Privacy Policy
Effective Date: 20 March 2024
1. INTRODUCTION
This Privacy Policy (the “Policy”) explains how Datava, Inc. (“Datava”, “we”, “us”, “our”) collects, uses, and discloses personal information through its website (the “Site”) and its suite of customer relationship software tools, including its mobile application, for financial institutions (all of these tools collectively, the “Customer Management Tools”, and together with the website, the “Services”). If you submit personal information to us directly, you acknowledge that you accept the practices and policies outlined in this Policy, and you hereby consent that we will collect, use, and share your personal information in the ways set forth in this Policy.
2. OUR ROLE IN PROCESSING YOUR PERSONAL INFORMATION
We may process your personal information either (i) on behalf of our financial institution customers, or (ii) on our own behalf. This Policy explains our processing practices with respect to both scenarios.
2.1. PROCESSING ON BEHALF OF FINANCIAL INSTITUTIONS
We implement and customize our Customer Management Tools for our customers, which are financial institutions (collectively, the “Institutions”). The Institutions may collect and store certain personal information of their customers within the Customer Management Tools. As a result, to the extent we process personal information that is stored through the Customer Management Tools, we are processing that personal information at the direction of the Institutions. If you have a relationship with an Institution and have any questions about what information we may be processing through the Customer Management Tools on behalf of the Institution, please contact the Institution directly. We will comply with any instructions the Institution provides with respect to the processing of your personal information. Please read this Policy for more information about the personal information that we process on behalf of Institutions.
2.2. PROCESSING ON OUR OWN BEHALF
You may have the opportunity to submit information to us directly, including through our Site.
3. INFORMATION COLLECTED AND HOW WE USE IT
This section explains the personal information we collect, how we collect that information, and how we use that personal information.
3.1. Voluntarily Disclosed Information
The following table identifies the specific purposes for which you or an Institution may voluntarily disclose personal information to us.
Purpose for Collection | Type of Personal Information | How we collect that information |
---|---|---|
If you represent an Institution, we may collect your personal information as necessary to communicate with you and the Institution about the Customer Management Tools, including operational and promotional communications | Real name, email address, and telephone number | From you or the Institution |
To inform you about our Customer Management Tools, if you request information via our Site | Real name, Institution, email address, and telephone number | From you |
An Institution’s use of our Customer Management Tools | Any personal information that the Institution collects from you and stores on the Customer Management Tools | From the Institution |
3.2. Automatically Collected Information
Whenever you interact with the Site, we automatically receive and record information on our server logs from your browser or device, which may include your IP address, geolocation data, device identification, “cookie” and pixel tag information, the type of device you’re using to access the Site, the amount of time spent on the Site, and the page or feature you requested. “Cookies” are identifiers we transfer to your browser or device that allow us to recognize your browser or device and tell us how and when pages and features in the Site are visited and by how many people. “Pixel tags” are tiny graphic images with a unique identifier, similar in function to cookies, that are used to track online movements of web users. In contrast to cookies, which are stored on a computer hard drive, pixel tags are embedded invisibly in web pages. You may be able to change the preferences on your browser or device to prevent or limit your device’s acceptance of cookies and pixel tags, but this may prevent you from taking advantage of some of our features. We may also use it to improve the Site – for example, this data can tell us how often users visit a particular page on the Site, and we can use that knowledge to make the Site interesting to as many users as possible.
4. DISCLOSURE OF PERSONAL INFORMATION
We may disclose your personal information as detailed in this section.
4.1. Personnel and Third Party Service Providers
We employ personnel and engage other companies and people to perform tasks on our behalf and need to share your personal information with them to provide products or services to you. For example, we use Amazon Web Services and Oracle Cloud Infrastructure to store the data that we process.
4.2. Analytics Services
We use Google Analytics to understand how visitors engage with our Site. You can learn more about the information that Google has access to at the following website: https://policies.google.com/technologies/partner-sites.
4.3. Business Transfers
If we (or our assets) are acquired, or if we go out of business, enter bankruptcy, or go through some other change of control, personal information could be one of the assets transferred to or acquired by a third party.
4.4. Legal Compliance
We reserve the right to access, read, preserve, and disclose any information that we believe is necessary to comply with governmental requests, law enforcement or court orders, or enforce or apply our agreements.
5. SECURITY
We use commercially reasonable physical, managerial, and technical safeguards to preserve the integrity and security of your personal information. In addition, we rely on the technical safeguards provided by the third party service providers we use to host, store, and process your personal information. We cannot, however, ensure or warrant that your personal information on the Services may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards.
6. YOUR RIGHTS
6.1. Who To Exercise Your Rights With
If we have collected your personal information as a result of our relationship with you (e.g., if you submitted personal information via our Site), we are a “controller” of that personal information and you can exercise your rights with respect to your personal information by following the instructions below. However, if we have collected your personal information as a result of agreements we have in place with an Institution, we are a “processor” of your personal information and that Institution controls our use of your personal information and determines how and for what purpose we process your personal information.
If we are a processor of your personal information, and you have any questions or concerns about how your personal information is handled or would like to exercise your rights as a data subject, you should contact the Institution. That Institution’s privacy policy governs their use of your personal information. We will comply with any instructions the Institution provides with respect to the processing of your personal information.
6.2. Your Rights If We Control Your Personal Information
If we are a controller of your personal information, you have the following rights with respect to our processing of your personal information:
6.2.1. Right to Know
The right to request that we disclose to you the personal information we collect, use, disclose, sell, and information about our data practices.
6.2.2. Right to Request Correction
The right to request that we correct inaccurate personal information that we maintain about you.
6.2.3. Right to Request Deletion
The right to request that we delete your personal information that we have collected from or about you. We may reject your request if it is reasonably necessary to maintain your personal information in order to complete the transaction for which we collected the personal information, comply with law, or other applicable reasons that are permitted under applicable laws and that will be communicated to you upon receipt of your request. You may not request the removal of de-identified, anonymous, or aggregate data from our databases.
6.2.4. Right to Portability
The right to request that we provide you with your personal information in a common file format.
6.2.5. Right to Opt Out of Sales and Targeted Advertising
The right to opt out of our sale of your personal information and the processing of your personal information obtained from your activities on nonaffiliated websites or online applications for the purposes of targeted advertising. We only disclose your personal information as set forth in Section 4 above and do not sell your personal information or share it for the purpose of targeted advertising.
6.2.6. Right to Opt In for Sensitive Data Processing
The right to limit our processing of your sensitive data (to the extent we collect any) for certain purposes.
6.2.7. Right to Opt Out of Automated Decision Making
The right to opt out of our use of your personal information for certain types of automated decision making.
6.2.8. Right to Non-Discrimination
The right not to receive discriminatory treatment for exercising your privacy rights.
6.3. How to Exercise Your Rights
If you wish to exercise any of the rights set out above and we are the controller of your personal information, please contact us at privacy@datava.com. If you have authorized an agent to exercise your rights on your behalf, the agent may contact us at privacy@datava.com. Please note that to protect your personal information and the integrity of our Services, we may need to collect additional information to verify your identity (and, if applicable, the authority of your agent) before processing your request. If you are not satisfied with any decision we make with respect to your request, you can let us know the reasons for your concern, and we will review your appeal. If we are the processor of your personal information, please contact the organization through which you have access to our Services in order to exercise rights you may have with respect to your information.
7. RETENTION OF INFORMATION
If we process your personal information on behalf of an Institution, the Institution decides when to delete your personal information. If an Institution terminates their relationship with us, we will retain their data (including your personal information, to the extent it is included within the Institution’s data) for two years, unless the Institution requests that we delete the data earlier. If we collected your personal information through our Site, we will retain your personal information as long as needed for your approved receipt of communications from us, and our compliance with legal obligations.
8. HOW WE RESPOND TO DO NOT TRACK SIGNALS
We do not track you or collect your personal information across third party websites or online services. Thus, we do not receive Do-Not-Track signals, or other similar signals. To the extent that we do receive any such signals, we will not comply with them as it is not an aspect of the functionality of the Services.
9. AGE OF USERS
Children under the age of 13 are not permitted to use, access or register for the Services in any way. We do not knowingly collect or solicit information from anyone under the age of 13. If we learn that we have collected personal information from a child under the age of 13, we will delete that information as quickly as possible.
10. CHANGES TO POLICY
We’re constantly trying to improve the Services, so we may need to change this Policy from time to time as well. The date of the last modification will be posted at the beginning of this Policy. It is your responsibility to check from time to time for updates. By continuing to access or use the Site, you are indicating that you agree to be bound by the modified Policy.
11. CONTACT US
If you have any questions or concerns regarding this Policy, please send a detailed message to privacy@datava.com, and we will try to resolve your concerns.