information We collected for materially different, unrelated, or incompatible purposes without providing You with notice.
  3. Disclosing Personal Information
    In the preceding 12 months, We have disclosed the following categories of customers’ CCPA Personal Information (as defined above) for the purposes described in this Policy: identifiers; and California Customer Records personal information categories:

    1. Sale of Personal Information
      In the preceding 12 months, We have not sold any of Our Users’ Personal Information.
  4. Collection, Disclosure and Use Rights
    Pursuant to the California Consumer Privacy Act of 2018 (CCPA) and the California Privacy Rights Act (CPRA), service users, consumers and website visitors who are California residents have the following specific rights regarding Your Personal Information:(1) Right to Notice; (2) Right to Access/Right to Request; (3) Right to Know; (4) Right to Delete or Anonymize; (5) Right to Opt-Out; (6) Right to Not Be Discriminated Against Right to Notice of Financial Incentive. Mitratech may deny Your deletion request if retaining the information is necessary for Us or Our service provider(s) to complete certain business purposes, contractual obligations or to comply with legal obligations.You can exercise these data rights by writing to Us at [email protected]

    1. Access To Specific Information and Data Portability Rights
      You have the right to request that We disclose certain information to You about Our collection and use of Your Personal Information over the past 12 months. Once We receive and confirm Your verifiable consumer request, We will disclose to You:

      • The categories of Personal Information We collected about You.
      • The categories of sources for the Personal Information We collected about You.
      • Our business or commercial purpose for collecting or sharing that Personal Information.
      • The categories of third parties with whom We share that Personal Information.
      • The specific pieces of Personal Information We collected about You (also called a data portability request).
      • If We disclosed Your Personal Information for a business purpose, the personal information categories that each category of recipient obtained.
    2. Deletion Request Rights
      You have the right to request that We delete any of Your Personal Information that We collected from You and retained, subject to certain exceptions. Once We receive and confirm Your verifiable consumer request, We will delete or make Your Personal Information de-identified or anonymous (and direct Our Service Providers to do the same) Your Personal Information from Our records, unless an exception applies. Upon deletion, de-identification or anonymization, We shall not be able to honor any outstanding or earned credits, refunds, points or other promotions and offers. We may deny Your deletion request if retaining the information is necessary for Us or Our service providers to:

      • Complete the transaction for which We collected the Personal Information, provide a good or service that You requested, take actions reasonably anticipated within the context of Our ongoing business relationship with You, or otherwise perform Our contract with You.
      • Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
      • Debug to identify and repair errors that impair existing intended functionality.
      • Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law;
      • Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.).
      • Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if You previously provided informed consent.
      • Enable solely internal uses that are reasonably aligned with consumer expectations based on Your relationship with Us; or
      • Comply with a legal obligation.
    3. How to Exercise Your Rights
      To exercise the access, data portability, and/or deletion rights described above, or if You would like more information about Your rights, please submit a verifiable consumer request to Us by:

      • emailing [email protected] with “Mitratech – California Privacy Rights Request” in the subject line.
      • Calling Us at this toll-free phone number: (+1) 888 784 7224Only You, or someone legally authorized to act on Your behalf, may make a verifiable consumer request related to Your Personal Information. You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must provide sufficient information that allows Us to reasonably verify You are the person about whom We collected personal information or an authorized representative, which will require proof that the person is authorized to act on Your behalf. Additionally, the verifiable consumer request must describe Your request with sufficient detail that allows Us to properly understand, evaluate, and respond to it.
    4. Limits on Requests
      You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must (i) provide sufficient information that allows us to reasonably verify You are the person about whom We collected Personal Information or an authorized representative, and (ii) describe Your request with sufficient detail that allows Us to properly understand, evaluate, and respond to it.We will not be able to respond to Your request or provide You with Personal Information if We cannot verify Your identity or authority to make the request and confirm the Personal Information relates to You.Making a verifiable consumer request does not require You to create an account with Us. However, if You do have an account with Us, You can make a verifiable request through Your account.  We will only use Personal Information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request. In Your request to Us, please DO NOT submit more personally identifiable information than You have already provided to Us.
    5. Response Timing and Format
      We endeavor to respond to a verifiable consumer request within 45 days of its receipt. If We require more time (up to 90 days total), We will inform You of the reason and extension period in writing.  We will deliver Our written response by email electronically, at Your option. Any disclosures We provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response We provide will also explain the reasons We cannot comply with a request, if applicable. For data portability requests, We will select a format to provide Your Personal Information that is readily useable and should allow You to transmit the information from one entity to another entity without hindrance.By writing to Us, You agree to receive communication from Us seeking information from You in order to verify You to be the consumer from whom We have collected the data from and such other information as reasonably required to enable Us to honor Your request.We do not charge a fee to process or respond to Your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded.  If We determine that the request warrants a fee, We will tell You why We made that decision and provide You with a cost estimate before completing Your request.We will not discriminate against You for exercising any of Your CCPA rights. If You request to delete, stop processing or anonymize or de-identify Your Personal Information or delete Your account, You may not be entitled to any outstanding and/or earned credits, refunds, returns, or similar offers or promotions, and You will no longer have access to the Services.
  5. Service Providers Obligations
    Only to the extent that Mitratech, or its Affiliates, are considered a Service Provider and You are considered a data controller or processor under applicable law(s), the below obligations are enforceable:

    1. The Personal Data We receive from or on behalf of You will only be used for the specific business purposes outlined in the agreement.
    2. Service Provider shall not:
      1. Sell or share personal information.
      2. Retain, use, or disclose personal information for any purpose other than for the business purposes specified in the contract with You, including retaining, using, or disclosing the Personal Data for a commercial purpose other than the business purposes specified in the contract with You, or as otherwise permitted under applicable privacy laws.
      3. Retain, use, or disclose Personal Data outside of the direct business relationship between You and Us.
      4. Combine Personal Data received from, or on behalf of, You with Personal Data received from, or on behalf of, another person or persons, or collect Personal Data from its own interactions with the consumer, except as necessary to perform the business purpose specified in the written contract and as permitted by applicable regulations; and
      5. Engage any third party sub-processor to assist in processing Personal Data for Our business purposes without notice to You and without a written contract with sub-processor that imposes the same obligations on the sub-processor as set forth in this Policy.
    3. You may, subject to the terms of any agreement with Us, monitor Our compliance with the terms of this Policy. This may include ongoing manual reviews, automated scans, and regular assessments, audits, or other technical and operational testing at least once every 12 months, to ensure that We are adhering to the obligations set forth in this Policy and any corresponding data processing agreement.
    4. The Service Provider agrees to comply with all other applicable requirements under the California Consumer Privacy Act (CCPA), California Privacy Rights Act (CPRA), and other relevant privacy regulations to ensure the protection and confidentiality of consumer personal information.

Mitratech may, subject to agreement with the Service Provider, monitor the Service Provider’s compliance with the terms of this Policy. This may include ongoing manual reviews, automated scans, and regular assessments, audits, or other technical and operational testing at least once every 12 months, to ensure that the Service Provider is adhering to the obligations set forth in this Policy and the corresponding Data Processing Agreement.

 

Supplemental Information for the EEA, Switzerland, and the U.K. 

In the event Data is transferred and collected from a data subject outside of the United States, then Mitratech addresses this Supplemental Notice to individuals located in the EEA, Swiss and United Kingdom (UK), as required by the GDPR. In the event of any conflict or inconsistency between the other parts of this Policy and the terms of this section, this section shall govern and prevail with regard to the processing of EEA, Swiss, and U.K. Personal Information, to the extent applicable.

  1. Applicable Laws
    If You are located in the EEA, the GDPR applies to the processing of Your Personal Information. If You are located in the UK, the UK GDPR applies to the processing of Your personal data. If You are located in Switzerland, the provisions of the FDPA apply to You, and references to the GDPR below shall be interpreted analogously for the purposes of applying the FDPA.
  2. Legal Basis for Processing
    Mitratech only process Personal Information to operate Our business and provide the Services requested by You. We also use Personal Information to comply with applicable legal obligations and protect Our legitimate interests, including communicating with Clients and others, improving the Services and personalizing Our Services.
  3. International Data Transfers
    As a global business, We may transfer Personal Information outside the EU/EEA, Switzerland, and the UK to countries that have been determined by the European Commission to offer an adequate level of data protection. Such transfers are made pursuant to the requirements of applicable adequacy decisions. We make these transfers when necessary to provide Our Services, to perform Our contract with You, or when We have Your consent to transfer Your Personal Information to another country.For transfers from the EU/EEA and Switzerland to countries that have not been deemed to offer an adequate level of data protection, We transfer Personal Information pursuant to a data protection addendum with standard contractual clauses and appropriate supplementary measures including, appropriate technical and organizational measures.
  4. Your Data Protection Rights
    In the EEA, Switzerland and the UK You have the following rights, subject to the conditions under the GDPR and/or local data protection law:

    1. Right to Access. You have the right to confirm from Mitratech whether We are processing Your Data and related information, and, where that is the case, to request access to details about how We process Your Data and copies of the Data.
    2. Right to Data Portability. You have the right to receive Your personal data which You have provided to Us in a structured, commonly used and machine-readable format and You have the right to transmit the personal data to another entity without hindrance from Us.
    3. Right to Rectification. You have the right to request the rectification or completion of inaccurate or incomplete Data.
    4. Right to Objection. You have the right to object to the processing of Your Data in certain cases.
    5. Right to Restrict Processing. In limited circumstances, you have the right to request that We restrict processing of Your Data.
    6. Right to Erasure. You may request that We erase Your Data in certain cases.
    7. Right to Lodge a Complaint. To lodge a complaint with a supervisory authority (only for EEA and UK).
    8. Right to Refuse or Withdraw Consent. In case We ask for Your consent to process Your personal data, You are free to refuse to give it. If you have declared your Consent for any Data processing activities, you can withdraw this consent at any time with future effect.To exercise Your rights under applicable privacy law, to raise a privacy concern, or to make a data-related request, please contact Us at the contact information further below and describe Your request. We may ask for additional information from You to clarify Your request and verify that You are authorized to make Your request. We will respond to requests to exercise privacy rights according to applicable laws.
  5. Disclosure and Assessment
    Mitratech may be required to disclose Personal Information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements.Mitratech will assess its adherence to its privacy policies annually. This assessment will include the following:

    1. A review of Mitratech privacy policies for ongoing conformance with applicable law.
    2. Review of the Personal Data that Mitratech collects and means of collecting this data.
    3. Inclusion of mechanisms, and related communications, that individuals can review their Personal Data, correct it, ask questions or file a complaint.
    4. Training for Mitratech employees, based on their degree of involvement with Personal Data.

 

 

Our commitment to Canadian Privacy (PIPEDA) 

Mitratech is committed to protecting the privacy of personal information in accordance with the Personal Information Protection and Electronic Documents Act (PIPEDA) and its ten Fair Information Principles, which form the ground rules for the collection, use, and disclosure of personal information in Canada.

  1. Your Data Rights
    You have certain rights with respect to Your Data, and We want to help You review and update Your information to ensure it is accurate and up-to-date. We may limit or reject Your request in certain cases, such as if it is frivolous, unverified or unduly burdensome, if it jeopardizes the rights of others, if it is not required by law, or if the burden or expense of providing access would be disproportionate to the risks to Your privacy in the case in question, or if it materially alters the way We provide the Mitratech Services to You. In some cases, We may also need You to provide Us with additional information, which may include personal information, to verify Your identity and the nature of Your request. We will take reasonable steps to respond to all requests within 30 calendar days. If You wish to exercise any of the following rights, You may do so by contacting Us at [email protected]:

    1. Access
      You can request more information about the Data We hold about You and request a copy of such Data.
    2. Exercising your rights
      If you would like more information or would like to exercise the access and deletion rights described above, please submit a privacy-related request by doing the following: (1) Calling us at this toll-free phone number: 1 888 784 7224; or (2) Emailing us at [email protected] describing the nature of your request; The information We gather, and share is outlined in Appendix A.

 

Contact Us 

If you have any questions or complaints regarding this Privacy Policy, please feel free to contact Us at:

Mitratech Holdings, Inc.

Attn: Legal Department – Mitratech

13301 Galleria Circle Bldg. B Suite 200
Bee Cave, TX 78738
Phone: (+1) 888 784 7224

Email: [email protected]

Appendix A 

The list of categories of data collected in the previous twelve months available here is subject to change from time to time in Mitratech’s sole discretion and without notice to You, unless agreed upon in writing otherwise.

Do Not Sell My Personal Information

Cookie Policy