Privacy Policy

1.    DEFINITIONS

1.1.    “Controller” means the natural or legal person, public authority, agency, or otherbody which alone or jointly with others, determines the purposes and means of the processing of Personal Data.
 
1.2.    “End-User” means any person or entity with whom the Subscriber interactsusing eZy Sign.
 
1.3.    “Personal Data” means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly orindirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
‍
1.4.    “Process” means any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration,retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

1.5.    “Processor” means a natural or legal person, public authority, agency, or otherbody which Processes Personal Data on behalf of the Controller.

1.6.    “eZy Sign” shall have the meaning ascribed to it in the Terms of Service.

1.7.    “Terms of Service” means the binding contract between Us and You which governs the access and use of eZy Sign by You available at https://ezysign.com/terms

1.8.    “You” and “Your” means an identified or identifiable natural person whose Personal Data We process as a Controller.

2.    PERSONAL DATA COLLECTED BY US

2.1. You directly provide Us with most of the data We collect. We collect PersonalData from You directly as follows: a) When You subscribe to eZy Sign by agreeing to the Terms of Service and create an account, We collect sign-up and account information including Your name (or the name of Your organization/company), Your phone number, Your email address and Your electronic signature; b) When You subscribe to a plan, We collect commercial information including billing and payment information (e.g., credit card number, expiration date, visual cryptogram), products orservices purchased; c) When You submit web forms on Our Website(s) or as You useinteractive features of the Website(s), including providing feedback or suggestions,making requests, or participation in surveys, contests, webinars, events, podcasts,promotions, sweepstakes, requesting customer support, or otherwise communicatingwith Us; c) When You provide testimonials, forms or information to Us in other contexts;or d) When You authorize Us to connect with a third-party service, We will access andstore Your Personal Data that the third-party service makes available to Us, which may include Your email address, location or profile information;

2.2.    We may also receive Your Personal Data indirectly as follows:    a) from third party sources like marketing lists, databases and social media but only where We have checked that these third parties either have Your consent or are otherwise legally permitted or required to disclose Your Personal Data to Us;   b) When You download and/or use eZy Sign, We automatically collect information on the type of device You use, and the operating system version, to perform Our agreement with You; c) When You use or view Our Website(s), information is collected via Your browser’s cookies as described in clause 10 herein;
d) We may also collect or receive Your Personal Data from other sources such as Our business or channel partners through whom You create or access Your Account, publicly available sources, email add-ons and/ or through the combining of information We obtain from third parties along with the Personal Data You provide to Us.

2.3. The Website(s) includes social media features and widgets that are either hostedby a third-party or hosted directly on the Website(s) and Your interaction with thesesocial media features and widgets is governed by the privacy statement of the companies that provide them. You should check Your privacy settings on these third party services to understand and change the information sent to Us through these services.

3.    PURPOSES FOR WHICH PERSONAL DATA WILL BE PROCESSED

We Process Your Personal Data to: a) facilitate Your access to the Website(s) andService(s); b) process and complete payment transactions; c) provide customer serviceand support; d) send You communication on Your use of the Service(s), updates on OurTerms of Use or other policies; e) send You communication on new features in theService(s) or new service offerings; f) conduct research, analysis and developmentactivities (including but not limited to data analytics, surveys and/or profiling) toimprove Our Service(s) and facilities in order to enhance Your relationship with Us orfor Your benefit, or to improve any of Our Service(s) for Your benefit; e) Organizeevents or for other marketing/ promotional activities; f) investigate and preventfraudulent transactions, unauthorized access to the Websites and Service(s), and otherillegal activities; g) personalize the Websites and Service(s); and for other purposes forwhich We obtain Your consent.

4.    SHARING OF PERSONAL DATA

4.1. You acknowledge that We will share Your Personal Data with Our groupcompanies and third-party service providers so that they may offer You Our Service(s)and/or to send information or updates on the Service(s) if You are a Subscriber.

4.2. When We Process Your order where You are a Subscriber, we may send YourPersonal Data to and also use the resulting information from credit reference agenciesto prevent fraudulent purchases. We use PCI-DSS compliant services of third partyvendors to manage payments and We don’t have access to Your personal account datain transit or at rest.

4.3. We share Personal Data with Our third-party service providers that host andmaintain Our Website(s), applications, backup, storage, payment processing, analyticsand other services. These third-party service providers may have access to or ProcessYour Personal Data for the purpose of providing these services to Us.

4.4. We may share Your Personal Data with third-party providers who assist Us inmarketing and promotions in compliance with applicable laws.

4.5. We may be required to disclose Your Personal Data in response to: a) lawfulrequests by public authorities, including to meet national security or law enforcementrequirements and/or b) subpoenas, court orders, or legal process, or to establish orexercise Our legal rights or defend against legal claims.

4.6. We may also share Personal Data to assist investigation and prevention of illegalactivities, suspected fraud, situations involving potential threats to the physical safetyof any person, violations of Our Terms of Use, or as otherwise required by law.

5.    INTERNATIONAL TRANSFER

5.1. We mainly Process Personal Data in the US. However, We may transfer Personal Data outside the US for the purposes referred to in Section 4. We will ensure that the recipient of Your Personal Data offers an adequate level of protection that is at least comparable to that which is provided under applicable data protection laws.

6.    RETENTION OF PERSONAL DATA

6.1. We retain the Personal Data collected where an ongoing legitimate businessrequires retention of such Personal Data.

6.2. In the absence of a need to retain Personal Data under Section 6.1. above, We will either delete it or aggregate it, or, if this is not possible then We will securely store Your Personal Data and isolate it from any further Processing until deletion is possible.

7.    SECURITY OF PERSONAL DATA

We use appropriate technical and organizational measures to protect the Personal Data that We collect and Process. The measures We use are designed to provide a level of security appropriate to the risk of Processing Your Personal Data. If You have questions about the security of Your Personal Data, please contact Us immediately asdescribed in this Policy.

8. YOUR RIGHTS

You are entitled to the following rights:

8.1. You can request Us for access, correction, update or request deletion of Your Personal Data.

8.2. You can object to the Processing of Your Personal Data, ask Us to restrict processing of Your Personal Data or request portability of Your Personal Data.

8.3. You have the right to opt-out of marketing communications We send You at anytime. You can exercise this right by clicking on the “unsubscribe” or “opt-out” link inthe marketing emails We send You. To opt-out of other forms of marketing (such aspostal marketing or telemarketing), please contact Us.

8.4. Similarly, if We have collected and processed Your Personal Data with Your consent, then You can withdraw your consent at any time. Withdrawing Your consentwill not affect the lawfulness of any processing We have conducted prior to Your withdrawal, nor will it affect processing of Your Personal Data conducted in reliance on lawful processing grounds other than consent.

8.5. You have the right to complain to a data protection authority about Our collectionand use of Your Personal Data. For more information, please contact Your local data protection authority.

8.6. If You seek access to, or wish to correct, update, modify or delete Your Personal Data that We process, please contact Us at the details provided in clause 12. We respond to all requests We receive from individuals wishing to exercise their data protection rights within a reasonable timeframe in accordance with applicable data protection laws.

9. Privacy Notice for Residents of the State of California and the Commonwealth ofVirginia, USA.

9.1 This section provides additional details about the personal information we collectabout California consumers and consumers' rights under the California Privacy Rights Act, ( “ CPRA ” ) amending the California Consumer Privacy Act ( “ CCPA ” ) and the Virginia residents under the Virginia Data Protection Act (“VDPA”). This section appliesonly to California residents and Virginia residents and their personal information we collect as a Business (as defined in the CPRA and VDPA).

9.2.   Collection of Personal Data. The categories of personal information We havecollected in the twelve (12) months prior to the Effective Date and that We may collect include:

A)   Identifiers such as a real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, a device identifier; an Internet Protocol address; cookies, beacons, pixeltags, mobile ad identifiers or similar technology; customer number, uniquepseudonym or user alias; telephone numbers, or other forms of persistent or probabilistic identifiers that can be used to identify a particular consumer ordevice;
‍
B)    Signature, physical characteristics or description, telephone number, state identification card number, insurance policy number, employment, employ menthistory, bank account number, credit card number, debit card number or anyother financial information, medical information or health insurance information;
‍
C)    Internet or other electronic network activity information, including, but notlimited to, browsing history, search history, and information regarding aconsumer's interaction with an internet website, app or advertisement.

D)    Geolocation data;

E)    Audio, electronic, visual, thermal, ol factory or similar information.

We collect this personal information for business purposes as described in the"PURPOSES FOR WHICH PERSONAL DATA WILL BE PROCESSED " section of our general privacy policy above.

9.3.  Disclosure of Personal Data. We have disclosed the categories of personal information listed in clause 1 above for a business purpose in the twelve (12) monthsprior to the Effective Date and may disclose such personal information to service providers or contractors or to any other third parties who support our business provided (a) they do not sell or share (as defined under the CPRA) such personal information or (b) retain, use or disclose such information for any purpose other than for the specific purpose of performing the services specified in our contract with themor (c) combine such information with any other information received directly by them .We do not sell or share (as the terms is defined in the CPRA ) the personalinformation We collect without providing You a right to opt out. We do not sell or share personal information of minors of at least the age of thirteen (13) but less than sixteen(16) years without receiving such minor ’ s consent or the consent of the minor ’ s guardian if the minor is less than thirteen (13) years. We have not sold or shared (asthe term is defined in the CPRA ) any personal information in the twelve (12) monthsprior to the Effective Date. We shall not disclose further the personal informationcollected for verification of a consumer’s request or retain it longer than it is necessaryfor the purpose of verification.

9.4.  Your Rights.

9.4.  Rights of the residents of the State of California: You have certain rights, subject to certain limitations under applicable law, with respect to your personal information, including:

A)    The right to request disclosure of details, and categories of personal information collected;
B)    The right to request disclosure of personal information collected twelve (12)months prior to the Effective Date, this right shall apply only to personal information collected after January 1, 2022
C)    The right to request di sclosure of information sold or shared and the right todisclosure of the service provider or contractor, or a third-party (as defined inthe CPRA) to whom such information is sold or shared ;
D)    The right to request the correction of inaccurate personal information collected.
E)    The right to request deletion of Your personal information held by Us or by Our service provider, contractor, or any other third party We have disclosed personal information to. We shall hold a confidential record of all deletion requests forthe purpose of preventing the selling of such personal information for which You have submitted a deletion request.
F)    The right to "opt out" of any sale or sharing of personal information (as definedin the CPRA ), if such sale or sharing occurs.
G)   The right to request the transfer of specific pieces of personal information toany other entity.
H)   The right not to be discriminated against for exercising your rights under CPRA.

Rights for the residents of the Commonwealth of Virginia: You have certain rights, subject to certain limitations under applicable law, with respect to your personal data,including

A)   The right to confirm whether We are processing the personal information collected and the right to access such personal information.
B)    The right to correct inaccuracies in the personal data collected taking into account the nature of the personal information and the purposes of the processing of the personal information
C)    The right to request the deletion of personal information provided by or obtained from You.
D)    The right to request the deletion of personal information collected from sources other than You. We shall comply with such a request by either (i) retaining are cord of the deletion request and the minimum information necessary for the purpose of ensuring Your personal information remains deleted from the business ’ s records and not using such retained information for any other purpose pursuant to this Section or (ii) opting You out of the processing of such personal information for any purpose except those exempted by the Virginia Data Protection Act.
E)    The right to request the transfer of the personal information collected to another controller in a technically feasible and readily usable format.

The right to opt-out of the processing of the personal information for purposes of (i)targeted advertising, (ii) the sale of personal information, or (iii) profiling in furtheranceof decisions that produce legal or similarly significant effects concerning You. California and Virginia consumers may make a request pursuant to their rights underthe CPRA and VDPA respectively by contacting Us at support+ezysign@whizpool.com or via mailto Our postal address set forth above. We will verify Your request using the information associated with Your account, including e-mail address and/or Government identification. We will let You know if We need additional information to verify Youridentity. Consumers may also designate an authorised agent to exercise these rights ontheir behalf.

Where We are a service provider: We may also act as a service provider (as theterm is defined in the CPRA). When We act as a service provider, including by providing our services to another company that You interact with, We follow the instructions of the company that engaged Us as a service provider and You should directly contact that company if You have any questions or would like more details on how Your personal information is processed by that company.

10.    COOKIE POLICY

10.1.    Cookies are text files that are placed on Your computer to collect standard internet log information and visitor behavior information by Us. When You visit the Website(s), We may collect Personal Data automatically from You through cookies or similar technology. We also set cookies to collect information that is used either in aggregate form to help Us understand how our Website(s) are being used or how effective Our marketing campaigns are, to help customize the Website(s) for You or to make advertising messages more relevant to You.

10.2.    Essential Cookies: We set essential cookies that enable core functionality such as security, network management, and accessibility. You may not opt-out of these cookies. However, You may disable these by changing Your browser settings, but this may affect how the Website(s) functions.

10.3.    Analytics, Customisation and Advertising Cookies: We set these cookies to help Us improve Our Website(s) by collecting and reporting information on how You use it. The cookies collect information in a way that does not directly identify anyone.

11.    PRIVACY OF CHILDREN

11.1.   We recognize the importance of children's safety and privacy. We do not request, or knowingly collect, any Personal Data from children under the age of 18. If a parent or guardian becomes aware that his or her child has provided Us with Personal Data, they should write to us at the email address provided in clause 12.

12.    NOTICE TO END-USER AND OTHER EXCLUSIONS

12.1.   eZy Sign is intended for use by enterprises. Where eZy Sign is made available to an End-User through a Subscriber, that enterprise is the Controller of the End-User’s Personal Data. For example, when a Subscriber uploads Documents for review or signature, We act as a data processor and process the Documents on the Subscriber's behalf and in accordance with their instructions.  In such a case, the End-User’s data privacy questions and requests should be submitted to the Subscriber in its capacity as the End-User’s Controller. If the End-User is an individual who interacts with a Subscriber using Our Services, the End-User will be directed to contact Our Subscriber for assistance with any requests or questions relating to their Personal Data. We are not responsible for Subscribers’ privacy or security practices which may be different from this notice. Subscribers to Our Services are solely responsible for establishing policies for and ensuring compliance with all applicable laws and regulations, as well as any and all privacy policies, agreements, or other obligations, relating to the collection of Personal Data in connection with the use of eZy Sign by End-Users.

12.2.   Our Website(s) contain links to other websites. Our Policy applies only to our Website(s), so if You click on a link to another website, You should read their privacy policy. We encourage You to review the privacy statements of any such other websites to understand their Personal Data practices.

12.3.   This Policy does not apply to aggregated information which summarizes statistical information about groups of members, and which does not include name, contact information, or any other information that would allow any particular individual to be identified.

13.    CONTACT INFORMATION

You may contact us if You have any enquiries or feedback on Our personal data protection policies and procedures, or if You wish to make any request, in the following manner:

Attention: Support Team
Email Address: support+ezysign@whizpool.com

14.    CHANGES TO THE POLICY

We keep this Policy under regular review and may update this webpage at any time. This Policy may be amended at any time and You shall be notified only if there are material changes to this Policy.