PFL Tech, Inc. (collectively, “PFL”, “we” or “us”) respects the privacy of its customers and business partners. The PFL Notice of Privacy Practices (the “Privacy Statement”) describes the information that we collect, how we obtain and store the information, and the ways we may use or share that information. This Privacy Statement also describes the measures we take to protect the security of the information and how we can be contacted about the information we collect from or about you.
This Privacy Statement only covers our privacy practices with respect to the collection, use, storage, and sharing of information obtained: (i) through the PFL websites (collectively, our “Website”), Customer Service, or marketing and sales initiatives; (ii) through the use of our hosted software applications (the “Subscription Services”) and related support services (“Support Services”) that we provide to Customers. In this Privacy Statement, the Subscription Services and the Support Services are collectively referred to as the “Services.”
3. For the purposes of this Privacy Statement:
“Customer” means any entity that purchases the Service.
“Customer Data” means the electronic data captured, provided, or uploaded into the Subscription Services by or for a Customer or its legally designated Users.
“Visitor” means a visitor to the Website or user of Customer Services.
“User” means an individual legally authorized by a Customer to access and use the Subscription Services.
“User Data” refers to content or materials you post, submit, contribute, publish, display, or make available to us, transmit to others on or through our Services or public forums.
Personally identifiable information such as name, contact information, username and password is stored for access to and use of the Services. This information is kept secure, using industry standard practices, on our private servers and is only used to assist you in accessing your account. No information is shared outside of the PFL system unless specifically authorized by you or in response to a court order from a court of proper jurisdiction.
a. How We Obtain Information
i. Information you provide to us:
When filling out forms on our Website we collect personal information, including, but not limited to, name, mailing address, email address and telephone number.
When you post User Data to our social media, participate in bulletin boards, blogs, comment threads, forums or other interactive features, register, or request further information or services from us.
When you enter a contest or promotion we sponsor.
When you report a problem with our Website.
When you contact us.
When you complete our surveys.
Other information you may submit to us related to your use of our Services from any source, for example, through email or messaging services.
ii. Information we collect through our Subscription and Support Services:
General information, including a Customer’s company name and address, and the Customer’s representative’s contact information (“General Information”) for billing and contracting purposes.
Information and correspondence our Customers and Users submit to us in connection with Services or other requests related to our Service.
Information we receive from our business partners or third-party affiliates in connection with our Customers and Users use of the Services or in connection with services provided by our business partners on their behalf, including configuration of the Subscription Services.
Aggregated data captured from our Customers and Users during use of the Subscription Services or server logs in support of the Subscription Services.
b. How We Use Information Collected
To provide you with information, products or services that you request from us or we determine, at our sole discretion, will be of interest to you.
To carry out our obligations and enforce our rights arising from any contracts entered into between you and us.
For industry analysis, benchmarking, performance and usability analytics, marketing, and other legal business purposes.
c. How We Share Information Collected – We may disclose personal information that you provide to us, to the following third parties:
Vendors, business partners and service providers we use to support our Services or business efforts or third-parties which provide services on our behalf. In the event of merger, acquisition, or any form of sale or transfer of some or all of our assets (including in the event of a reorganization, dissolution or liquidation), in which case personal information held by us about our Visitors will be among the assets transferred to the buyer or acquirer. Customers will be notified prior to any such event.
d. We may also disclose personal information to third parties in order to:
Comply with any court order issued by a court of proper jurisdiction.
Protect the rights, property, or safety of PFL.
We will not sell, rent trade or share Customer information with third parties for their promotional purposes.
5. Public Forums and Social Media
6. Communication Preferences and Choices
We provide certain choices regarding the information Visitors provide to us. We have created some mechanisms to provide you with control over your information when using our Website. First, if you do not wish to have your email address used for promotional purposes by PFL, you may withdraw consent at a later time by contacting our Website or Customer Service. Second, you may contact our Website or Customer Service to request changes to any personal information that you have provided to us in connection with the Website or Services. We will use reasonable efforts within the scope of our business and technology practices to respond to such requests for correction or updates to personal information.
7. Customer Data
We may use Customer Data to provide the Services, including updating and maintaining the Subscription Services and providing Support Services. Notwithstanding anything else to the contrary in this Privacy Statement, we will not use, disclose, review, share, distribute, transfer or reference any Customer Data except as permitted in the Customer Agreement or as required by law.
8. Communication Preferences and Choices and Accessing and Correcting Your Personal Information
Since each Customer may control over the information collected, including any personal information, it collects from its Users, how that information is used and shared, and how that information can be changed, Users of the Subscription Services must contact the applicable Customer administrator with any inquiries as to how the Customer uses and discloses personal information and how to access or correct personal information contained in Customer Data.
To access or correct any personal information Customer has provided as part of the General Information, the Customer should contact their account representative or Team.
a. Security Statement
PFL uses industry standard procedures and processes to protect the personal information obtained through the Website and in connection with the Services from loss, misuse and unauthorized access, disclosure, alteration and destruction.
b. Third Party Websites and Applications
PFL Services may link to websites that are not owned or controlled by PFL. As such, this Privacy Statement does not apply to information collected when visiting any third party site or by any third party application that may link to or be accessible from the Website. This Privacy Statement also does not cover the use or disclosure of any information stored in the Subscription Service when hosted by the Customer.
c. Changes to Our Privacy Statement
PFL reserves the right to update or change this Privacy Statement from time to time. Any updates or changes to this Privacy Statement will be posted to the home page, and any other places we deem appropriate to assist you in being aware of what information we collect, how we use it, and under what circumstances, if any, we share it. We reserve the right to modify this Privacy Statement at any time, and it is the sole responsibility of the Customer, Visitor, or User to review this Privacy Statement frequently. If we make material changes to this policy, we will attempt to notify you of such change on our home page prior to the change becoming effective. Your continued use of the Website or Services is deemed to be acceptance of all updates or changes we make to this Privacy Statement and as such, we ask that you review the Privacy Statement periodically for any updates or changes that we may have made.
d. Contact Information
To inquire or comment about this Privacy Statement and our privacy practices or if you need to update, change or remove your information, contact us at:
PFL Tech, Inc. Attn: Privacy Officer 100 PFL Way Livingston, MT 59047
The General Data Protection Regulation (“GDPR”), which will become enforceable on May 25th, 2018, aims to strengthen the security and protection of personal data in the European Union (“EU”). This rule clarifies how the EU personal data laws apply even beyond the borders of the EU and will replace the European Privacy Directive and national legislations accordingly. Any organization that works with EU residents’ personal data in any manner has obligations to protect the data. PFL Tech, Inc. (“PFL”) is well aware of its role in providing the right tools and processes to support its users and customers in order to meet their GDPR mandates.
At PFL, we have demonstrated our commitment to data privacy and protection by meeting the industry standards for PCI, HIPAA, SOC 1 and SOC 2. We recognize that the GDPR will help us move towards the highest standards of operations in protecting customer data and PFL attests that we will comply with applicable GDPR regulations as a data processor by the May 25th, 2018 enforcement date.
PFL GDPR Roles and Employees
PFL has designated Casey Bartz, Chief Technology Officer, as our Data Protection Officer (DPO) and has a dedicated internal team of cross-functional stakeholders to develop and implement our roadmap for GDPR compliance. The team is responsible for promoting awareness of the GDPR across the organization, assessing our GDPR readiness, identifying any gap areas and implementing the new policies, procedures and measures.
PFL understands that continuous employee awareness and understanding is vital to the continued compliance of the GDPR. We have incorporated GDPR specific content to PFL’s onboarding and annual employee training programs.
PFL GDPR Readiness
Our readiness initiatives include:
Designating data privacy roles;
Building on existing security policies, processes and controls;
Providing visibility and transparency;
Enhancing data integrity and security;
Portability and transferability of data;
Identifying personal data;
Encrypting, anonymizing or deleting user data; and
Creating provisions for data subject’s rights.
PFL Users and Customers
Compliance with the GDPR requires a partnership between PFL and our users and customers in their use of applicable PFL services. In this context, PFL will act as a data processor and our users and customers will act as data controllers. Working together, we hope to explore opportunities within our relevant service offerings to support our users and customers in meeting their GDPR obligations. PFL encourages partners and customers to independently familiarize themselves with the GDPR. Please direct questions or comments regarding PFL’s data privacy program to PFLTrust@PFL.com.