We self-certify compliance to EU-U.S. and Swiss-U.S. Data Privacy Framework Agreements.
RECOVERY POINT SYSTEMS PRIVACY NOTICE
Recovery Point Systems respects your privacy and is committed to maintaining the privacy and confidentiality of personal data we collect. The purpose of our Privacy Statement is to demonstrate our firm commitment to the privacy and protection of all persons who provide personal data to Recovery Point Systems and its affiliates. This Privacy Statement describes the ways we collect information from and about you, and what we do with the information, so that you may decide whether to provide information to us.
By using Recovery Point Systems websites or are otherwise providing your personal information to Recovery Point Systems via any other means, you are accepting and consenting to the practices described in this Privacy Statement.
For purposes of this Privacy Statement, the term “visitor” includes visitors to our websites who are not yet customers, those who become customers, as well as those who do not become customers; whether you upload information to our websites, download it, or are merely visiting our websites. You can choose not to provide certain information when using our websites but then you might not be able to take advantage of many of its features.
1. INFORMATION WE COLLECT ABOUT YOU AND ABILITY TO OPT-OUT
The information we collect may include your business-related contact information, such as your name, business contact information such as your business phone number and address, IP addresses, product and service selections and orders or other things that identify you individually. Generally, we may collect information about you in the following manners:
- you may provide your business-related contact information to us via email or other written correspondence, telephone calls, web-based forms, or other means; and
You may visit our Websites in any of the following ways:
- By using your browser to navigate to our Websites including (but not limited to): www.recoverypoint.com; ffederal.com
- By viewing an advertisement displayed on a third-party website that is served content by our web server;
- By viewing an email that is served content by our or a third-party web
When you visit our Website, our server logs your IP address (unique network addresses), the time and duration of your visit, and the time and duration of the pages on our website you view. If you arrive at our website by clicking a paid advertisement (including a paid search engine result) or a link in an email, then we will capture information that tracks your visit from that link. If you arrive at our Website by clicking a non-paid source, such as link in a non-paid search engine result or an unsponsored link on another website, we may capture information that tracks your visit from that source; to the extent we are able to do so. We may also capture information about your computer system, such as your browser type and operating system. We will likely place a cookie on your hard drive during the web visit. A cookie is a unique alphanumeric identifier that we use to help us identify the number of unique visitors to our Website, whether those visitors are repeat visitors, and the source of the visits. Cookies cannot be executed as code or used to deliver a virus. Other servers cannot read them, and personal information cannot be gathered from them. They are simply an identifier shared between you and us to allow us to improve the services we offer to you through our Website. If you do not wish cookies to be placed on your computer, then they can be disabled in your web browser. The option to do so is normally found in your browser’s “security settings” section. However, please note, permanently disabling cookies in your browser may hinder your use of our Website as well as other websites and interactive services.
A web beacon, also known as a web bug, is a small graphic (usually 1 pixel x 1 pixel), that is embedded in a web advertisement, email, or page on our web site, but is invisible to you. When you view a page on our web site, an email, or an advertisement your web browser will request the web beacon from a web server, which in turn will set a cookie in your web browser containing a unique identifier. This unique identifier will be linked to log information that is used to track your movements on our web site to determine the effectiveness of content and advertising campaigns. We do not collect personal information about you as part of a web visit, but web visit information may be tied to other information (including personal information) we collect from you via web forms, and the other means we describe in this Privacy Statement.
Links to non-Recovery Point Systems Websites
We may provide links to third-party websites for your convenience and information. The privacy practices of those sites may differ from Recovery Point Systems practices and are not controlled by Recovery Point Systems and covered by this Privacy Statement. We do not make any representations about third-party websites. We encourage you to review their privacy policies before submitting your personal data.
Personal information received from the EU-US Data Privacy Framework Principles or Switzerland
Recovery Point Systems receives data in two different ways and acts as a data controller for some information and a data processor for others.
When Recovery Point Systems is a data controller –Data Privacy Framework Compliance
Recovery Point may act as a data controller in some limited circumstances. We may use your information to process your service requests, handle orders, deliver products and services, process payments, communicate with you about orders, provide access to secure areas of the Website, recommend services that might be of interest to you, to personalize your visit to our Website, and to enable us to review develop and continually improve the products, services and offers we provide online.
When Recovery Point Systems is a data processor
Recovery Point Systems’ obligations with respect to personal data for which Recovery Point Systems is solely a data processor, such as personal data that Recovery Point Systems’ customers store or transfer using Recovery Point Systems’ technology hosting services, are defined in its agreements with its customers. In those circumstances Recovery Point Systems receives personal data from the EU-US Data Privacy Framework Principles or Switzerland as an agent of the customer merely for hosting it and we are contractually prohibited from accessing the data. The customer will remain responsible for the personal data that it collects and processes and for the compliance with applicable data protection laws. Individuals with questions or concerns regarding how the data is used, who sees it, and how they can access it must contact our customers, who are the controllers of that data.
We will not intentionally collect or maintain, and do not want you to provide, any information regarding your medical or health condition, race or ethnic origin, political opinions, religious or philosophical beliefs or other sensitive information.
2. WHAT DO WE USE THIS INFORMATION FOR?
If we are handling data in our role as a data controller, we may use your information to process your service requests, handle orders, deliver products and services, process payments, communicate with you about orders, provide access to secure areas of the Website, recommend services that might be of interest to you, to personalize your visit to our Website, and to enable us to review develop and continually improve the products, services and offers we provide online. We also use this information to prevent or detect fraud or abuses of our Website and to enable third parties to carry out technical, logistical, or other functions on our behalf.
We use visitor information to send information about our company to visitors and to get in touch with them when necessary. We also use the information we collect to improve the content of our websites and as training aides for our employees. Visitors are given the choice at the point when we request their information.
We use web visit information to measure interest in and develop our web pages and marketing plans, customize the content you view on your web visits based on your activity on past visits, and administer our Website.
We use the visitors’ IP address to help diagnose problems with our servers, to administer our Websites and to conduct follow-up outreach to offer further information about our services.
We use web beacons to count the number of times that our advertisements and web-based email content are viewed. We combine web beacon information with cookies to track activity on our website originating from advertisements and web-based email content.
We use information you provide to us via telephone calls, email, web forms and other communications to correspond with you about services you may be interested in purchasing. Information you submit in writing, such as email, and web form information is archived and may be tied to information that we collect about your web visits. We may enter information you provide via telephone into our systems to use for the purposes described in this paragraph.
3. DISCLOSURE OF PERSONAL INFORMATION
Personal information we gather is for internal use only and will not authorize the release of this information to anyone outside Recovery Point Systems (except to third party service providers to Recovery Point Systems who perform functions on our behalf but in such event personal information will only be shared to the extent reasonably necessary to perform their functions and they will not be authorized to use it for any other function), unless you have consented to such disclosure. Should you breach our terms and conditions or website terms, or if we are under a duty to disclose or share your personal data to comply with any legal obligation, we may disclose your information to a relevant authority. We may release the information we collect to third parties when we believe it is appropriate to comply with the law, to enforce our legal rights, to protect the rights and safety of others, or to assist with industry efforts to control fraud, spam or other undesirable conduct. We may release the information we collect to third parties, where the information is provided to enable such third party to provide services to us, provided that the third party has agreed to use at least the same level of privacy protections described in this Privacy Statement and is permitted to use the information only for the purpose of providing services to us.
We may be required to disclose an individual’s personal information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements.
In cases of onward transfer to third parties of data of EU-US Data Privacy Framework Principles or Swiss individuals received pursuant to the EU-US Data Privacy Framework Principles or Swiss-US Data Privacy Framework, Recovery Point Systems is potentially liable in some limited circumstances as a data controller. As a data processor, Recovery Point Systems will not be held liable under circumstances referenced in section 1 under the subsection “When Recovery Point Systems is a data processor.”
4. OPTING OUT OF COMMUNICATIONS
Recovery Point Systems gives you an opportunity to choose to opt-out of personal data being disclosed to third parties for a purpose incompatible with the purpose for which it was originally collected (except for meeting applicable legal requirements or permitting third party service providers who perform functions on our behalf as described in section 3 of this Privacy Statement), including your opting out of receiving future marketing mailings. We will not use your contact information to correspond with you about our services if you ask us not to. Please write us at Privacy, Recovery Point Systems Corporation 75 West Watkins Mill Road Gaithersburg, Maryland 20878. Please note that it may take up to ten days to remove your contact information from our marketing communications lists, so you may receive correspondence from us for a short time after you make your request.
5. SECURITY OF YOUR INFORMATION
Recovery Point Systems is committed to industry best practices approaches concerning security measures to prevent the loss, misuse, and alteration of the information in our possession. Recovery Point Systems maintains reasonable physical, electronic, and managerial procedures to safeguard and secure the personal information from loss, misuse, unauthorized access, or disclosure, alteration or destruction.
6. DATA INTEGRITY
Personal data we collect is relevant for the purposes for which it is to be used. Recovery Point Systems takes reasonable steps to ensure that data is reliable for its intended use, accurate, complete, and current.
7. RIGHT TO ACCESS YOUR PERSONAL INFORMATION
We acknowledge the individual’s right to access their personal data. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data, should direct any query to 877.445.4333. If requested to remove data, we will respond within a reasonable timeframe.
Recovery Point Systems utilizes the self-assessment approach to assure its compliance with its Privacy Statement. Recovery Point Systems regularly verifies that the privacy statement is accurate, comprehensive, prominently displayed, completely implemented and in conformity with the Data Privacy Framework Principles and conducts its self-assessment on an annual basis to ensure that all relevant privacy practices are being followed. Appropriate employee training is in place and internal procedures for periodically conducting objective reviews of compliance are in place. A statement verifying this self-assessment is signed by a corporate officer or other authorized representative at least once a year.
9. INQUIRIES OR COMPLAINTS
In compliance with the EU-US Data Privacy Framework Principles, Recovery Point Systems, Inc. commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to the DPF Principles. EU-US Data Privacy Framework Principles and Swiss -US individuals with DPF inquiries or complaints should first contact Recovery Point Systems, Inc. at 877.445.4333 or write us at Privacy, Recovery Point Systems, 75 West Watkins Mill Road, Gaithersburg, MD 20878. We will investigate the matter and are committed to resolve any privacy concerns that you may have.
Recovery Point Systems, Inc. has further committed to refer unresolved privacy complaints under the DPF Principles to an independent dispute resolution mechanism, Data Privacy Framework Services, operated by BBB National Programs. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://bbbprograms.org/programs/all-programs/dpf-consumers/ProcessForConsumers for more information and to file a complaint. This service is provided free of charge to you.
If your DPF complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See https://www.dataprivacyframework.gov/s/article/G-Arbitration-Procedures-dpf?tabset-35584=2.
You may, under certain conditions, invoke binding arbitration to determine whether we have violated our obligations to you, and whether any such obligations remain fully or partially unremedied.
Recovery Point Systems is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).
Our business changes constantly and our Privacy Statement may also change from time to time. You should check our website frequently to see recent changes; however, we will never materially change our policies and practices to make them less protective of personal information collected in the past without your prior consent.