Arctrieval, Inc. - Privacy Policy

Last updated 3/21/2024

Arctrieval, Inc. (“Arctrieval” or “we” or “us”) is committed to respecting and protecting your privacy. Arctrieval provides cloud-based document retrieval and management platforms (the “Services”) to enable Arctrieval Subscribers (“Subscribers”) to create and manage their workflows and business tasks. Arctrieval Subscribers may, in turn, make the Services available to its employees, independent contractors, clients, or other third parties (“End User”), as permitted by the Arctrieval Terms of Service.

Arctrieval’s Privacy Policy (“Policy”) explains the types of personal data we collect from Subscribers, End Users, and visitors of our sites at https://www.Arctrieval.com or https://legal.Arctrieval.com (the “Sites”) and people with whom we communicate and interact in the course of providing the Sites and Services.

This Policy also describes how we use personal data, the purpose for sharing and recipients of personal data, your rights and choices, and how you can contact us about our privacy practices. This Policy applies to Arctrieval’s Sites and Services. It does not apply to third parties’ websites, products, and services, which are subject to their own privacy policies. We are not responsible for the privacy practices of other websites that End Users may enter by, for example, clicking on a service or content link on the Site. We strongly encourage End Users to review the privacy policy of every Website they visit through a link on the Site. We are also not responsible for Subscribers’ or End Users’ data privacy and security practices.

Please read this Policy carefully to understand our policies and practices regarding your personal data and how we will process it.

Subscriber and End User may be individually or collectively referred to as “You,” “Yours,” or “User.”

THIS PRIVACY POLICY IS PART OF OUR ARCTRIEVAL’S TERMS OF SERVICE. BY USING THE SITE OR SERVICES, SUBSCRIBERS AND END USERS AGREE TO BE BOUND BY THE TERMS OF THIS PRIVACY POLICY. ANY SUBSCRIBER OR END USER WHO DOES NOT AGREE WITH THESE TERMS SHOULD NOT USE THE SERVICES OR SITES.

PERSONAL DATA COLLECTION

Personal Data You Provide

Personal data is any information that relates to an identified or identifiable individual. We collect several types of personal data from and about End Users of our Sites and Services. In many cases, the personal data that you provide directly to us through our Services will be apparent from the context in which you provide the data:

  • Account Information. When you sign up for an Arctrieval account, we collect your full name, email address, phone number, organization name, and other related information such as account login credentials.
  • Profile Information. You may choose to add information to your profile on the Site or Services. Such information may include your title, phone number, and digital image of your signature.
  • Inquiry Information. When you send an email or fill in an online form to contact our sales team, we ask for your name, contact information, and other information about your interest in our Services.
  • Support Inquiry. When you send an email or fill in an online form to contact our support team, we ask for your name, contact information, supporting documentation, and other information about the nature of your support inquiry related to the Sites or Services.
  • Billing and Payment Information. If you are a Subscriber, you will provide your contact information and financial information as part of your business relationship.
  • Communications. When you communicate with Arctrieval or other End Users through the Sites and Services or otherwise communicate with us by email, we collect information about the communication and any other information you provide in your response.
  • Client Information. As a Subscriber using Arctrieval’s Sites and Services, you will provide personally identifiable information about an individual, individuals, or an entity (“Clients”) seeking assistance, representation, and advice from your person, organization, or entity. Personally identifiable information may be manually entered into an online form on our Service or Site, uploaded to our Service or Site from electronic files you provided, or transferred from another 3rd Party System that you initiate.
  • Protected Health Information. Due to the nature of our Service and Sites, you may provide, or we may receive Protected Health Information from third parties, such as Attorneys, Healthcare Providers, Healthcare Clearinghouses, Covered Entities, or Business Associates as defined by HIPAA. We are not responsible for nor do we review such third-party privacy policies.
Information Collected Automatically

As you interact with the Sites and Services, we may use cookies and similar tracking technologies that automatically collect certain information about you, including:

  • Non-Personal Information. We may collect information such as your IP Address, device type, operating system and Internet browser type, operating system name and version, device manufacturer and model, language, plug-ins, and add-ons.
  • Usage Data. We may directly or through a third party collect usage information such as times spent on the Sites and Services, pages visited, links clicked, language preferences, and the pages that led or referred you to our Sites.
  • Analytics and Application Functionality. We may directly or through a third party, such as Sentry.io, collect information to help Arctrieval diagnose, fix, and optimize the performance of the Services and Sites.
Cookies and Web Beacons

Arctrieval does not currently use cookies or web beacons to provision our services. However, if we implement the use of cookies, this Privacy Policy will be updated.

PERSONAL DATA USAGE

We use personal data to pursue legitimate business interests, enter into a business relationship with prospective Subscribers, perform contractual obligations with Subscribers, and comply with legal obligations. We use personal data in the following ways:

  • To provide the Sites and Services to you;
  • To provide you with information about the Services at your request;
  • To help us improve and personalize the functionality of the Sites and Services;
  • To help us understand your usage of the Sites and Services in order to improve them;
  • To communicate with you regarding customer service matters, questions, and other various comments or feedback you may send to us;
  • To provide you with notices about your account;
  • To carry out our obligations and enforce our rights arising from any agreement or contract entered into between you and us, including for billing and collections;
  • To notify you about changes to our Sites and Services, our products, or any other services we offer;
  • To inform you about products, services, offers, and events we offer or sponsor and to provide news and other information that may be of interest to you;
  • To communicate various technical and administrative messages regarding the Sites and Services, including notices of technology updates;
  • To offer you the opportunity to participate in contests or surveys regarding the Sites and Services; and
  • For any other purpose that you consent to at the time the personal data is collected.
 

PERSONAL INFORMATION DISCLOSURE

Arctrieval does not sell or rent personal data to marketers or unaffiliated third parties. We will share your personal data with third parties only as described in this Policy:

  • Affiliates. We work with other Arctrieval affiliates to provide our Sites and Services and for our administrative purposes.
  • Service Providers. To contractors, service providers, and other third parties we use to support our business, such as website hosting, payment processing data analysis, marketing service, customer service, email delivery and auditing services.
  • Business Partners. With third-party business partners in connection with our Sites and Services to our Subscribers for business purposes.
  • Corporate Transactions. In connection with an actual or proposed merger, reorganization, divestiture, or sale of some or all of Arctrieval’s assets or a financing or acquisition of all or a portion of our business by another company.
  • Compliance and Harm Prevention. To comply with any court order, law, or legal process, including a government or regulatory request, when we believe it is necessary to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person; violations of our Terms of Use and other agreements, including for billing and collections purposes; if we believe disclosure is necessary or appropriate to protect our rights, property, or safety, or our subscribers.

HEALTHCARE PROVIDER DATA COLLECTION AND USAGE

Healthcare Provider Data is any information related to an identified or identifiable Healthcare Provider, Covered Entity, Health Plan, Healthcare Clearinghouse, Business Associate, or authorized third party. We collect several types of healthcare provider data from End Users of our Sites and Services. The Healthcare Provider Data may include, but is not limited to, business names, physical treatment addresses, postal mailing addresses, email addresses, phone numbers, fax numbers, and number of completed requests for protected health information through our Sites or Services. We may make the collected Healthcare Provider Data available to other Subscribers and End Users through a crowdsourced database that is part of the Sites and Services. A Subscriber or End User may opt out of contributing Healthcare Provider Data to the crowdsourced database.

PROTECTED HEALTH INFORMATION

While Arctrieval does not meet the definition of a covered entity per HIPAA, Arctrieval complies with (1) the provisions of the HIPAA privacy and security regulations, (2) provisions of the HIPAA Security Rule that apply to business associates under the Technology for Economic and Clinical Health Act of 2009 (the HITECH Act) and (3) the privacy and security provisions of the HITECH Act that are applicable to business associates.

YOUR RIGHTS AND CHOICES

  • Opting Out of Electronic Communications. If you no longer want to receive marketing-related emails from us, you may opt out via the unsubscribe link included in such emails. We will try to comply with your request(s) as soon as reasonably practicable. Please note that if you opt out of receiving marketing-related emails from us, we may still send you other messages in connection with providing our Services and Sites to you.
  • See or Update Your Account Personal Data. To see or update your personal data in your account, log into Arctrieval, and go to “My Profile,” and make your changes in the appropriate sections. You may change the personal data in your Arctrieval account at any time. If you do not directly have an Arctrieval account, request changes directly to the Arctrieval Subscriber.
  • Deleted Your Account. If you would like to delete your Arctrieval account, you may contact your Arctrieval administrator within your organization to remove you from the system. If you are the Arctrieval administrator and would like to delete your Arctrieval account, please contact support@arctrieval.com.
  • Your California Choices. If you are a California resident, see the Notice for California Residents below to learn more about the personal information we collect and disclose about you and your privacy rights related to your personal information under the California Consumer Privacy Act.
  • EU and EEA Data Protection Rights. Arctrieval’s Sites and Services are not intended for use by Subscribers or End Users in the European Union or European Economic Area. If you are located in the European Union or European Economic Area, you should discontinue the use of Arctrieval’s Services and Sites.
  • Exercise Your Data Protection Rights. Arctrieval is a processor for the purposes of applicable data protection laws, which means that we may process the personal data of our Subscribers’ End Users and Subscribers’ Clients in connection with the provision of our Services to our Subscribers. Accordingly, if you are an End User of an Arctrieval Subscriber, please direct your requests directly to the Subscriber. Arctrieval will comply with your request to the extent required by applicable law.

NOTICE FOR CALIFORNIA RESIDENTS

The California Consumer Privacy Act provides California residents with rights to receive certain disclosures regarding the collection, use, and sharing of personal information, as well as rights to access, delete, and restrict the use of certain personal information we collect about them.

Collection and Use of Personal Information

For the purposes of this Notice for California Residents, “personal information” means information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.

Disclosure of Personal Information

Arctrieval does not sell the personal information of California residents and has not done so in the past twelve (12) months. We share your personal information for business purposes with the recipients described in the Personal Information Disclosure section.

California Consumer Privacy Act Rights

If you are a resident of the State of California, you have the following rights with respect to your personal information:

  • The right to know or request that we disclose what personal information of yours we collect, use, disclose, and sell, including: (1) the categories and specific pieces of personal information we have collected about you; (2) the categories of sources from which we collected the personal information; (3) the business or commercial purpose for which we collected the personal information; (4) the categories of third parties with whom we shared the personal information; and (5) the categories of personal information about you that we disclosed for a business purpose and the categories of third parties to whom we disclosed that information for a business purpose; and (6) the right to request that we delete personal information collected by us in certain circumstances provided by law.
  • The right to opt out of the “sale” of your personal information by us. We do not “sell” your personal information, as explained above.
  • The right not to receive discriminatory or differentiated treatment by us because you exercised any of these rights.

Arctrieval is a service provider for the purposes of the California Consumer Privacy Act Rights, which means that we may process the personal information of our Subscribers’ End Users in connection with the provision of our Services to our Subscribers. Accordingly, if you are an End User of an Arctrieval Subscriber or an authorized agent of an End User, please direct your requests directly to the Subscriber. We will comply with your request to the extent required by applicable law.

California “Shine the Light” Law

California residents additionally have the right to request information regarding third parties to whom Arctrieval has disclosed certain categories of personal information during the preceding year for the third parties’ direct marketing purposes under California’s “Shine the Light” law (Cal. Civ. Code §1798.83). Personal information under this California law means “any information that when it was disclosed identified, described, or was able to be associated with an individual.” Arctrieval does not disclose this type of personal information to third parties for their own purposes and permits you to opt out of any disclosures of non-identifiable personal information. However, if you are a California resident and would like to inquire further, please email privacy@arctrieval.com.

DATA SECURITY

We make reasonable efforts to provide a level of security appropriate to the risk associated with processing personal data. We maintain organizational, technical, and administrative measures designed to protect personal data covered by this Privacy Policy against unauthorized access, destruction, loss, alteration, or misuse.

Some of the measures we have implemented include the following:
  • Data System Security. Passwords and information to access account information are stored in an encrypted format. The data systems are in a PCI-compliant data center in the United States.
  • Physical Security. . Our data systems are housed in a secure and guarded facility. Access is limited to authorized personnel and secured with military-grade pass cards and biometric finger scan units. The facilities are monitored through closed-circuit televisions, and security teams are present onsite 24 hours a day, 7 days a week, and 365 days a year.
  • Communications between Our Systems & End User’s Browser. Communications between the User’s browser and portions of the Site containing Personal Information are protected with Secure Socket Layer (SSL) encryption. Users must have a browser that supports 128-bit encryption to access those portions of the Site
  • Limited Access. Your personal data is only accessed by a limited number of personnel who need access to the information to perform their duties.
  • Password Protection. For End Users who choose to set up an account, any Personal Information and account information is only accessible using the password specified for the account. Passwords are stored on our systems in an encrypted format. We recommend that End Users do not share their password with anyone. Our personnel will never ask an End User for their password in an unsolicited phone call or in an unsolicited email. End Users should remember to sign out of their account and close their browser window when they have finished their session. This is to help ensure that others cannot access their Personal Information and correspondence if they share a computer with someone else or are using a computer in a public place where others may have access to it.

NO DATA TRANSMISSION OVER THE INTERNET, STORAGE SYSTEM, OR NETWORK CAN BE GUARANTEED TO BE 100% SECURE.

USERS SHOULD ALWAYS BE CAREFUL WHENEVER THEY VOLUNTARILY DISCLOSE PERSONAL INFORMATION ONLINE—FOR EXAMPLE, ON MESSAGE BOARDS, THROUGH EMAIL, OR IN CHAT AREAS— AS THAT INFORMATION CAN BE COLLECTED AND USED BY OTHERS. IF YOU HAVE REASON TO BELIEVE THAT YOUR INTERACTION WITH US IS NO LONGER SECURE, PLEASE CONTACT US IMMEDIATELY.

DATA RETENTION

We retain your personal data as long as we are providing the Sites and Services to you or our Subscribers (as applicable). Even after we stop providing Sites and Services directly or indirectly to you and even if you close your Arctrieval account, we keep your personal data to comply with our legal and reporting obligations. In all cases where we keep data, we do so in accordance with any limitation periods and records retention obligations that are imposed by applicable law.

INTERNATIONAL DATA TRANSFERS

Personal data may be stored and processed in any country where we do business or our service providers do business. Personal data may be transferred, stored, or processed in any country other than your own country, including the United States. Users should be aware that these countries may have data protection and privacy laws that are different from the laws of your country. Officials in those countries may be entitled to access your personal data. When transferring data across borders, we take measures to comply with applicable data-protection laws related to such transfer.

MINOR USEAGE

End Users must be 18 years of age or older to use the Services and Sites. End Users under the age of 18 must leave the Services and Sites immediately. Parents are urged to monitor and supervise their children’s online activity. No Personal Information is knowingly collected from a child under the age of 18. However, an End User may use the Services and Sites, including creating an account and submitting information, on behalf of a child under the age of 18. If we discover that a child under 18 has provided us with Personal Information without permission, we will delete that child’s Personal Information from our records to the extent possible.

In addition to protecting the privacy of children under age (13) we are committed to protecting the privacy of minors. Though our Services and Sites are not targeted to minors, nor are they intended to be used by minors, if, for any reason, a minor has shared information via our Services or Sites, said minor, their parent, or legal guardian may request and obtain removal of such information by contacting us at info@arctrieval.com. Although we offer deletion capability for our Services and Sites, you should be aware that the removal of content may not ensure complete or comprehensive removal of that content or information posted through the Services and Sites.

THIRD-PARTY PRACTICES AND LINKS

This Privacy Policy addresses only the use and disclosure of information we collect from End Users. If End Users disclose information to third-party websites, even those linked to our Services or Sites, different rules may apply to the third party’s use and disclosure of the information disclosed to them. We do not control the privacy policies of third parties, and End Users are subject to the privacy policies of those third parties where applicable. We encourage End Users to review the privacy policy and any other policies of third-party sites before disclosing their Personal Information or engaging the third party for services. The Sites and Services contain links to sites not owned or controlled by Arctrieval. These links are provided solely for your convenience.

CHANGES TO OUR POLICY

We reserve the right to modify or amend this Privacy Policy at any time. All changes to this Privacy Policy will be effective immediately upon their posting to the Site. We will notify Users of material changes to this Privacy Policy by conspicuously posting the changes on the Site. Information collected before changes are made will be treated in accordance with the previous Privacy Policy. Each version of our Privacy Policy will be prominently marked with an effective date. CONTINUED USE OF THE SITE AFTER THE EFFECTIVE DATE OF A PRIVACY POLICY WILL INDICATE YOUR AGREEMENT TO ANY MODIFIED TERMS.

CONTACT US

Users who have any questions or concerns about privacy that are not addressed by this document are encouraged to email us at privacy@arctrieval.com or complete the contact form at http://www.arctrieval.com/contact-us.html.