Effective Date: July 11, 2024
Contract Logix, LLC (“Contract Logix,” “we,” “our,” or “us”) is committed to protecting your privacy. We publish this Privacy Policy regarding our privacy practices in connection with our services and websites so that you can understand how we collect and protect your information.
In addition to reading this Privacy Policy, please review our Terms of Use, which governs your use of our websites. By accessing our websites, you agree to our Terms of Use and you consent to our use and collection of your information as outlined in this Privacy Policy, so please read the information below carefully.
Contract Logix complies with applicable privacy and data protection laws and regulations based on your geographical location including, but not limited to GDPR and CCPA, as each is applicable. Contract Logix takes measures to ensure that your Personal Information is stored safely with Contract Logix, meeting regulatory privacy and security requirements including those imposed on organizations conducting business in the EU. Nothing in this Privacy Policy limits or attempts to limit your rights under applicable laws, including your ability, depending on your country of residence, to file a complaint with your local Data Protection Authority.
INFORMATION COLLECTION, USAGE, AND SHARING
Personally Identifiable Information. Contract Logix does not collect personally identifiable information (“PII”) about visitors except when visitors specifically provide such information on a voluntary basis. PII may include name, email address, mailing address, telephone number, contact preferences, and other such information that could be used to personally identify an individual visitor. When PII is provided, such information will be used only for the transaction for which it was collected and as otherwise set forth in this Privacy Policy and will not be sold to third parties. Our use may include contacting you to provide details on updates, special offers, newsletters, promotions, surveys, hosted contests, or other services that we think may be of interest to you or such that you have requested. In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements..
Passively Collected Information. When you visit our website, Contract Logix collects non-personal information that your web browser automatically sends whenever you visit a website on the Internet. Our servers automatically record technical information, which may include your Internet Protocol (IP) address, browser type, which webpages you’ve visited, how long you have spent on a webpage, and the date/time of the webpage visit, among other things. This technical information is not used to link to any specific individual and is stored and maintained as aggregate data. This aggregate data is used to improve services provide to Contract Logix customers and potential customers.
Tracking Technologies. We may use a variety of tracking technologies to automatically collect this non-personal information, such as cookies, web beacons, embedded scripts, browser fingerprinting, GPS, iBeacons, and ETags (or “entity tags”). A cookie (or “locally shared object”) is a data file placed on your device when you visit our websites. Your browser, or other software (including Adobe Flash), may allow you to reject or remove cookies, but if you do so, some features of our websites may not work properly, and we may not be able to remember your preferences the next time that you visit. We also may use web server logs to collect and store information about site usage. When you use a mobile application or visit our sites from a mobile device, like a smartphone, we may also collect additional information from your device, including your location, device identifier, and information about your mobile network.
Analytics Services. In addition to tracking technologies, we may use third-party analytics services to gather information about our website visitors. These services may track details about your online activities over time and across different sites. These services help us to improve our websites. These services may also allow us and others to provide you with targeted advertisements or other content that you may be interested in based on your online activities. If you would like to learn more about targeted ads that may be based on your online activities, and the choices that you may exercise for certain sites and advertisers, you may wish to visit the Network Advertising Initiative or the Digital Advertising Alliance.
Third Party Tracking and Do Not Track. Third parties may use tracking technologies in connection with our websites, which may include the collection of information about your online activities over time and across third-party websites. This Privacy Policy does not apply to these third-party technologies because we may not control them and we are not responsible for them. Do Not Track is a technology that enables users to opt out of tracking by websites they do not visit. Currently, we do not monitor or take any action with respect to Do Not Track technology.
MANAGEMENT AND REMOVAL OF DATA
At any point you may send an email to privacy@contractlogix.com, or call Contract Logix at 1-866-371-4445 in the event that you: 1) want to see if we have any data about you, 2) want to change/correct any data we have about you, 3) want us to delete any data we have about you, or 4) wish to express concern over any data we have about you. Should you choose to not to be part of any Contract Logix mailing list, you may remove yourself by clicking the unsubscribe link at the bottom of any related email.
DATA SECURITY
To prevent unauthorized access, Contract Logix follows generally accepted industry standards to protect any data that is submitted to us, both during transmission and while stored. Certain technical and organizational processes and measures have been designed to secure your data to prevent accidental loss and unauthorized access, use, modification, or disclosure. No method of electronic data submission, however, is 100% secure and Contract Logix cannot guarantee 100% security. You acknowledge that you provide your information at your own risk.
CHILDREN’S PRIVACY
Contract Logix takes children’s privacy seriously. Our services and products are not designed, intended, or marketed to children under the age of 18. We do not knowingly collect, use, or disclose the PII of anyone under the age of 18. If you are under 18 years of age, please do not attempt to utilize the services provide by Contract Logix. If you believe we may have any PII from or about a child under the age of 13, please email privacy@contractlogix.com or contact us using the contact information below. Any PII collected from an individual under the age of 13 will be deleted as quickly as possible.
Contract Logix, LLC
Attn: Privacy Officer
55 Technology Drive
Lowell, MA 01851
EU-U.S. DATA PRIVACY FRAMEWORK (EU-U.S. DPF), THE UK EXTENSION TO THE EU-U.S. DPF, AND THE SWISS-U.S. DATA PRIVACY FRAMEWORK (SWISS-U.S. DPF)
Contract Logix ensures the lawful transfer of personal data from the EEA, UK and Switzerland to the US through its certification to the Data Privacy Framework Program and alternative mechanisms such as the Standard Contractual Clauses (the “SCCs”), as approved by the European Commission.
Contract Logix is still certified in its compliance complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Privacy Shield Framework Data Privacy Framework, as set forth by the U.S. Department of Commerce regarding the collection, use and retention of Personal Information from the European Economic Area, the United Kingdom (including Gibraltar), and Switzerland to the United States. Contract Logix has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. Contract Logix has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/. Contract Logix remains committed to subjecting all personal data received from European Economic Area (EEA) member countries, the United Kingdom and Switzerland to the Framework’s applicable Principles. Contract Logix is monitoring the situation as it develops and will update this Privacy Policy with any amendments needed to remain compliant. For the time being, when Contract Logix receives Personal Information from a third party, or shares Personal Information with a third party, Contract Logix shall execute appropriate written agreements based on the applicable jurisdiction.
Notice. Contract Logix only collects, uses and stores PII as described in this Privacy Policy, and as is consistent with DPF Principles and/or SCCs and applicable law. It is our policy to always notify individuals about the purposes for which we collect and use information about them, the choices they have regarding use and disclosure of their PII, and how to contact us with inquiries or complaints.
Choice. Contract Logix will not use your PII for a purpose that is materially different from the purposes for which it was originally collected or subsequently authorized by you, nor will we disclose your PII to a third party, unless such disclosure is made to a third party that is acting as an agent pursuant to a contract with Contract Logix, to perform tasks on behalf of and under the instructions of Contract Logix.
Certain PII, such as information about medical or health conditions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership or information specifying the sex life of an individual, is considered “Sensitive Information.” Contract Logix will also treat any PII received from a third party where the third party identifies and treats such PII as sensitive, as Sensitive Information. Contract Logix will always obtain affirmative express consent (opt in) from individuals if Sensitive Information is to be (i) disclosed to a third party or (ii) used for a purpose other than those for which it was originally collected or subsequently authorized by the individuals through the exercise of opt-in choice.
Accountability for Onward Transfer. We are responsible for the processing of PII we receive under the Privacy Shield EU-U.S. and/or the Swiss-U.S. Data Privacy Framework Principles (DPF Principles) and/or SCCs (as applicable) and subsequently transfer to a third party acting as an agent on our behalf. Contract Logix will comply with the Notice and Choice Principles in any transfer of PII to a third party acting as a controller or an agent. In addition, any such third-party controller or agent will be under a contract that provides that (i) such PII may only be processed for limited and specified purposes consistent with the consent provided by the individual, and (ii) the controller will provide the level of protection required by the Privacy Shield Framework DPF Principles and/or SCCs (as applicable), and (iii) the controller will notify Contract Logix if it makes a determination that it can no longer meet this obligation, and that upon such determination, the third party controller will cease processing information and take other reasonable and appropriate steps to remediate unauthorized processing. Upon request, Contract Logix will provide a summary or a representative copy of the relevant privacy provisions of any such contract with the Department of Commerce.
In cases where an EU, UK or Swiss individual’s data is transferred onward to third parties pursuant to the SCCs, Contract Logix may be potentially liable.
Security. Contract Logix takes reasonable and appropriate measures to protect any PII that it creates, maintains, uses, or disseminates, from loss, misuse, and unauthorized access, disclosure, alteration, and destruction.
Data Integrity and Purpose Limitation. Consistent with the DPF Principles and/or SCCs (as applicable), Contract Logix will not process personal information in a way that is incompatible with the purposes for which it was collected or subsequently authorized by the individual who provided such PII. To the extent necessary for those purposes, we take reasonable steps to ensure that PII is accurate, complete, current, and reliable for its intended use.
Any PII collected by Contract Logix will be maintained in a form identifying or making identifiable the individual who provided such PII only for as long as it serves the purpose of processing for which it was collected or subsequently authorized by the individual who provided such PII. This does not prevent Contract Logix from processing PII for longer periods for the time and to the extent such processing reasonably serves the purposes of archiving in the public interest, journalism, literature and art, scientific or historical research, and statistical analysis.
Depending on the circumstances, examples of compatible processing purposes may include those that reasonably serve customer relations, compliance and legal considerations, auditing, security and fraud prevention, preserving or defending our legal rights, or other purposes consistent with the expectations of a reasonable person given the context of the collection of PII.
Access. All individuals have access to the PII that Contract Logix holds about them, and they are empowered to correct, amend, or delete that information where it is inaccurate, or has been processed in violation of the DPF Principles and/or SCCs (as applicable), except where the burden or expense of providing such access would be disproportionate to the risks to the privacy of the individual in question, or where the rights of other individuals would be violated by such access.
Recourse, Enforcement and Liability. In compliance with the EU-U.S. and Swiss-U.S. Data Privacy Framework Principles and/or SCCs (as applicable), Contract Logix commits to resolve complaints about your privacy and our collection or use of your personal information. European Union, United Kingdom, and Swiss individuals with inquiries or complaints regarding this Privacy Policy should first contact the Contract Logix Privacy Officer at privacy@contractlogix.com.
Contract Logix has further committed to refer unresolved DPF Principles-related complaints to a U.S.-based independent dispute resolution mechanism, BBB NATIONAL PROGRAMS. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed by us, please visit www.bbbprograms.org/dpf-complaints for more information and to file a complaint. This service is provided free of charge to you.
If Contract Logix becomes subject to any Federal Trade Commission (“FTC”) or court order based on non-compliance, we will make public any relevant DPF-related sections of any compliance or assessment report submitted to the FTC, to the extent consistent with confidentiality requirements.
Contract Logix submits to being subject to the investigatory and enforcement powers of the FTC.
If your DPF complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf.
CHANGES TO THIS POLICY
Contract Logix may at any time revise this Privacy Policy by posting the revised policy and updating the effective date at the top of this page. By using this website after such posting, you agree to be bound by any such revisions, so it is important that you periodically visit this page to determine the then-current Privacy Policy that governs our use, collection and storage of your information.