Effective Date: January 11, 2019
What is Confidential Information?
Confidential Information means Company or Customer information, materials and data which (a) is marked clearly as proprietary or confidential, (b) if oral, is identified as proprietary, confidential, or private on disclosure or (c) any other business information, whether tangible or oral, which upon receipt by the receiving party should reasonably be understood to be confidential. This includes but is not limited to: Company’s software products, internal business applications, marketing materials and technical documents related to Company products and services, and Customer’s business strategy, marketing techniques, and operational processes and systems.
What is Customer Data?
Customer Data is any content, materials, data and information that Customer upload, submit, post, transfer, or otherwise provide to Company. Customer Data may include Personal Information.
What are the Data Protection Laws?
Data Protection Laws, as applicable: (i) Title V of the Gramm-Leach-Bliley Act of 1999 or any successor federal statute to the Gramm-Leach-Bliley Act of 1999, and the rules and regulations thereunder, (ii) the Health Insurance Portability and Accountability Act of 1996, (iii) the Sarbanes-Oxley Act of 2002 (Pub. L. 107-204, 116 Stat. 745), and (iv) any legislation or regulation amending, supplementing or replacing any of the foregoing from time to time.
How do we define Personal Information?
Personal Information is any information relating to an identified or identifiable natural person (“Data Subject”) which is subject to protection under the applicable Data Protection Law in the jurisdiction in which such Data Protection Law applies. Personal Information may include national id number, home address and phone number information as well as salary information, job grade and job ranking information.
What is our Security Compliance?
The Company uses commercially reasonable security technologies in protecting Customer Data. To the extent Customer transfers Personal Information to Company, and further subject to Customer’s compliance with its obligations and restrictions with respect to such Personal Information under this Agreement and to the applicable data subject, Company will comply with applicable Data Protection Laws with respect to the processing of such Personal Information.
How do we handle Customer Data and Licensed Data?
Other than as permitted hereunder, Company will within 90 days after the end of the Service Terms (or as otherwise specified in the SOW), follow current established industry standard practices to destroy or delete Customer Data remaining on Company systems, unless applicable law requires retention. Retained data is subject to the confidentiality provisions of the Agreement.
What information do we collect and process and how do we collect and store it?
Information you provide
We may collect and store any and all information that you enter through the Services or give to us in any other way. This section of the Policy provides examples of the information that you provide to us. You may visit and browse the Site without submitting personal information about yourself, and you can choose not to provide certain information to us, but then you might not be able to access or use all of the Services.
We collect and process personal information that you provide to us. Personal information is information that directly or indirectly identifies users, such as name, email address and home address. We may also collect user demographic and behavioral information including gender, interests, shopping preferences and history, and the like.
For example, when you log into a service, we may collect basic information about you such as your name, username, password, email address, physical address, phone number, date of birth, and other personal and business demographic or contact information. But all of this will be at the request of the Customer who has given us permission to do so.
Pixels (a/k/a web beacons, web bugs, scripts). “Pixels” are tiny graphics with a unique identifier that are used to track the online movements of web users. Unlike cookies, which are stored on a computer’s hard drive, pixels are small graphics that are about the size of a period that are embedded invisibly on web pages or in HTML-based emails. We and our third-party service providers may place pixels on the Site that track what other websites you visit (both before and after visiting the Site). Our third-party service providers use information obtained from pixels to help us improve our business and the Site.
We may link together different types of usage information or link usage information to personal information. If linked information directly or indirectly identifies an individual person, Assemble treats the linked information as personal information.
Information licensed for Processing by Companies
We will not commingle, mix or combine customer data licensed to us for processing by companies with other licensed data sources, except during permitted usage and processing as necessary to fulfill contracted services and analysis and will not be retained in a merged or combined state. Companies licensing us to perform processing are required to represent and warrant that they have obtained necessary consent for us to provide processing services. Information collected from other sources: We may also collect information through third parties and, where permitted by law, through publicly available sources, in connection with performing activities that you have requested or instructed for the Services.
Assemble uses several third-party usage analytics tools including Google Analytics. More information about how Google Analytics is used by Assemble can be found here:
You may be able to opt out of Google Analytics tracking by visiting the following link:
When we do collect information and how do we use it?
The collection of data and this information can give the Customer the ability to customize experiences within Customer’s Sites and Services; improve the performance, usability and effectiveness of Customer’s services or products; advertise and market; measure the effectiveness of marketing activities; and generate and analyze statistics about your use.
Do we share or disclose your information?
We may share and disclose your information as described below, and as provided under any applicable Service Agreement.
We may share or disclose your information:
With vendors or agents working for Assemble. For example, we may share your information with companies we have hired (and agreed upon by the Customer) to provide services on our behalf (e.g. providers of management and implementation services). When we share information with these other companies to provide services for us, they are not allowed to use it for any other purpose and must keep it confidential unless you otherwise consent.
With your organization. If you are using the Services on behalf of your organization (for example, you are administering your employer’s Account), your organization may have the ability to access and control the Account and information you provided (including your name, email address, and IP address) upon consent of the Customer.
With others in connection with transfer by us of other business assets approved by the Customer.
As provided in any Service Agreement. We also may share or disclose information, including the content of your communications:
To comply with the law or respond to legal process or lawful requests, including from law enforcement and government agencies;
To conduct investigations of complaints or possible breaches of law, to protect the integrity of the Site, to fulfill your requests, or to cooperate in any legal investigation;
To act on a good faith belief that access, or disclosure is necessary to protect the safety of our associates, customers or the public.
Where is your information stored and processed?
What else do you need to know?
How long do we store your information? We retain and store personal information only for as long as we have a legitimate business purpose to do so in accordance with our Service Agreement agreed upon by the Customer.
Assignment. In the event that all or part of our assets are sold or acquired by another party, or in the event of a merger, we will delete personal information in compliance with the Master Service Agreement terms.
How do we safeguard your information?
Assemble has and requires its partners to have security policies and procedures in place to help protect personal information from unauthorized loss, misuse, alteration, or destruction. Despite our efforts, however, security cannot be guaranteed against all threats. We seek to limit access to your personal information to those who have a need to know. Those individuals who have access to the data are required to maintain the confidentiality of such information. We recommend that you take additional measures to protect yourself and your information, including by installing up to date anti-virus software, closing browsers after use, keeping confidential your log-in credentials and passwords, and making sure that you regularly update software and apps you have downloaded to ensure you have enabled the latest security features on your devices.
Children. Our Services are not intentionally designed for or directed at children under the age of 13. It is our policy never to knowingly collect or maintain information about anyone under the age of 13, except as part of an engagement to provide Services. If you are between 13 and 17 years of age, you may use the Service, but you may not submit any personal information. If we become aware that a Site user is under age 18 and has provided personal information, we will take steps to remove his or her personally identifiable information from our files. If you are a parent or guardian and believe Assemble may have inadvertently collected personally identifiable information from your child, please notify Assemble immediately by sending an email to email@example.com.
What are your California Privacy Rights?
California law permits residents of California to opt-out of our disclosure of personal information to third parties for their direct marketing purposes. You may choose to opt-out of the sharing of your personal information with third parties for marketing purposes at any time by submitting a request in writing to our contact address above or by e-mailing us at firstname.lastname@example.org. Please note that this opt-out does not prohibit disclosure made for non-marketing purposes. California law also permits residents of California to request and obtain from us once per year, free of charge, a list of the third parties (if any) to whom we have disclosed personal information for their direct marketing purposes in the prior calendar year, as well as the type of personal information disclosed to those parties. If you are a California resident and would like to request this information, please submit your request in an e-mail to: email@example.com or by writing to our contact address above. Requests via telephone or facsimile will not be accepted. The e-mail subject line or mailing envelope and the content of your request must include the phrase “Your California Privacy Rights,” and include your name, e-mail address (if you wish to receive a response via e-mail) or street address, city, state, zip code (if you wish to receive a response via postal mail).
California Minors. If you are a California resident who is under age 18 and you are unable to remove publicly-available content that you have submitted to us, you may request removal by contacting us at: firstname.lastname@example.org. When requesting removal, you must be specific about the information you want removed and provide us with specific information, such as the URL for each page where the information was entered, so that we can find it. We are not required to remove any content or information that: (1) federal or state law requires us or a third party to maintain; (2) was not posted by you; (3) is anonymized so that you cannot be identified; (4) you don’t follow our instructions for removing or requesting removal; or (5) you received compensation or other consideration for providing the content or information. Removal of your content or information from the Services does not ensure complete or comprehensive removal of that content or information from our systems or the systems of our service providers. We are not required to delete the content or information posted by you; our obligations under California law are satisfied so long as we anonymize the content or information or render it invisible to other users and the public.
How We Respond to Do-Not-Track Disclosures. We do not support “Do Not Track” browser settings and do not currently participate in any Do Not Track frameworks that would allow us to respond to signals or other mechanisms from you regarding the collection of your personal information.
Access. You may make a request to update or remove personal information that you submitted and we will make all reasonable and practical efforts to comply with your request, so long as it is consistent with applicable law and professional standards. To request access to or correction, updating, or removal of your personal information please contact us at: email@example.com
How can you contact us?
You may contact us using the following information:
2 Nickerson St, Ste 101
Seattle, Washington 98109
Attention: Data Privacy