Privacy Policy

Updated: September 6, 2019 

We at LifeOmic Security (LifeOmic Security, LLC and our subsidiaries and affiliates) are committed to protecting your privacy. This privacy policy applies to our software-as-a-Service applications, platforms, software, websites, APIs, products, and services, (each a “Site”, “Service”, or “Software” or collectively, the “Services”), owned and controlled by LifeOmic Security.

This Privacy Policy governs our data collection, processing and usage practices. It also describes your choices regarding use, access and correction of your personal information. If you do not agree with the data practices described in this Privacy Policy, you should not use our Services.

Specifically, this Privacy Policy covers:

   
Information we collect about you  We may collect Personal Information, Usage and Device Information (collectively, “information”, defined in detail below) about you in connection with your (or your organization’s) use of our Services that link to this Privacy Policy. 

Learn more below 

How we use your information  We use the information we collect only in compliance with this Privacy Policy. We may use your information to provide services (either directly to you or to those third parties who have engaged us as service providers to process your information on their behalf); respond to inquiries and provide customer support and technical assistance; communicate with you; process transactions; improve, develop, provide content for, operate, deliver and market our Services; implement social networking features; comply with our company policies and procedures and with applicable law; ensure proper and authorized use of the Services; perform Services tracking and analysis; and, as otherwise permitted by applicable law.

Learn more below 

How we share your information  We may share your information with our business units, affiliates, subsidiaries, business partners, service providers and/or your representatives, in order to provide or improve our Services to you.  We do not share information with third parties so that they can independently market their own products or services to you unless we have explicitly given you the option to opt-in to such disclosures. We will never sell your Personal Information to any third party.

Learn more below 

Your Rights Regarding Your Personal Information  We provide you with the opportunity to be informed of whether we are processing your information and to access, correct, update, oppose, delete, block, limit or object, upon request and free of charge, to our use of your Personal Information to the extent required by applicable law.

Learn more below 

Retention of your information  We keep your account information, like your name, email address, and password, for as long as your account is in existence because we need it to operate your account. In some cases, when you give us information for a feature of the Services, we delete the data after it is no longer needed for the feature. We keep your account data until you use your account settings or tools to delete the data or your account because we use this data to provide you Services. We also keep information about you and your use of the Services for as long as necessary for our legitimate business interests, for legal reasons, and to prevent harm, including as described in the How We Use Your Information and How We Share Your Information
sections. 
Security of your information  We work hard to keep your data safe. We use a combination of technical, administrative, and physical controls to protect the confidentiality, integrity and availability of your data. This includes using Transport Layer Security (“TLS”) to encrypt data transmission and Advanced Encryption Standard (“AES”) to encrypt data storage. No method of transmitting or storing data is completely secure, however.  

If you have a security-related concern, please contact our Security team. 

Click here to learn more about our security practices. 

International Data Transfers  LifeOmic Security is a U.S.-based company that offers our Services to U.S. and international customers. As a result, information that we collect, including personal information, may be transferred to our data centers or service providers in the U.S.  By providing your personal information to us, you are consenting to the transfer of your personal information to the U.S. and to our (and our services providers’) use and disclosure of your personal information in accordance with this Privacy Policy.

We rely on multiple legal bases to lawfully transfer personal data around the world. These include your consent, the EU-US and Swiss-US Privacy Shield. LifeOmic (and its subsidiaries, including LifeOmic Security, LLC and LifeOmic Health LLC) complies with the EU-U.S. and the Swiss-U.S. Privacy Shield Frameworks (Privacy Shield) as set forth by the U.S. Department of Commerce regarding the collection, use, sharing, and retention of personal information transferred from the European Union, the United Kingdom and/or Switzerland to the United States in reliance on Privacy Shield. We follow internal procedures for verifying that our commitments under this Privacy Policy have been implemented. Our compliance with this obligation can be investigated and enforced by the U.S. Federal Trade Commission. Learn more about Privacy Shield here.

If you have a complaint about our Privacy Shield compliance, please contact us. You can also refer a complaint to our chosen independent dispute resolution body JAMS, and in certain circumstances, invoke the Privacy Shield arbitration process or lodge a complaint with the supervisory authority in your country of residence in the EU. You may also contact our EU representative at lifeomic@dpr.eu.com. For more details, see our EU representative contact summary here.

Cookies and similar Technologies  We may use “cookies” and similar technologies to help deliver our Services. This technology may involve placing small files/code on your device or browser that serve a number of purposes, such as remembering your preferences and to offer you a more personalized user experience. 

Read our Cookie Policy to learn more. 

Marketing Analytics and Communications  We work with partners who provide us with marketing analytics and communications services. This includes helping us understand how users interact with our Services, communicating with you about our Services and features, and measuring the performance of those communications. These companies may use cookies and similar technologies to collect information about your interactions with the Services and other websites and applications.  

To learn more and about your privacy choices, please see more details in the How We Use Your Information and How We Share Your Information sections and read our Cookie Policy.

Links to Other Websites  Our Sites may contain links to other websites or services that are not owned or controlled by LifeOmic Security, including links to websites of our sponsors and partners. This Privacy Policy only applies to information collected by our Services. We have no control over these third-party websites, and your use of third party websites and features are subject to privacy policies posted on those websites. We are not responsible or liable for the privacy or business practices of any third-party websites linked to our Services. Your use of third parties’ websites linked to our Services is at your own risk, so we encourage you to read the privacy policies of any linked third-party websites when you leave one of our Services. 
Our Policies for Children  Our Sites are directed toward adults. If you are under the age of 16, you must obtain the authorization of a responsible adult (parent or legal custodian) before using or accessing our Sites. We will not knowingly collect or use any personal information from any children under the age of 16 on our Sites. If we become aware that we have collected any personal information from children under 16, we will promptly remove such information from our systems.
Situations where this Privacy Policy does not apply  This Privacy Policy does not apply to job applicants or employees, which are subject to relevant privacy notices. 

This Privacy Policy does not apply to the extent that: 

  • Our products and services set forth an additional or alternative Privacy Policy; or 
  • Applicable law imposes different processing or privacy requirements on your information. 
Changes to this Privacy Policy  We periodically update this Privacy Policy. We will post any privacy policy changes on this page and, if the changes are significant, we will provide a more prominent notice by sending you notification by email or notification alert within our Services or Sites. 

While we will notify you of any material changes to this Privacy Policy, we encourage you to review this Privacy Policy periodically. We will also keep prior versions of this Privacy Policy in an archive for your review.

How to contact us  You can contact us using the Contact Us page on our Sites or by mail at 351 West 10th Street, Indianapolis, IN 46202. 

If you have questions, suggestions, or concerns about this policy, or about our use of your information, including filing a complaint, please contact our Data Protection Officer or Privacy Officer at privacy@lifeomic.com.

INFORMATION WE COLLECT ABOUT YOU 

When you use our Services, we collect the following types of information. 

INFORMATION YOU PROVIDE US (“PERSONAL INFORMATION”)  

ACCOUNT INFORMATION 

Some information is required to create an account on Services, such as your 

  • name,  
  • email address,  
  • password,  
  • company, and 
  • phone number. 

ADDITIONAL INFORMATION 

To help improve your experience or enable certain features of the Services, you may choose to provide us with additional information, such as  

  • profile photos,
  • profile information (such as a biography),
  • country information,
  • contact information (such as your mailing address and your mobile telephone number),
  • community or social media username, and

If you contact us or participate in a survey, contest, or promotion, we collect the information you submit such as your name, email address, contact information, and message.

INFORMATION FROM THIRD-PARTY SERVICES 

If you choose to connect your account on our Services to your account on another service, we may receive information from the other service. For example, if you connect to Facebook or Google, we may receive information like your name, profile picture, language and email address. You can stop sharing the information from the other services with us by removing our access to each other service. However, we will store historical data that has already been collected.

INFORMATION PROVIDED BY OTHER INDIVIDUALS 

While using our Services, individuals may provide information about another individual, or an authorized user (such as an account administrator) creating an account on your behalf may provide information about You. When one individual provides us with information (including personal information) about another individual, we assume that the individual has permission and authority to do so and to consent on behalf of that individual to the collection and use of personal information as described in this Privacy Policy. Please contact us immediately if you become aware of an individual providing us with personal information about another individual without being authorized to do so, and we will act consistently with this Privacy Policy.

PAYMENT AND CARD INFORMATION 

Some LifeOmic Security Services support payments and transactions with third parties. If you activate this feature, you must provide certain information for identification and verification, such as your name, billing address, credit, debit or other card number, card expiration date and CVV code. This information is used solely to check your financial qualifications and collect payment from you. We do not store your payment information. We use a third-party service provider to manage payment card processing. Note that third-party payment processors may retain this information in accordance with their own privacy policies and terms. This service provider is not permitted to store, retain or use information you provide except for the sole purpose of credit card processing on our behalf.

INFORMATION WE RECEIVE FROM YOUR USE OF OUR SERVICES 

USAGE AND DEVICE INFORMATION 

When you use our Services, we receive certain usage data (“Usage and Device Information”). This includes information about your interaction with the Services, for example, when you view or search content, install or open applications or software, create or log into your account, import data into your account, or integrate a third-party service to your account.

We may also collect data about the devices and computers you use to access our Services, including IP addresses, browser type, language, operating system, or mobile device information (including device and application identifiers), the referring web page, pages visited, location (depending on the permissions you have granted us), and cookie information.

OTHER SPECIAL CATEGORIES OF PERSONAL DATA 

To the extent that information we collect directly from you is a special category of sensitive personal data subject to the European Union’s General Data Protection Regulation (“GDPR”), we ask for your explicit consent to process such sensitive personal data. We obtain this consent separately when you take actions leading to our obtaining the data. You can use your account settings or contact us to withdraw your consent at any time, including by stopping use of a feature, removing our access to a third-party service, requesting deletion your data or closing your account.

However, if we are acting as a service provider (a “Data Processor”) processing your personal information on behalf of a third party that has collected such data from you, and such third party is the party that has the right to determine the purposes for which it will process your personal information and the means it will use to process your personal information (the “Data Controller”), then such Data Controller has the legal obligation to ask for your explicit consent to process your sensitive personal data, and we are not responsible for obtaining such consent from you.  In such a scenario, the Data Controller may have their own, separate policies regarding the use and disclosure of your personal information, including any sensitive personal data you provide to such Data Controller.  In such a scenario, this Privacy Policy does not apply to, we cannot control the activities of, and we are not responsible for the activities of the applicable Data Controller generally; this Privacy Policy only applies to our processing of your personal information that we, as a Data Processor, have been asked to process on behalf of the Data applicable Data Controller.  We encourage you to review such Data Controller’s privacy policy and/or contact the applicable Data Controller for more information about the policies that apply to their use and disclosure of your personal information, including any sensitive personal data.

HOW WE USE YOUR INFORMATION 

We use the information we collect for the following purposes. 

PROVIDE AND MAINTAIN THE SERVICES 

We use the information we collect to deliver the Services to you and honor our Terms of Service for each Service or business contract with you. For example, 

  • to administer, operate, maintain and secure our Services;
  • to monitor and analyze trends, usage and activities in connection with our Services;
  • for accounting, recordkeeping, backup and administrative purposes;
  • to customize and improve the content of our communications, websites and social media accounts;
  • to provide customer service and support;
  • to communicate with you, including responding to your comments, questions and requests regarding our Services; and
  • to process and complete transactions, and send you related information, including alerts and notifications about your service, purchase confirmations and invoices; and
  • to educate and train our workforce in data protection and customer support.

IMPROVE, PERSONALIZE, AND DEVELOP THE SERVICES 

We use the information we collect to improve and personalize the Services and to develop new ones. For example, we use the information to troubleshoot and protect against errors; perform data analysis and testing; conduct research and surveys and develop new features and Services.

COMMUNICATE WITH YOU 

We use your information when needed to send you Service notifications and respond to you when you contact us. We also use your information to promote new features or products that we think you would be interested in. You can control marketing communications and most Service notifications by using your notification preferences in account settings or via the “Unsubscribe” link in an email.

PROMOTE SAFETY AND SECURITY 

We use the information we collect to promote the safety and security of the Services, our users and other parties. For example, we may use the information 

  • to authenticate users;
  • to facilitate secure payments;
  • to respond to a legal request or claim, conduct audits, and enforce our terms and policies;
  • to investigate and protect against fraud, malicious or unauthorized access, and other illegal activities; and
  • to demonstrate and verify compliance with our internal policies and procedures, and applicable privacy and data security laws and regulations, such as GDPR.

USE AND DISCLOSURE OF DE-IDENTIFIED INFORMATION 

“De-identified” means that we have removed, or rendered unreadable through complex computational algorithms, your personally-identifiable information, such as your name, address, or birthdate. We may use de-identified information that we have obtained from our Services for various purposes, including for example:

  • In accordance with regulatory requirements, we may de-identify, store and use your information for internal quality control, validation and research and development. This is important for LifeOmic Security to maintain high quality Services. We may use de-identified information as permitted by law.
  • We may use or disclose de-identified information for general research and communications purposes. This may include analysis of this information to communicate observations and learnings, for example in the case of aggregated data.  This may also include commercial collaborations with private companies or public organizations (such as other security software vendors, assesors, standard organizations, etc.) for purposes of advancing the Services and other security software and protocols.

We use cookies and similar technologies for the purposes described above. For more information, please read our Cookie Policy.

For personal data subject to the GDPR, we rely on several legal bases to process the data. These include when you have given your consent, which you may withdraw at any time using your account settings and/or other tools; when the processing is necessary to perform a contract with you, like the Terms of Service; and our legitimate business interests, such as in improving, personalizing, and developing the Services, marketing new features or products that may be of interest, and promoting safety and security as described above.

HOW WE SHARE YOUR INFORMATION 

We do not share your personal information except in the limited circumstances described below.  

WHEN YOU AGREE OR DIRECT US TO SHARE 

You may direct us to disclose your information to others. For certain information, you may change your privacy preferences in account settings and use other provided tools to control how your information is visible to other users of the Services.

You may also authorize us to share your information with others, for example, with a third-party application when you give it access to your account, or with your employer company or other organizations and provide consent to each organization. Remember that their use of your information will be governed by their privacy policies and terms. You can revoke your consent to share with third-party applications or employee wellness programs using your account settings.

FOR EXTERNAL PROCESSING 

We transfer information to our corporate affiliates, service providers and other partners who process it for us, based on our instructions and in compliance with this policy and any other appropriate confidentiality and security measures. These partners provide us with services globally, including for customer support, information technology, payments, sales, marketing, data analysis, research and surveys.

FOR LEGAL REASONS OR TO PREVENT HARM 

We may preserve or disclose information about you to comply with a law, regulation, legal process or governmental request; to assert legal rights or defend against legal claims; or to prevent, detect or investigate illegal activity, fraud, abuse, violations of our terms or threats to the security of the Services or the physical safety of any person.

Please note: Our policy is to notify you of legal process seeking access to your information, such as search warrants, court orders or subpoenas, unless we are prohibited by law from doing so. In cases where a court order specifies a non-disclosure period, we provide delayed notice after the expiration of the non-disclosure period. Exceptions to our notice policy include exigent or counterproductive circumstances, for example, when there is an emergency involving a danger of death or serious physical injury to a person.

We may share non-personal information that is aggregated or de-identified so that it cannot reasonably be used to identify an individual. We may disclose such information publicly and to third parties, for example, in public reports about trends in security, to partners under agreement with us or as part of the community benchmarking information we provide to users of our subscription services.

If we are involved in a merger, acquisition, or sale of assets, we will continue to take measures to protect the confidentiality of personal information and give affected users notice for the transferring of any personal information to a new entity.

YOUR RIGHTS REGARDING YOUR PERSONAL INFORMATION 

You can access and control your personal information via account settings and/or our tools we provide to you, regardless of where you live. If you live in the European Economic Area, United Kingdom and Switzerland (the “Designated Countries”), you have a number of legal rights with respect to your information, as outlined below.

Accessing and Exporting Data. By logging into your account, you can access much of your personal information. Using your account settings, you can also request a download of personal information in a commonly used file format.

Editing and Deleting Data. Your account settings and certain platform APIs let you change and delete your personal information and/or account data. For instance, you can edit or delete the profile data you provide and delete your account if you wish.

If you choose to delete your account, please note that while most of your information will be deleted within 14 days, it may take up to 90 days to delete all of your information, such as the data stored in our backup systems. This is due to the size and complexity of the systems we use to store data. We may also preserve data for legal reasons or to prevent harm, including as described in the How We Share Your Information section.

Objecting to Data Use. You can control usage of your data via account settings or other application APIs or tools. For example, you can:

  • limit the notifications you receive from us; and
  • revoke the access of third-party applications that you previously connected to your account.

If you live in a Designated Country, in certain circumstances, you can object to our processing of your information based on our legitimate interests, including as described in the How We Use Information section. You have a general right to object to the use of your information for direct marketing purposes. Please also review our Cookie Policy for your options to control how we and our partners use cookies and similar technologies for advertising.

Restricting or Limiting Data Use. In addition to the various controls that we offer, if you reside in a Designated Country, you can seek to restrict our processing of your data in certain circumstances. Please note that you can always delete your account at any time.

Onward Transfers of Data.  If we intend to disclose your personal information to any third party that will have the right to process it, we will enter into a contract with such third party that provides that your personal information may be processed only for limited and specified purposes consistent with the consent you have provided to us, that the third party must provide the same level of protection for your personal information that we are obligated to provide under this Privacy Policy while it is processing your personal information, and that the third party will notify us if it makes a determination that it can no longer meet these obligations (and in such a case such third party shall cease processing your personal information or otherwise be required to take reasonable and appropriate steps to remediate any unauthorized processing).  Please note that in cases of onward transfer of your personal information to third parties processing your information on our behalf as our agent (our “Agents”), we will remain liable under the Principles of the E.U.-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework if such Agents process your personal information in a manner inconsistent with the Privacy Shield Principles, unless we prove that we are not responsible for the event giving rise to the damage.

In contrast, if we intend to disclose your personal information to any third party that will have the right to determine the purposes for which it will process your personal information and the means it will use to process your personal information (rather than just providing requested assistance to us in support of our permitted uses of your personal information) (such third parties, “Controllers”) we will notify you and present you an opportunity to opt out of such disclosure, and you should be sure to review such parties’ privacy policies for information on how they may use, disclose and protect your personal information.

 Changes to Privacy Policy.  If we are using your personal information on the basis of your consent, and we change our Privacy Policy to permit any use or disclosure of your personal information that is materially different than the uses for which it was originally collected or subsequently authorized by you, we will obtain your consent before we make such further uses of your personal information.

Further Assistance.  If you need further assistance regarding your rights, please contact our Data Protection Officer at privacy@lifeomic.com, and we will consider your request in accordance with applicable laws. You may also contact our EU representative at lifeomic@dpr.eu.com. For more details, see our EU representative contact summary here.