WHAT INFORMATION WE COLLECT
i. We may collect information such as occupation, language, zip code, area code, postal code, unique device identifier, location and the time zone where a Bolstra product is used so that we can better understand customer behavior and improve our products, Services and advertising.
i. Registration. Most of the time you will browse the Website without registering with us or creating an online account. However, in order to access certain resources or services via the Website (buy products, questions, service etc.), you will need to register with us. In order to register and create an online account, we collect certain personal information about you such as: your first and last name; your telephone number; your email address; you job function/title; your country; your organization name and size; your location; and whether or not you are acting on behalf of a current customer.
iii. Customer Data. Bolstra Customers may electronically submit data or information to the Services for hosting and processing purposes (“Customer Data”). Bolstra will not review, share, distribute, or reference any such Customer Data except as provided in the Bolstra Customer Agreement, or as may be required by law. In accordance with the Bolstra Customer Agreement, Bolstra may access Customer Data only for the purpose of providing the Services, improving the Services or preventing or addressing service or technical problems or as may be required by law. When purchasing the Services, Bolstra may require you to provide the Company with financial qualification and billing information, such as billing name and address and the number of employees within the organization that will be using the Services. Bolstra may also ask you to provide additional information, such as company annual revenues, number of employees, or industry.
c) Sensitive Data.
i. Personal Health Information. Unless otherwise agreed upon, you shall not submit to Bolstra (or use the Services to collect) any patient, medical or other protected health information regulated by HIPAA or any similar federal or state laws, rules or regulations. You also acknowledge that, unless otherwise agreed upon, Bolstra is not acting as your Business Associate or subcontractor (as such terms are defined and used in HIPAA) and that the Services are not HIPAA compliant. “HIPAA” means the Health Insurance Portability and Accountability Act, as amended and supplemented.
ii. Payment Card Information. Unless otherwise agreed upon, you shall not submit to Bolstra (or use the Services to collect) any information with respect to a payment card, the account holder’s name, account number, service code, card validation code/value/number, PIN or PIN block, valid to and from dates and magnetic stripe data and information relating to a payment card transaction or any financial account number, with or without any code or password that would permit access to the account (such as bank account numbers and debit or credit card number), except as necessary for the payment of your Order. You also acknowledge that, unless otherwise agreed upon, the Services are not compliant with the Payment Card Industry Data Security Standard (“PCI DSS”).
HOW WE USE YOUR INFORMATION
The information we collect allows us to:
a) Provide the Services;
b) Keep you posted on Bolstra’s latest product announcements, software updates and upcoming events;
c) To provide you with information, resources, products or services that your organization requested from us;
d) Send you customer service-related communications, including online services;
e) Provide technical product support to our Customers and to enhance Customer technical product support services;
f) Deal with communications that you send to Bolstra;
g) Inform you of updates for our products;
h) Request your feedback;
i) Complete and support the current activity, Website and system administration, research and development, and to improve the navigation and content of the Website;
j) Help us develop, deliver and improve our products, Services, content, customer communications and advertising;
k) For internal purposes such as auditing, data analysis and research. If you don’t want to be on our mailing list, you can opt out anytime here.
If you don’t want to be on our mailing list, you can opt out anytime by sending a request here. We may use, transfer and disclose Non-Personal Information for any purpose. If we combine Non-Personal Information with personal information, the combined information will be treated as personal information for as long as it remains combined. Bolstra may use such combined information to provide and improve its products, services, content and advertising. If you don’t want to be on our mailing list, you can opt out anytime here.
COOKIES AND OTHER TECHNOLOGIES.
The Web Site may use “cookies”. These technologies help us better understand user behavior, tell us which parts of our Web Site people have visited and facilitate and measure the effectiveness of advertisements and web searches. We treat information collected by cookies as Non-Personal information. However, to the extent that Internet Protocol (IP) addresses or similar identifiers are considered Personal Information by law, we also treat these identifiers as Personal Information. If you want to disable cookies, check with your web browser provider to find out how to do so. Please note that certain features of the Web Site may not be available once cookies are disabled. As is true of most websites, we gather some information automatically and store it in log files. This information includes Internet Protocol (IP) addresses, browser type and language, Internet service provider (ISP), referring and exit pages, operating system, date/time stamp and “clickstream” data. We use this information to understand and analyze trends, to administer the Website, to learn about user behavior on the site and to gather demographic information about our user base as a whole. Bolstra may use this information in its marketing and advertising services. In some of our email messages, we may use a “click-through URL” linked to content on the Web Site. When you click one of these URLs, you pass through a separate web server before arriving at the destination page on the Web Site. We track this click-through data to help us determine interest in particular topics and measure the effectiveness of our customer communications. If you prefer not to be tracked in such a way, you should not click text or graphic links in the email messages.
b) With Business Partners. From time to time, Bolstra may partner with other companies to jointly offer products or services. If you purchase or specifically express interest in a jointly-offered product or service from Bolstra, Bolstra may share data about Bolstra customers collected in connection with your purchase or expression of interest with our joint promotion partner(s). Bolstra does not control its business partners’ use of your data, and their use of the information will be in accordance with their own privacy policies. If you do not wish for your information to be shared in this manner, you may opt not to purchase or specifically express interest in a jointly offered product or services.
PROTECTION OF PERSONAL INFORMATION.
Bolstra takes precautions –including administrative, technical and physical measures –to safeguard your personal information against loss, theft and misuse, as well as against unauthorized access, disclosure, alteration and destruction. Bolstra uses robust security measures to protect your information which is stored in the Services. Where relevant, the Web Site uses Transport Layer Security (TLS) encryption on all web pages where personal information may be collected from. It is highly recommended to use a TLS-enabled browser. Doing so protects the confidentiality of your personal information while it’s transmitted over the Internet.
RETENTION OF PERSONAL INFORMATION.
Bolstra will retain your personal information for the period necessary to fulfil the purpose for which it was intended. Bolstra will also retain your information for the purpose of performing or fulfilling contractual obligation with your organization. Finally, we will retain your information as long as required by law.
ACCESS TO PERSONAL INFORMATION.
You may request that we correct your data if it is inaccurate or that we delete it (if Bolstra is not required to retain it by law). We may decline to process your request if such request is unreasonably repetitive; requires disproportionate technical efforts; jeopardizes the privacy of others; is impractical or for which access is not otherwise required by law. You may make such a request or access your personal information in our possession by contacting: Bolstraprivacy@Bolstra.com
THIRD-PARTY SITES AND SERVICES.
The Web Site and Services may contain links to third-party websites, products and services. Information collected by third parties may include location data or contact details and other generic usage information. This collection of data is governed by the privacy practices of those third parties. We encourage you to learn about these practices. Bolstra is not responsible for the content, operation or privacy practices of any such websites. In particular, unless expressly stated, we are not agents for these sites or advertisers, nor are we authorized to make representations on their behalf. Bolstra may disclose personally identifiable information to such third-party service providers for the sole purpose of the provision of services to you. Bolstra may subcontract the hosted services of your personal and non-personal data with Bolstra’s contracted service providers. Bolstra does not share, sell, rent, or trade any information with third parties for their promotional purposes.
b) Data Privacy Shield. Bolstra abides by the Data Privacy Shield frameworks set forth by the U.S. Department of Commerce regarding the collection, use and retention of personal information collected by organizations in the European Economic Area and Switzerland (“Privacy Shield”). Bolstra has certified that it adheres to the Privacy Shield principles. For more information on the Privacy Shield, including the Privacy Shield Principles, please visit this Website
c) Arbitration. Please contact us here if you have any questions or complaints regarding Bolstra’s compliance with the Privacy Shield Framework. If your complaint regarding Bolstra’s Privacy Shield compliance is not resolved by contacting us, you may, invoke binding arbitration, at Bolstra’s sole cost and expense, with JAMS Privacy Shield Program. Under certain conditions, more fully described on the Privacy Shield website, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.
d) Liability for onward transfers. Bolstra uses a limited number of third-party service providers to assist us in providing our services to customers. These third-party providers assist with the transmission of data, and provide data storage services. These third parties may access, process, or store personal data in the course of providing their services. Bolstra maintains contracts with these third parties restricting their access, use and disclosure of personal data in compliance with our Privacy Shield obligations, and Bolstra may be liable if they fail to meet those obligations and we are responsible for the event giving rise to the damage.
INVESTIGATORY AND LEGALLY REQUIRED DISCLOSURE.
Bolstra will promptly inform every concerned individual subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC) or any other U.S. authorized statutory body. It may be necessary − by law, legal process, litigation and/or requests from public and governmental authorities within or outside your country of residence, including to meet national security or law enforcement requirements − for Bolstra to disclose your personal information. Bolstra will inform concerned individuals about the requirements of such disclosure.
– 12400 N. Meridian Street, Suite 120, Carmel, IN 46032;
Updated as of: 1/16/2018