Last Updated, January 1, 2019
We believe in transparency. This Policy, together with our Cookies Policy https://phy.net/termsandprivacyand any documents referenced therein, serve to inform you about how we collect, store, use, and disclose your personal information and the rights and options that you have with regard to it.
This Policy does not apply to the practices of third parties who may provide services or features based on our Services, including third parties for whom PHY.net hosts websites or progressive web apps that are served to web clients, including compatible browsers, scanners, and apps (“Hosted Websites”). These Hosted Websites are accessed via links, and are also commonly viewed on mobile devices in proximity to location‑identifying data transmitters, including QR codes and NFC tags. This Policy also does not apply to information we might collect in other situations, like offline or by email.
PLEASE READ THIS POLICY CAREFULLY TO UNDERSTAND HOW WE TREAT YOUR PERSONAL INFORMATION AND WHAT CHOICES AND RIGHTS YOU HAVE IN THAT REGARD. IF YOU DO NOT AGREE WITH OUR POLICIES AND PRACTICES, DO NOT ACCESS, USE, OR REGISTER FOR OUR WEBSITES OR SERVICES.
Who is Responsible for your Personal Information?
PHY.net is a Delaware corporation based in Nashville, Tennessee, United States of America, that acts as a website and progressive web app development platform and a physical-to-mobile content platform. Our telephone number is (866) 797-7101 and email address is firstname.lastname@example.org. We observe certain legal and compliance measures with regard to the personal data (any information that identifies or is identifiable to a natural person) that you provide to us through our Services.
If you are a user in in the European Union (the “EU”), the European Economic Area (“EEA”), or the United Kingdom (UK), for purposes of the EU General Data Protection Regulation, 2016/679 (the “GDPR”) or the UK Data Protection Act of 2018, or any successor legislation (collectively, “Data Protection Laws”), we act as data controller for the personal data we collect from you, as a website visitor to and customer of our Services.
Whenever we disclose your personal data to our organizational affiliates, or vice versa, we will inform you of our lawful basis for doing so and honor your rights with respect to the processing of your personal data.
What Personal Information We Collect and Why
We may collect or request anonymous or non-personally identifiable information from our website users that cannot identify you as an individual unless combined with personally identifiable information. For example, we may collect aggregate website statistical information for a variety of audience and website performance-related purposes, such as calculating the percentage of website users who live in a particular region or to determine which website pages are visited most frequently.
Specifically, we may collect, process, store, and transfer the following types of personal data from you, as identified by category below:
Identity and Contact Data includes first name, maiden name, last name, username or similar identifier, title, billing address, delivery address, email address, and/or telephone numbers.
Financial and Payment Data includes your bank account and other data necessary for processing payments and fraud prevention, including credit/debit card numbers, security code numbers, and other related billing information. We generally process this type of data through a trusted third party processor, to whom you are directed by us.
Business Informationincludes information provided in the course of the contractual or client relationship between you or your organization and us, or otherwise voluntarily provided by you or your organization.
Transaction Data includes details about payments to and from you and other details of products and services you have purchased.
Profile Data includes your username and password, purchases or orders made by you, your interests, preferences, and feedback.
Usage Data includes information about how you use our Services.
Marketing and Communications Data includes your preferences in receiving marketing communications from us,our third parties.
Special Categories of Personal Data
We do not collect any special categories of personal data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
If You Fail to Provide Personal Data
Where we need to collect personal data by law, or under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In such cases, we may have to cancel a product or service you have with us and will notify you if that occurs.
Why Do We Collect Personal Data
We generally collect data from and about you through the following means:
Types of Data and Purpose
Contact Information, Feedback, and Inquiries
When you submit feedback to us, contact us for support, or ask us questions, we collect your name, email address, postal address, zip code, telephone number, and/or other contact information necessary to respond to your feedback, provide support, or answer your question.
User Account Information
When you register with our Services, we collect your contact information and may ask if you would like to submit other identifying information. We do this in order to provide you with password-protected access to the account you requested and allow you to maintain your account profile and access certain interactive features.
When you seek services from us in the course of our contractual or customer relationships with you and/or your organization, we collect business contact information and other personal information in order to provide you with the products and services you have requested.
When you visit our Services, we may collect cookies and use similar technologies to, among other things, provide you with a more personal and interactive experience on our Services and for website usage analytics. See our Cookies Policy https://phy.net/termsandprivacyfor more information.
If you receive email communications from us, we may use certain tools to capture data related to when you open our messages, click on hyperlinks or banners it may contain, and make purchases. We use this information to enhance and support our marketing and sales operations.
If you apply for a job through our Services, or become our employee, we collect personal information necessary to process your application or employment. This may include, among other things, your contact information, social security number, employment history, etc.
Mailing List, Newsletters, and Marketing
When you sign up for one of our mailing lists, newsletters, or other marketing lists, we collect your contact information, including your email address, phone number, and/or postal address, when necessary to contact you in the way(s) that you request.
We may collect information from your mobile device such as unique identifying information broadcast from your device or hardware and software specifications. We may also ask you if you would like to share location information from your mobile device.
Sensitive Personal Information
We do not collect sensitive personal information from you. In the event we inadvertently receive such information from you, without your consent or a lawful basis to use it, we will use reasonable efforts to delete it promptly.
*Note: The above list contains examples of information we may have concerning you and it does not necessarily mean that we do hold this information about you.
How Do We Use Your Personal Information?
Wherever reasonably possible, we seek your express consent before we collect your personal information, especially with regard to our online marketing and advertising activities. The form of consent we seek from you may vary depending on the circumstances and the type of information being requested. When determining the appropriate form of consent, we take into account the sensitivity of the personal information, the reasons we are collecting it, and your reasonable expectations.
When using your personal information for a new purpose, we will document that new purpose and ask for your consent again. We will not use your personal information without your consent unless it is either for the same purpose for which the information was originally collected or compiled, consistent with the original purpose, or for a purpose permitted by applicable law.
In addition to the specific categories of data use previously outlined, we may with your express consent and/or under recognized legal grounds, use your personal information for the following purposes:
to provide you with services you have requested and to manage our relationship with you, including administering your account, processing payments, accounting, auditing, billing and collection and taking other steps necessary to the performance of our business relationship with you;
to present and improve the functionality of our Services;
to determine user interests, needs, and preferences;
to provide notice of changes to our Services we offer or provide through it;
to conduct research and analysis;
to develop new products and services;
to manage and maintain the security of our Services;
to market our services to you, but we will only provide you with marketing-related information after you have, where legally required, opted in to receive those communications and we have provided you with the opportunity to opt-out of such communications at any time;
to comply with our legal and compliance obligations, including maintaining records, performing compliance audits, etc.
for insurance purposes;
to exercise and defend our legal rights, or to comply with court orders;
to respond to requests from public and government authorities;
for any other purpose related to and/or ancillary to any of the purposes and uses described in this Policy for which your personal information was provided to us;
in any other way we may describe when you provide the information; and
for any other purpose to which you have expressly consented.
We may process your personal information in connection with any of the purposes and uses set out in this Policy on one or more of the following legal grounds:
because we have a necessary and legitimate interest in doing so to perform the services you have requested, to comply with your instructions or other contractual obligations between you and us;
to comply with our legal obligations as well as to keep records of our compliance processes;
because our legitimate interests, or those of a third party recipient of your personal information, makes the processing necessary, provided those interests are not overridden by your interests or fundamental rights and freedoms;
because you have chosen to publish or display your personal information on a public area of the Services, such as blog and comment areas (as applicable);
because it is necessary to protect your vital interests;
because it is necessary in the public interest; or
because you have expressly given us your consent to process your personal information in a particular manner.
We do not use your personal information for making any automated decisions affecting or creating profiles other than as described above.
Disclosure of Your Personal Information
We do not sell, rent, or lease your personally identifiable information to third parties. We may, however, share your personal information in the following contexts:
We may share your personal information with our corporate subsidiaries and affiliates. In addition, we may disclose your personal information in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our company assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us about our website users is among the assets transferred. For example, if another company acquires us, we will share your personal information with that company.
Disclosures With Your Consent
We may ask if you would like us to share your personal information with other unaffiliated third parties who are not described elsewhere in this Policy. We will only disclose your personal information in this context with your consent.
Disclosures Without Your Consent
We may provide personal information about you to third parties that offer products and services specifically requested by you.
We may share your personal information with our service providers. Among other things, service providers may help us to administer our Services, support our provision of services requested by you, provide technical support, send marketing, promotions and communications to you about our services, payment processing and other legitimate purposes permitted by law.
We may disclose aggregated usage data about our users, and information that does not identify any specific individual, such as groupings of demographic data and customer preferences, for new product and marketing development.
How Long Do We Store Your Personal Information?
We will retain your personal information as needed to fulfill the purposes for which it was collected. We will retain and use your personal information as long as necessary to comply with our business requirements and legal obligations, resolve disputes, protect our assets, provide our services, and enforce our agreements.
When we no longer have a purpose to retain your personal information, we will securely destroy your personal information in accordance with applicable law and our policies. If secure destruction proves infeasible, we will continue to treat such information in accordance with this Policy and will securely destroy it when feasible to do so. We take reasonable steps to delete the personal information we collect if your registration to use our Services lapses and you opt out of receiving further communications from us, or if you ask us to delete your information, unless we determine that doing so would violate our existing, legitimate legal, regulatory, dispute resolution, contractual, or similar obligations. We may retain and use information that cannot be reasonably used to identify you for performance reporting, benchmarking, analytics, and product and service improvement.
If you no longer wish to receive communications from us via email, you may opt-out by contacting us at email@example.com and provide the name of the service for which information was provided, your full name, mailing address, phone number, and email address so that we may identify you in the opt-out process. Once we receive your instruction, we will promptly investigate your request and take corrective action, if warranted.
We have put in place reasonable and appropriate security measures to protect the personal information that you share with us from being lost or used, accessed, altered, or disclosed in an unauthorized manner. While our security measures seek to protect your personal information in our possession, no security system is perfect and we cannot promise that your personal information will remain absolutely secure in all circumstances.
The safety and security of your personal information also depends on you. Where you use a password for access to restricted parts of the Services, you are responsible for keeping the password confidential. Do not share your password with anyone.
If a security breach causes an unauthorized intrusion into our Services or related systems that compromises your data, we will notify you and any applicable regulator when we are required to do so by applicable law.
Updating Your Personal Information
If any of the personal information you have provided to us changes, please let us know. For instance, if your email changes, you wish to cancel any request you have made of us, or if you become aware of inaccurate personal information about you, use our “Contact Us” details provided at the end of this Policy to update your information. You may also edit your account details if you have a user account through our Services. We are not responsible for any losses arising from any inaccurate, inauthentic, deficient or incomplete personal data that you provide to us.
Your Rights To Access And Control Your Personal Information
Please use the “Contact Us” details at the end of this Policy to exercise your rights and choices under this Policy.
Right of Access. If required by law (e.g., under the GDPR), upon request, we will grant reasonable access to the personal information that we hold about you.
Accuracy. Our goal is to keep your personal information accurate, current and complete. Please contact us if you believe your information is not accurate or if it changes.
Right to Object. In certain circumstances, as permitted under applicable law, you have the right to object to processing of your personal information and to ask us to erase or restrict our use of your personal information. If you would like us to stop using your personal information, please contact us, and we will let you know if are able to agree to your request.
Right to Erasure and Deletion of Your Personal Information. You may have a legal right (for instance, if you are located in the EU, the EEA, or the UK) to request that we delete your personal information when it is no longer necessary for the purposes for which it was collected, or when, among other things, your personal information has been unlawfully processed. All deletion requests should be sent to the address noted in the “Contact Us” section of this Policy.
We may decide to delete your personal information if we believe it is incomplete or inaccurate or that our continued storage of your personal information is contrary to our legal obligations or business objectives. When we delete personal information, it will be removed from our active servers and databases and our Site, but residual information, such as access logs or other records, may remain in our archives when it is not practical or possible to delete it. The residual information will not be used for commercial purposes. We may also retain your personal information as needed to comply with our legal obligations, resolve disputes, or enforce any agreements.
Right to Withdraw Consent. If you have provided your consent to the collection, processing and transfer of your personal information, you have the right to fully or partially withdraw your consent. To withdraw your consent, please notify us using the information in the “Contact Us” section of this Policy and you may follow opt-out links on any marketing communications sent to you.
Once we have received notice that you have withdrawn your consent, in whole or in part, we will no longer process your information for the purpose(s) to which you originally consented and have since withdrawn unless there are compelling legitimate grounds for further processing that override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims.
Withdrawal of consent to receive marketing communications will not affect the processing of personal information for the provision of our services.
Right to Complain. If you believe that your rights relating to your personal information have been violated, or we have not processed your personal information in accordance with applicable Data Protection Laws, you have a right to lodge a complaint with your local data protection authority, your applicable supervisory or enforcement authority (if you are a resident of the EU, the EEA, or the UK), or seek a remedy through the courts.
We would appreciate it, however, if you would first give us an opportunity to address your complaint by making use of the “Contact Us” section that appears at the end of this Policy.
Online Tracking. We do not currently recognize browser settings or signals of tracking preferences, which may include “Do Not Track” instructions. Do Not Track” is a web browser setting that seeks to disable the tracking of individual users’ browsing activities. It is a standard that is currently under development. We do not currently respond to “Do Not Track” signals.
California Residents. California residents may be entitled under California Civil Code Section 1798.83 to ask us for a notice describing what categories of personal information (if any) we share with third parties or affiliates for those parties to use for direct marketing. If you are a California resident and would like a free copy of such notice, please submit a written request to us using the information in the “Contact Us” section of this Policy.
Cross-Border Transfers of Personal Information
We are located and established in the United States and, therefore, your personal information may be transferred to, stored or processed in the United States. While the data protection, privacy and other laws of the United States might not be as comprehensive as those in your country, we take necessary and appropriate steps to protect the privacy and security and privacy of your personal information. By using or requesting our Services, you understand and consent to the collection, storage, processing and transfer of your information to our facilities in the United States and those third parties with whom we share it as described in this Policy.
Residents of the EU, the EEA, or the UK. When storing, hosting, or otherwise processing your information (including personal data), we may send such data outside of the European Union (EU), the European Economic Area (EEA), or the UK. When we transfer information to the United States of America or other countries, we do so for the purposes set forth in this Policy and in accordance with applicable law. We rely on recognized legal bases to lawfully conduct cross-border/international transfers of personal information outside of the EU, the EEA, or the UK, such as your express informed consent to do so (as noted above), when transfer is necessary for us to deliver services pursuant to an agreement between us and you, or when the transfer is subject to safeguards that assure the protection of your personal information, such as the European Commission’s approved standard contractual clauses.
Links To Other Sites
We cannot and do not (i) guarantee the adequacy of the privacy and security practices, content, or media provided by third parties or their websites, (ii) control third parties’ independent collection or use of your personal information, or (iii) endorse any third party information, products, services or websites that may be reached through embedded links in our Services or hosted by our Services.
The Children’s Online Privacy Protection Act (“COPPA”), as well as other data privacy regulations, restrict the collection, use, or disclosure of personal information from and about children on the internet. Our Services are not directed to children aged 18 or younger, nor is information knowingly collected from children under the age of 18. No one under the age of 18 may access, browse, or use the Services or provide any information to or on the Services. If you are under 18, please do not use or provide any information on the Services. If we learn that we have collected or received personal information from a child under the age of 18 without a parent’s or legal guardian’s consent, we will take steps to stop collecting that information and delete it.
For more information about COPPA, please visit the Federal Trade Commission’s website at: https://www.ftc.gov/enforcement/rules/rulemaking-regulatory-reform-proceedings/childrens-online-privacy-protection-rule.
Changes to our Policy
We reserve the right to update and change this Policy from time to time in order to reflect any changes to the way in which we treat your personal information or in response to changes in law. Should this Policy change, we will post all changes on this page and anywhere else this Policy appears. If we make material changes to how we treat your personal information, we will also notify you through a notice posted prominently on the home page of our Services for a reasonable period of time. The date this Policy was last revised is identified at the top of this Policy.
For more information, or if you have questions or concerns regarding this Policy, wish to access or update any personal information we hold about you, or wish to lodge a complaint with us about how we have handled your personal information, you may contact us by any of the methods below and we will do our best to assist you:
United States of America
Telephone: (866) 797-7101
Icons from Freepik
<div>Icons made by <a href="https://www.freepik.com" title="Freepik">Freepik</a> from <a href="https://www.flaticon.com/" title="Flaticon">www.flaticon.com</a></div>