We retain Your personal information only as long as needed to provide You the Service and as required by applicable laws and regulations. Except as otherwise provided by this Policy, or when deleted or destroyed at Your request, We typically maintain certain personal information and communications for a period of two years as is common in the industry.
We may keep the minimal necessary personal information about You after You have deactivated Your account for the period of time needed for Us to pursue legitimate business interests, conduct audits, comply with (and demonstrate compliance with) legal obligations, resolve disputes and enforce Our agreements.
Information submitted to or obtained via Our Service is maintained on secure servers and cloud platforms in the United States.
SAFEGUARDING YOUR INFORMATION
We use the following security measures and technologies to protect Your personal information:
Physical access controls, including secured premises to prevent unauthorized persons from gaining access to personal information, and ensuring that off-site data centers and server facilities adhere to similar appropriate controls;
System access controls to prevent unauthorized access and use of personal information, which vary based on the nature of information processing, but may include: industry standard firewalls, authentication via hashed and salted passwords;
Data access controls to ensure personal information is accessible and manageable only by properly authorized staff, including restricted catalogue query and application access, need-to-know access restrictions, and restrictions on the personal information that can be read, copied, modified and/or removed;
Transmission controls, including encrypted data transfer over SSL and other controls to ensure that personal information cannot be read, copied, modified or removed without authorization during electronic transmission or transport;
Input controls to ensure that any personal information is provided and edited by You or by Us at Your direction;
Data backups are taken on a regular basis, and are secured and encrypted;
Despite Our efforts, no security measure can be absolute, and there can be no guarantee that Your personal information will not be accessed through malicious means, inadvertent disclosure, or mistake. If We are the source of a breach, We will contact You and describe the breach, along with Our mitigation actions. Where applicable, We will provide appropriate identity theft prevention and mitigation services at no cost to the affected person for not less than 12 months.
TRANSFER OF PERSONAL INFORMATION
Privacy and data protection laws and regulations and their associated transfer requirements vary by location (state, country and region). We strive to comply with transfers of personal information under these laws and regulations by ensuring transfer is made under an appropriate legal basis. We only transfer personal information to those parties that act as service providers or processors with respect to the Service We provide to You, with your consent, or under a legitimate interest or business, or commercial purpose, as described in this Policy. We may also transfer personal information if required to do so by other applicable laws and regulations, including those related to criminal or civil matters.
ANALYTICS AND COOKIES
We may amend this Policy at any time by posting the amended terms on this site and notifying You of material changes to the Policy along with an opportunity to opt in to changes that require Your consent by law or regulation or to opt out of any changes that decrease Your rights under this Policy. All non-material changes to Our terms are effective on the effective date of the Policy. We encourage You to review this Policy from time to time. By continuing to use the Service after non-material changes are effective, or after being notified of a material change, You will be deemed to have accepted the changes.