Last Updated: January 11, 2021
Under federal privacy law, it is your right and our duty to protect your account information.
1. How We Collect Your Personal Information
We collect your personal information on a voluntary basis when you fill in a form at this Site. We collect your information when doing business with us (e.g. name, physical or mailing addresses, phone number, fax numbers, email addresses, designations, specialties, affiliations with other organizations, general demographic data, etc.).
We DO NOT place tracking browser cookies on your local computer or device you use to visit this Site. However, we collect server logs information which our Web servers automatically recognize each time you visit this Site. Web Servers must log this information in order to be able to serve the page(s) and file(s) you wish to view. A server logs may include your IP number, time of visit, pages viewed, and Browser information.
We also collect information when you communicate with us by email (e.g., your domain name and email address). We collect digital (at this Site) and physical (paper) information you volunteer via applications, surveys, registrations, and sign-ups. We collect personal information directly from individuals, automatically related to the use of the Services, and in some cases, from third parties (such as social networks, Internet platform providers, payment processors, data providers, operators of certain third party services, and other vendors we are affiliate with in the course of providing our Services to you).
We understand that your unique human voice and human likeness (i.e. your image) belongs to you and that your privacy extends to your voice and physical likeness. We may collect your audio/visual information in the course of doing business with us by video recordings (e.g., CCTV cameras at our facilities) and voice messages recordings (e.g., when you may leave a voice message in a call to our business).
2. Legal Bases for Our Processing of Personal Information
Certain laws, including the EU General Data Protection Regulation ('GDPR'), requires that we inform applicable individuals of the legal bases for our collection, use, and other processing of personal information. These legal bases also provide explicit answers as to how we use the data we collect.
Here are the legal bases for collecting your personal information:
- Performance of contract: as necessary to enter into or carry out the performance of our contract with you -- providing our Services to you.
- Compliance with laws: for compliance with legal obligations and/or defense against legal claims, including those in the area of labor and employment law, social security, and data protection, tax, and corporate compliance laws.
- Our legitimate interests: in furtherance of our legitimate business interests including:
Customer relationship management and improving our Services, including marketing and analytics
Fraud prevention, including misuse of company IT systems or money laundering
Physical, IT, and network perimeter security
Internal investigations, correction of processes, upgrading of Services
Mergers, acquisitions, and reorganization, and other business transactions
With your consent: where we have your consent (where it applies) and other applicable laws give you the right to withdraw your consent, which you can do this at any time by contacting us using the details at the end of this Policy. In some jurisdictions, your use of the Services may be taken as implied consent to the collection and processing of personal information as outlined in this privacy notice.
In addition, we may process your personal information where necessary to protect the vital interests of any third party (individual or business) using our Services.
- Performance of contracts with vendors, sister companies, and other parties
- Implementation and operation of global support (e.g., IT) services for our business operations
3. How We Use Personal Information We Collect
While the purposes for which we may process personal information will vary depending upon the circumstances described above, in general we use personal information for the following purposes:
- Providing Services: including, for example, to send or facilitate communications among you, our staff or teams, independent professionals and their affiliated entities, and other users of the Services; provide products and services you request; operate our Services; to respond to your inquiries; to communicate with you about your access to and use of our Services; to provide troubleshooting, fulfill your requests and provide technical support; and for other customer service and support purposes. (Legal basis: performance of our contract with you; and our legitimate interests)
- Analyzing and improving our business: for example, to better understand how users access and use our Services; to evaluate and improve our Services and business operations; and to develop new features, offerings, and services; to conduct surveys, and other evaluations, such as customer satisfaction surveys; and for other research and analytical purposes. (Legal basis: our legitimate interests)
- Personalizing content and experiences: for example, to provide or recommend features, content, social connections, and referrals; tailor content we send or display on our Services; to offer location customization and personalized help and instructions; and to otherwise personalize your experiences. (Legal basis: our legitimate interests and/or with your consent)
- Advertising, marketing and promotional purposes: for example, to reach you with more relevant ads and to evaluate, measure, and improve the effectiveness of our ad campaigns; to send you newsletters, offers, or other information we think may interest you; to contact you about our Services or information we think may interest you; and to administer promotions and contests. (Legal basis: our legitimate interests and/or with your consent)
- Securing and protecting our business: for example, to protect and secure our business operations, assets, Services, network and information and technology resources; to investigate, prevent, detect and take action regarding fraud, unauthorized access, situations involving potential threats to the rights or safety of any person or third party, or other unauthorized activities or misconduct. (Legal basis: our legitimate interests and/or compliance with laws)
- Defending our legal rights: for example, to manage and respond to actual and potential legal disputes and claims, and to otherwise establish, defend or protect our rights or interests, including in the context of anticipated or actual litigation with third parties. (Legal basis: our legitimate interests and/or compliance with laws)
- Auditing, reporting, corporate governance, and internal operations: for example, relating to financial, tax and accounting audits; audits and assessments of our operations, privacy, security and financial controls, risk, and compliance with legal obligations; our general business, accounting, record keeping and legal functions; and related to any actual or contemplated merger, acquisition, asset sale or transfer, financing, bankruptcy or restructuring of all or part of our business. (Legal basis: our legitimate interests and/or compliance with laws)
- Complying with legal obligations: for example, to comply with the law, our legal obligations and legal process such as: warrants, subpoenas, court orders, and regulatory or law enforcement requests. (Legal basis: our legitimate interests and/or compliance with laws)
- Aggregate and de-identified information. When applicable, we may de-identify personal information and create anonymous and aggregated data sets and reports in order to assess, improve and develop our business, products and services, prepare benchmarking reports on our industry and for other research, marketing and analytics purposes.
4. How We Store and Protect Your Personal Information
The personal information that we have collected about you is stored on 256-bit Secure Servers located throughout the United States. Our servers are hosted and managed by our service provider and affiliate (ROGEE
), based in California, USA. The personal information we house on our servers is therefore subject to the laws of the United States federal laws and the local laws of the States, Counties, and Cities where ROGEE house servers.
We retain your personal information for only as long as you are using our Services and for as long as necessary by law, thereafter. For example, some federal laws receive that we maintain records of certain transactions (that may include your personal information) for x number of years. We must keep these records for possible governmental or regulatory audits.
We have physical, technological, and organizational controls in place to protect your personal information. For example, we have robust password requirements and information encryption, we grant access to personal information on a strict need-to-know basis, and we have teams dedicated to reviewing our security measures to us legally compliant with regulatory requirements. Physical access to our data servers is restricted and monitored.
5. When Do We Disclose Your Personal Information
WE DO NOT SELL YOUR INFORMATION TO ANYONE, FOR ANY REASON, AT ANY TIME.
6. Your Rights to Access and Correct Your Personal Information
You have the right to review, correct, update, and request that we delete the personal information that we have about you. Upon receipt of your written request via email or post mail, we will provide you with a copy of your personal information if/as it exists in our system. We will provide you access to your personal information except where prohibited by law, such as where providing access would compromise the privacy of a third party. In any case, if we must refuse your request for access, we will provide you with the legal reason for the refusal.
7. How to Contact Us
Exton Nissan Business Advantage
200 West Lincoln Highway, Exton, PA 19341