Privacy Notice

Effective as of May 28, 2024

Privacy Statement

Inhabit IQ and its family of software brands take pride in conducting business responsibly and ethically. We place the highest regard on the data privacy and security of our customers and on our legal obligations to protect such personal data.

Shift Next Level Innovations Inc. (“Shiftsuite,” “we,” “us” or “our”), as one of the Inhabit IQ brands, developed a data privacy program that respects and protects the privacy rights of individuals whose personal information we process. We recognize that data privacy coincides with data protection, thus, we implement reasonable and appropriate data security and protection measures to preserve the confidentiality, integrity, and availability of the personal information we process.

Contents

I. Who are we?
II. What is the scope of this Privacy Notice?
III. What do we collect?
IV. How we use the personal information we collect
V. How we share and disclose your personal information
VI. How long we retain personal information
VII. How do we secure your personal information
VIII. Your Choices and Rights
    A. Your Choices
    B. Your Rights
        1. California Privacy Rights
        2. Colorado, Connecticut, Florida, Montana, Oregon, Texas, Utah, Virginia
        3. GDPR Privacy Rights
    C. Exercising Your Rights
        1. How to Exercise Your Rights
        2. Use of an Authorized Agent
        3. Minors
        4. Shiftsuite as a Service Provider
IX. Changes to this Privacy Notice
X. Contact Us
Your California Privacy Choices

I. Who are we?

Shift Next Level Innovations Inc. (“Shiftsuite,” “we,” “us” or “our”) is a property management software company operating under Inhabit IQ, a global PropTech software company serving the residential and vacation property management industries offering software-as-a-service (SaaS) solutions for core areas like accounting and operations, customer relations management, marketing, background screening, rent payment processing, and insurance.
We provide various condominium, strata, and HOA software solutions ranging from but not limited to; Accounting, Status Certificate management, Community Websites, and Online Proxies, among others. When we use the term “Service(s)” we mean collectively:

1. The information provided through websites owned and controlled by us, including the website at https://shiftsuite.com/, https://www.statuscertificate.com/, https://www.condocommunitywebsites.com/ and any related external facing platforms or apps (the “Site(s)”);

2. The provision of online tools for real estate and property management and related services to those who purchase such tools and services; and

3. Shiftsuite’s marketing and business development activities, including any social media campaigns we create, and emails that we send (“Marketing”).

We offer these Services to condominium, strata, and HOA property management companies (“Clients”). The Services are intended for a general audience and are not targeted to children under the age of 13.

We are a “Data Controller” under Data Privacy Laws when we process personal information relating to our Clients or potential Clients, their representatives or employees, our suppliers, and vendors.

We are a “Data Processor” under Data Privacy Laws      when we process personal information on behalf of our Clients and relating to our Client’s Customers (Residents, Owners, End-Users) in the performance of our Services. When we process personal information in this capacity it will be set out in a written contract with our Clients, the Data Controller, and such Data Controller’s Privacy Notice would apply as opposed to this Privacy Notice.

II. What is the scope of this Privacy Notice?

We strive to be transparent and keep you informed on how we process your personal information through this notice. This notice sets out how we collect, use, store, share, dispose, and protect your personal information as a Data Controller and a Data Processor.

This Privacy Notice covers the disclosures that are required by “Data Privacy Laws” governing our processing of personal and sensitive personal information, which include, but are not limited to the following:

Law Scope Effectivity

“GDPR”

General Data Protection Regulation

Imposes obligations onto organizations anywhere, so long as they target or collect data related to people in the EU. May 25, 2018

“PIPEDA”

Personal Information Protection and Electronic Documents Act

Applies to private sector organizations engaged in commercial activity or operating in Canada. January 1, 2001

“CCPA”

The California Consumer Privacy Act

California state law that addresses the privacy rights of California consumers. It was updated, amended and expanded by California Privacy Rights Act (CPRA). In this Privacy Policy, CCPA means CCPA as amended by CPRA.

CCPA: January 1, 2020

CPRA: January 1, 2023

“CPA”

Colorado Privacy Act of 2021.

Applies to legal entities conducting business in Colorado or delivering products or services targeted to Colorado residents July 1, 2023

“CTDPA”

Connecticut Data Privacy Act of 2022

The act applies to those who conduct business in the state or who produce products or services targeted to Connecticut residents. July 1, 2023

“FDBR”

Florida Digital Bill of Rights

Applies to for-profit entities that conduct business in Florida and collect personal data about Florida consumers (or are the entity on behalf of which such information is collected). July 1, 2024

“MCDPA”

Montana Consumer Data Privacy Act

Companies that conduct business in Montana or persons that produce products or services that are targeted to residents of Montana October 1, 2024

“OCPA”

Oregon Consumer Privacy Act

Applies to any person that conducts business in Oregon or provides products / services to Oregon residents July 1, 2024

“TDPSA”

Texas Data Privacy and Security Act

Applies to for-profit businesses or persons that does business in Texas or produces a product or service consumed by a Texas resident. July 1, 2024

“UCDPA”

Utah Consumer Privacy Act of 2022

The Act regulates company that conducts business in Utah or produces a product or

service that is targeted to consumers in Utah.

December 31, 2023

“VCPDA”

The Virginia Consumer Data Protection Act of 2021

Provides Virginia consumers with specific rights regarding their personal information that took effect on January 1, 2023.

This notice applies as we process personal information as a Data Controller relating to:
    ● visitors to one of Shiftsuite’s Site(s);
    ● our Clients including their representatives, officers, employees, partners, independent contractors, agents and other authorized Users;               and
    ● our prospective Clients, including their representatives, officers, employees.

If you are an individual Resident, Property Owner, End-user of a property managed or owned by a Client who has been invited to use the client-facing features of the Services in a limited capacity, we process your personal information as a Data Processor for our Client and the processing of your personal information will be governed by your relationship with them. Please note that our Client have their own privacy notices, and this notice does not apply to their collection, use, storage, destruction, disclosure, and/or processing of any personal information they handle.

This Privacy Notice does not cover the practices of companies we do not own or control or people we do not manage and this Privacy Notice does not apply to any third-party sites that may link to or be accessible from our Sites.

We use some phrases in this Privacy Notice that are unique to our business or our Services. Below      are definitions of some of the key terms.

    ● “Personal Information or Personal Data” refers to information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household. Personal Information does not include certain de-identified or aggregated information, information publicly available in government records, or certain other information excluded from the scope of various Data Protection Laws.

    ● “Sensitive Personal Information” is a type of personal information depending on what is considered as sensitive personal information as provided under the applicable Data Privacy Laws, sensitive personal information is that which reveals the following:
        o Personal identification numbers, including social security, driver’s license, passport, or state ID card numbers
        o Account or debit or credit card numbers combined with passwords or codes that would enable access to the accounts
        o A consumer’s precise geolocation
        o A consumer’s racial or ethnic origin, religious beliefs, or union membership, individual’s medical history,  mental or physical             health condition or medical treatment or diagnosis, sex life or sexual orientation, or citizenship or citizenship or immigration status
        o A consumer’s mail, email, or text message content unless the information was intentionally sent to the business
        o A consumer’s genetic data, biometric data that may be processed for the purpose of uniquely identifying an individual
        o Personal data from a known child under 13 years old (for those consumers in CO, CT, VA).
        o This also includes Special Categories of Data as defined under the GDPR: personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.

    ● “Processing” means any operations performed on personal information, including: collecting, storing, retrieving, consulting, analyzing, disclosing or sharing with someone else, erasing, or destroying personal data.

    ● “Client” refers to the condominium and strata property management companies who we contract with and provide our Service for.

    ● “Customers” refers to the individual Resident, Owner, End-user who avail the service of our Client whose personal information we may handle on behalf of or upon the instructions of our Client as part of or as needed by the Services we provide.

    ● “User” refers to individuals who are given access to the platforms we offer our Clients. They can be Primary Users: representative, staff, vendor, employee or personnel of our Clients or Secondary Users: the Residents, Owners, End-users of our Customers.

III. What do we collect?

We collect the following Personal Information from the following categories of sources.
A. Data from our Clients, Potential Clients, Primary Users and our Site Visitors

1. Directly from you when you interact with our customer support by email, regular mail or telephone; or when you use any of our application or solutions as authorized Primary User or representative of our Clients:

  • Name, phone number, email address or unique personal identifiers (wireless device ID, cookies, IP address) (“Identifiers”).
  • Occupation, position or designation (“Demographic Data”)
  • Company name, company country and state, commercial information (such as transaction data, purchase history, or delivery information) (“Commercial Data”);
  • Internet or other network or device activity (such as browser type and language, operating system or app usage) (“Internet Data”).
  • Usernames, log-in credentials (“Log-in Data”)

2. Directly from you as a visitor to one of our Site:

    When you visit our Site, you may choose to provide information to us, such as when you contact us to request or provide information through our “Get a Demo” or “Contact Us”, “Start a Trial”, and login page on the Site.

    In addition, when you interact with our Site, we use technology and Google tools (such as Google Analytics, Google AdSense, Google Display Network Impression Reporting) to gather information on how visitors are using the Site and Services.

    We collect IP address information so that we can properly manage our system and gather information about how our site is being used. This includes the device type and browser you are using, location data, the pages you are viewing and your interactions on the page. Your IP address may be associated with records containing Personal Information. We collect details of visits to our Site, including the volume of traffic received, logs and the resources that you have accessed. We may also collect certain location information such as your mobile device’s GPS signal, or information about nearby WiFi access points and cell towers.

    We may collect the following categories of information from our Site:

        ● Name, company name, phone number, email address, state or province, unique personal identifiers (cookies, IP address), (“Identifiers”).
        ● Internet or other network or device activity (such as type of device, internet connection, browser type and version, time zone, operating system and platform, referring/exit pages, account access date/time stamp, UTMs (Urchin tracking modules) for lead source) (“Internet Data”).

    3. From our Client as needed for us to perform our Services for them.

        ● Name, phone number, email address, postal address, information about your real estate assets, and any other information necessary to complete applicable documents or applications provided (“Identifiers”).

    B. Data from Customers

    1. Directly from you as a resident, owner, end-user or our Clients as a Secondary User or who has opted to receive marketing communicates and product updates and offers from our Clients.

        ● Name, phone number, email address, postal address, state identification card numbers, bank account number (wireless device ID, cookies, IP address), (“Identifiers”).
        ● Medical conditions, disability (physical or mental) (“Health Data”).
        ● Financial information (such as credit or debit card information, verification number, and expiration date) (“Financial Data”).
        ● Usernames, log-in credentials (“Log-in Data”)
        ● Internet or other network or device activity (such as browser type and language, operating system or app usage) (“Internet Data”).

    2. From our Client and from our service providers and business partners as needed for us to perform our Services.

        ● Name, phone number, email address, postal address, bank account number (wireless device ID, cookies, IP address), (“Identifiers”).
        ● Employment details, citizenship, homeownership, marital status, military or veteran status, monthly income and size, gender and birthdate (“Demographic Data”).
        ● Medical conditions, disability (physical or mental) (“Health Data”).

    IV. How we use the personal information we collect

    We only collect the information reasonably necessary to provide our Services, to carry out our operations which may involve automatic processing using machine learning and artificial intelligence applications, as required by law, and for the other legitimate business purposes, under applicable laws.

    Some of these uses may, under certain circumstances be based on your consent, may be necessary to fulfill our contractual commitments to you or our Clients, or are necessary to serve our legitimate interests as provided below:

    A. For provision of our Services:

        ● To facilitate the use of the software application, to maintain and administer our Client’s account which includes sending transaction records, notice and other documents necessary for the continued use of the application and for other purposes that would be necessary or beneficial to administer our Client’s use of the same (“Servicing”).
        ● To continuously provide you or our Clients with our services through your use of the platform and access of its database (“Servicing”).
        ● To respond to your queries, comments, feedback, or requests and address your complaints and provide customer support (“Servicing”).
        ● To verify or ascertain your identity, uniquely identify you or your business and identify potentially fraudulent activity (“Fraud Prevention”).
        ● To carry out our obligations arising from of our contracts with our Clients (“Servicing”).
        ● To conduct research and gain an understanding of the users of our platform, their experiences and preferences to further improve the platform (“Quality Improvement”).
        ● To assist in business development, compile statistics regarding how the Site or our Service is used in order to improve our them, for example, we may use your personal data to improve the layout of our Site based on the click path you utilized to access certain information within the Site (“Quality Improvement”).
        ● To run system diagnostics to ensure that platform is functioning properly and to improve the user experience (“Quality Improvement”).
        ● To build and improve the accuracy of our automated methods of processing (including artificial intelligence or AI, such as Chat Bots you may use as part of our Services), where we manually review some of the predictions and inferences produced by the automated methods against the underlying data from which the predictions and inferences were made. For instance, with your permission and for the purpose of improving our Chat Bot technologies, we manually review short snippets of text or voice data that we have taken steps to de-identify. This manual review may be conducted by our employees or vendors who are working on our behalf. We do not use your personal information for training artificial intelligence (“Quality Improvement”).
        ● To detect or prevent security incidents or other illegal activity, debug, verify or maintain quality or safety or improve or upgrade a service or device owned or controlled by us (“Security”)

    B. For our own marketing and advertising activities (“Marketing”):

        ● To communicate with our Clients and Potential Clients regarding services, activities, programs, trainings, promotions, services, products or other offers in which they have indicated an interest or to which they’ve subscribed and to contact them with information that may be of interest to them.
        ● To provide our Clients and Potential Clients newsletters, articles, alerts and announcements and other information we think they may find useful or which they have requested from us.
        ● To personalize our Clients and Potential Clients’ experience and allow us to deliver individualized content and product offerings according to their specific interests.
        ● To provide our Clients and Potential Clients with the marketing materials of third parties which we think may interest you.

    C. For compliance with our legal obligations, regulatory requirements and for other legal purposes (“Legal”):

        ● To process any complaints, implement preventive measures and to investigate act, omission, or misconduct that would constitute a violation of our contracts and of the applicable laws.
        ● To verify your identity or conduct internal audits or reviews.
        ● To enforce our Terms and Conditions, and other agreements.
        ● To gather the necessary information required by law, record keeping and good business practices.
        ● To comply with our legal obligations and other regulatory requirements.
        ● To protect our lawful rights and interests in court proceedings and to establish, exercise or as defense from legal claims.

    We do not monitor or profile visitors to our Site or collect, in any automated manner, any special categories or sensitive Personal Information about you.  No automated decision-making, including profiling, is used when processing your Personal Information.

    Chat and Artificial Intelligence

    Chat and artificial intelligence features connect you with information and intelligently sense, process, and act on information, learning and adapting over time.

    A note about accuracy: Our chat and artificial intelligence features generate responses by reading a user’s request and, in response, predicting the words most likely to respond to such request. In some cases, the responses may not be the most factually accurate. For this reason, you should not rely on the factual accuracy of output from these features. If you notice that these features provide factually inaccurate information and you would like us to correct the inaccuracy, you may submit a correction request via email to [email protected]. Given the technical complexity of how these features work, we may not be able to correct the inaccuracy in every instance.

    Interest-Based Advertising

    We and our third-party advertising partners may use cookies or web beacons to collect information for the purposes of interest-based advertising based on your visits to our Site. These cookies identify the pages you view, the links and ads you click on, other actions you take on those websites, and the referring website. Similarly, online advertisers use cookies to deliver advertising to you for companies other than us based on your visits to our Site and other websites.

    V. How we share and disclose your personal information

    The below chart summarizes the categories of personal and sensitive personal information we collect, from where we collect it, how we use it, and with whom we share it.

    This chart is updated in an annual review and reflects the prior twelve (12) months from the date of last review in compliance with the CCPA.

    We have not sold any personal information to third parties for commercial purposes or monetary value however we do disclose personal information for internal business purposes or operational purposes of our business (servicing, quality improvement, fraud detection, security, legal).

    CATEGORIES OF DATA COLLECTED EXAMPLE DATA ELEMENTS SOURCES WE COLLECT FROM PURPOSES BEHIND COLLECTION, USE, AND SHARING CATEGORIES OF THIRD PARTIES WE DISCLOSE TO
    Identifier Name, phone number, email address, unique personal identifiers (wireless device ID, cookies, IP address)

    From  our Clients

    From our Customers

     

    Servicing

    Marketing

    Legal

    Quality Improvement

    Fraud Prevention

    Our Service Providers

    Corporate Subsidiaries and Affiliates

    We share Personal Information with the following categories of recipients for the following business purposes:

    1. Third-party Service Providers: Your Personal Information will only be shared with and processed by our affiliates and non-affiliated third-party service providers as permitted by law and for the purposes described in this Privacy Notice.  We may disclose Personal Information to certain non-affiliated specialized service providers, including professional advisors, consultants, technical service providers, and other third parties, who are bound by contractual obligations to keep Personal Information confidential and use it only for the purposes for which we disclose it to them.  We may disclose your Personal Information to third-party service providers to provide us with services such as Site hosting, including information technology and telephony services, and related infrastructure, customer service, e-mail delivery, auditing, and other similar services.

    2. Corporate Subsidiaries and Affiliates: We share the collected personal information as described in this notice with our subsidiaries and affiliated businesses within the Inhabit IQ, each of which use your personal information consistent with this Privacy Notice.  Those businesses may also use your personal information for each of their own purposes, including marketing purposes. Please visit their Privacy Notice on their website to learn more.

    3. Business Partners.  Where permitted by law, with our third party business partners, such as companies offering products or services of interest to you, advertising partners and other third parties for those third parties’ own commercial or marketing purposes, such as to serve targeted advertisements.

    4. Business Transfers: When applicable, we may share your information in connection with a substantial corporate transaction, such as the sale of a Site, a merger, consolidation, asset sale, or in the unlikely event of bankruptcy.

    5. With Your Consent or at Your Direction: We may share information for any other purposes disclosed to you at the time we collect the information or pursuant to your consent or direction.

    6. Other Legal Reasons: In addition, we may use or disclose your Personal Information as we deem necessary or appropriate: (1) under applicable law; (2) to respond to requests from public and government authorities including public and government authorities; (3) to pursue available remedies or limit damages we may sustain; (5) to protect our operations or those of any of our affiliates; (6) to protect our rights, privacy, safety or property of, our affiliates, you and others; and (7) to enforce our terms and conditions.

    When the information collected from or about you is not defined as personal information under applicable law, we may share such non-personal, de-identified information or aggregated information with third parties at our discretion.

    VI. How long we retain personal information

    We will retain your Personal Information for the period necessary to fulfill the purposes outlined in this Privacy Notice and in order to provide you the Services, and for as long as your account is active or as needed to provide you Services. We will also retain your information to comply with our legal obligations, to conduct audits, resolve disputes, and enforce of our agreements.

    VII. How do we secure your personal information

    We use reasonable organizational, technical and physical measures to maintain the privacy and security of your Personal Information within our organization against any unauthorized access, use, disclosure, loss or alteration, or theft of personal information. We maintain policies and practices to ensure the protection of your personal information. Depending on the volume and sensitivity of the information, the purposes for which it is used and the format in which it is stored, we implement a combination of measures to protect your personal information, including:

        ● Internal policies and procedures that define the roles and responsibilities of our employees throughout the information life cycle and limits their access to such information on a “need-to-know” basis;
        ● Technical safeguards such as encryption, firewalls, antivirus software and similar measures to protect information stored in electronic format;
        ● A designated Privacy Officer to monitor our compliance with applicable privacy laws;
        ● Employee privacy and data security training; and
        ● Procedures for receiving, investigating and responding to security incidents involving personal information.

    Unfortunately, no data transmission or storage system can be guaranteed to be secure at all times. Although we work to protect the security of your account and other data that we hold in our records, please be aware that no method of transmitting data over the internet or storing data is completely secure.
    If you have reason to believe that your interaction with us is no longer secure, please immediately notify us in accordance with the “Contact Us” section below. We will let you know promptly if a breach occurs that may have compromised the privacy or security of your information.

    VIII. Your Choices and Rights

    We offer you certain choices and you also may have certain rights in connection with the personal information we collect about you.

    A. Your Choices

    To ask us to remove your information from our marketing mailing lists, please contact us as outlined in the How to Exercise Your Rights Section below.

    B. Your Rights

    Subject to applicable Data Privacy Law, you may have certain rights to know, access, update, port your personal data, correct inaccuracies, delete, restrict processing of your personal information in our custody and control.
    For security purposes, we will verify your identity when you request to exercise your data privacy rights.  For certain types of requests, we may also need to ask you for additional information to verify your identity. Once we have verified your identity (and your agent, as applicable), we will respond to your request as appropriate.

    You right over your personal information depends on the Data Privacy Law applicable where you reside:

    1. Canadian Privacy Rights

    For additional information for residents of the State of California click here. [Separate Page]

    Your Rights

    Residents of Canada have certain privacy rights as specified under Canadian law, including the Personal Information Protection and Electronic Documents Act (PIPEDA), Alberta’s Personal Information Protection Act (PIPA), British Columbia’s Freedom of Information and Protection of Privacy Act (FIPPA), and Quebec’s Privacy Act. Our Privacy Principles and the privacy controls we offer to all users are in line with these laws—this notice makes sure we cover the Canada-specific requirements.

    A. Right to Access

    You have the right to know whether we process your personal information. You can make a request to access the categories or specific pieces of personal and sensitive personal information we collected, used, or shared about you.  Along with your verified request, we will give you any categories of sources from which the personal or sensitive personal information is collected; the purpose for collecting, selling, or sharing; and any categories of third parties with whom we share such personal information.

    B. Right to Rectification

    You have the right to correct inaccuracies in the personal information we collect from you, taking into account the nature of the personal information and the purposes for which we process it.

    C. Right to Object

    You may opt-out of the collection of your personal data for marketing purposes. You may withdraw your consent at any time, subject to legal or contractual restrictions and reasonable notice. We may need certain types of data so that we can provide our Services to you.  If you ask us to delete it, you may no longer be able to access or use our Services.

    D. Additional Rights

    Depending on your province, you may have additional rights, including the right to control the dissemination of your personal information, right to data portability and right to be informed of and submit observations regarding automated decision-making. You may also have the right to deletion, if the personal data is no longer needed for any purposes that justify its retention and we are no required by law to retain it, we will do what we can to delete.

    2. California Privacy Rights

    For additional information for residents of the State of California click here. [Separate Page]

    The California Consumer Privacy Act of 2018 (“CCPA”) and California Privacy Rights Act of 2020 (“CPRA”) provide certain rights to residents of California. This section of the Privacy Notice applies if you are a natural person who is a resident of California (“California Consumer”) and use our Services. This notice supplements the information in the Privacy Notice. Certain terms used below have the meanings given to them in the CCPA and CPRA.  The CCPA and CPRA shall be collectively referred to herein as the “CPRA”.

    Additional Disclosures

    A. Do-Not-Track Disclosure

    “Do Not Track” (“DNT”) is the concept that has been promoted by regulatory authorities for the internet industry to develop and implement a mechanism for allowing internet users to control the tracking of their online activities across websites.
    Currently, various web browsers (Chrome, Firefox, Safari, Internet Explorer, Microsoft Edge) offer a DNT option that sends a signal to websites visited by the browser user about the user’s DNT preference. We do not recognize or respond to browser initiated Do Not Track (DNT) signals as a DNT standard has not been adopted to this day.
    Our third-party partners, such as web analytics companies and third-party ad networks, may collect information about you and your online activities over time and across our Services and our Site. These third parties may not change their tracking practices in response to DNT settings in your web browser and we do not obligate these parties to honor DNT settings.

    Your Rights

    As a California Consumer, you have the following rights, these rights are not absolute and may be subject to exceptions and verification.  We may be required or permitted by law to decline any request.  Only you, a person that you authorize to act on your behalf, or an entity registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable request related to accessing or deleting your personal information.

    A. Right to Know, Access, Data Portability

    You have the right to know the categories and specific pieces of personal information that we collect about you, the purposes of the collection of these personal information, categories of third parties with whom we share your personal information and the categories of the personal information that we shared with third parties.
    You can also make a request to access the categories or specific pieces of personal and sensitive personal information we collected, used, or shared about you in the past twelve (12) months.  Along with your verified request, we will give you any categories of sources from which the personal or sensitive personal information is collected; the purpose for collecting, selling, or sharing; and any categories of third parties with whom we share such personal information.

    B. Right to Delete

    You can make a request to delete any personal and sensitive personal information we collected from you. Upon receiving a verified request, we will notify you once your information has been deleted. We will also communicate your deletion request to the third parties who process your personal information on our behalf and direct them to delete your information.

    C. Right to Opt-Out of Sale

    California Consumers have the right to opt out of “sales” of their personal information.
    The CCPA’s broad definition of  “sale” may include using services to deliver targeted advertising on other sites or applications. This means that if you make a request to opt out of our “sales” of personal information, it will likely have a direct impact on the types of advertisements you see online. We will honor requests to opt out of “sales” of your personal information.
    If you would like to opt out, you may do so as outlined on the following page: Do Not Sell or Share my Personal Information

    D. Right to Limit the Use or Disclosure of Sensitive Personal Information

    You have the right to limit the use of your sensitive personal information to only those purposes that are necessary for us to provide Services to you.  If you would like to opt out, you may do so as outlined on the following page: limit the use of your sensitive personal information
    We will notify you if at any point we intend to use your sensitive personal information for any additional purposes.

    E. Right to Non-Discrimination

    We value giving consumers control over their privacy and personal information.  If you choose to exercise any of your rights under the CCPA, we will not differentiate our services as a result of your decision.  We also do not offer any financial incentives to opt-in to sell your personal information.

    F. Right to Correct

    You have the right to request the correction, updating and completion of any Personal and Sensitive Personal Information we maintain about you.

    3. Colorado, Connecticut, Florida, Montana, Oregon, Texas, Utah, Virginia

    For additional information for residents of any of these states click here. [Separate Page]

    Your Rights

    The Virginia Consumer Data Protection Act, the Colorado Privacy Act, the Connecticut Data Privacy Act, Utah Consumer Privacy Act and similar laws in other U.S. states (“Data Privacy Laws”) provide their consumers with specific rights regarding their personal information. To the extent that you are a resident of one of these states, this section describes your rights under the Data Privacy Laws and explains how you may exercise these rights.
    The categories of personal information we process, our purposes for processing, the categories of personal information that we share with third parties, and the categories of third parties with whom we share it are detailed in Section 4.To the extent that our personal information processing activities are addressed by a separate privacy notice, please consult the terms of that privacy notice for detailed information about our data practices, including the categories of personal information that we collect and disclose.

    A. Right to Know

    You have the right to know whether we process your personal information.

    B. Right to Access

    You can make a request to access the categories or specific pieces of personal and sensitive personal information we collected, used, or shared about you.  Along with your verified request, we will give you any categories of sources from which the personal or sensitive personal information is collected; the purpose for collecting, selling, or sharing; and any categories of third parties with whom we share such personal information.

    C. Right to Data Portability

    You have the right to access and obtain a copy of your personal information that you previously provided to us in a portable and, to the extent technically feasible, readily usable format that allows you to transmit the data to another business without hindrance, where the processing is carried out by automated means. You may request such personal information up to twice annually, subject to certain exceptions.

    D. Right to Delete

    You have the right to delete personal information that you have provided by or that we have obtained about you. Please note that we may deny such a request if the requested deletion falls under an exception to this right set forth in Data Privacy Laws. If the personal data is no longer needed for any purposes that justify its retention and we are no required by law to retain it, we will do what we can to delete. We may need certain types of data so that we can provide our Services to you.  If you ask us to delete it, you may no longer be able to access or use our Services.

    E. Right to Opt Out of Selling or Sharing

    You have the right to opt out of the processing of the personal information for purposes of: (i) targeted advertising; (ii) the sale of personal information; or (iii) profiling in furtherance of decisions that produce legal or similarly significant effects concerning you (provision or denial of housing, insurance, employment opportunities, or access to essential goods or services; decisions that have a foreseeable risk of unfair or unlawful treatment, financial or physical injury or other substantial injury).
    As of the latest date of the Privacy Notice:
        ● We DO process personal information for the purposes of targeted advertising;
        ● We DO NOT sell your personal information in exchange for monetary or other valuable consideration (Please note that we do not “sell” any of your personal information in exchange for money. However, the term “sell” has a broader meaning under applicable Data Privacy Laws than would ordinarily be understood in a non-legal context. We share your personal information to third parties for business purposes such as performance of the Services, auditing, Service improvement and quality management);
        ● We DO NOT engage in profiling decision based on your personal information that produce legal or similarly significant effects concerning you.

    To opt-out of selling or sharing, you can submit a request to us either:
        ● by email at [email protected]; or
        ● by calling us at 1-855-489-5972
    Note in the body of the email that you would like to opt-out of sale or sharing of your personal information. In the subject line, include “<Your State> Consumer Request”.

    F. Right to Correct

    You have the right to correct inaccuracies in the personal information we collect from you, taking into account the nature of the personal information and the purposes for which we process it.

    G. Right to Nondiscrimination

    We value giving consumers control over their privacy and personal information.  If you choose to exercise any of your data privacy rights, we will not differentiate our services as a result of your decision.  We also do not offer any financial incentives to opt-in to sell your personal information.

    H. Your Right to Appeal

    For Colorado, Connecticut, Florida, Montana, Oregon, Texas and Virginia residents, if we decline to take action or do not respond regarding a request that you have submitted pursuant to one of the privacy rights set forth in this section, you have the right to appeal our refusal to take action within a thirty (30) calendar days after you receive our decision. We will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions. If the appeal is denied, we will also provide you with an online mechanism, if available, or other method through which you may contact your state attorney general’s office to submit a complaint.

    4. GDPR Privacy Rights
    For additional information for residents of European countries, including the United Kingdom and Switzerland click here. [Separate Page]

    If you are a resident of one of many European countries, including the United Kingdom and Switzerland, an important European privacy law (or an equivalent counterpart to it) the General Data Privacy Regulation (the “GDPR”) provides you with certain rights, and places certain obligations on companies regarding how your “personal data” (as the GDPR uses that term) is used.  We describe those rights and obligations below, and how and in what circumstances we honor them.
    We set out our compliance with the GDPR and, to the extent applicable, those other laws, in this section.

    Legal Basis

    The GDPR requires us to tell you about the legal ground we’re relying on to process any personal data about you. The legal grounds for us processing your personal data for the purposes set out in Section IV above will typically be because:
        ● You provided your (legally sufficient) consent;
        ● It is necessary for our contractual relationship, e.g., in order to provide you services or features you’ve requested and we’ve promised;
        ● The processing is necessary for us to comply with our legal or regulatory obligations – for instance, to communicate with you about or to help honor your legal rights; and/or
        ● The processing is in our legitimate interest.   For instance, we may process and share business data collected from our website for our own internal marketing purposes, or other information for purposes of security, data hygiene or validation, in a manner that constitutes a “legitimate interest”.

    Your Rights

    A. Right to Rectify, Delete, Restrict or Object to the Processing

    Your rights to deletion or revocation of consent (sometimes referred to as a right to be forgotten, to restrict processing, or to otherwise object to processing).  You have the right to request that we delete your personal data (or where applicable, withdraw your prior consent to our processing of your data).  You may also request that we correct or rectify your personal data if it is inaccurate, incomplete or false.

    If you request that we delete your personal data, or withdraw your consent, we will customarily retain a copy of your data sufficient to suppress it from our active databases in the future:  but if that is not what you wish, you may indicate that to us (in which case your information may be added to our database later, because we will not have “suppressed” it).

    Moreover, when we delete your personal data, we may retain it (to the extent legally permissible) for certain important (but narrow) internal purposes such as legal, compliance, accounting or auditing purposes, and in some cases, for security purposes.

    B. Personalized Online Advertising Opt-Outs

    You may object to profiling by online advertising platforms with whom we sometimes partner to help generate (and measure or analyze) “personalized” online advertising.  These platforms are generally separate third party “controllers” of your data.

    C. Your Right to Access

    In some jurisdictions, you may have the right to request access to a copy of your personal data.  When you request access to your personal data, we are required — for privacy and other important compliance reasons — to verify your identity in a legally sufficient manner: if we cannot do so, we will not be able to satisfy your access request.

    Please note that as part of the verification process, we may not be able to sufficiently “verify” your identity in a manner sufficient to safeguard against the potential adverse privacy effects on disclosure of personal data to the wrong individual (or a person who is purposefully seeking the information of another).  Because such improper disclosure would likely adversely affect the privacy rights and freedoms of a relevant data subject/consumer, we limit certain personal data we make available.

    Questions or Concerns

    If you have a complaint or concern or question about how we handle your personal data, please contact us as at the above contact addresses, and we will seek to address any concerns you may have.  If you are not happy with how we have attempted to resolve your complaint, you may contact the relevant data protection authority.

    When We are a Processor

    EU data protection law (and certain other data protection laws) makes a distinction between organizations that process personal data for their own purposes (known as “data controllers”) and organizations that process personal data on behalf of other organizations (known as “data processors”).   We sometimes act as  data controller (for instance, when we make decisions about the data that comprises our own datasets) and most of the times act as a processor (for instance, if we process the personal data of resident, owner or end-user of our Client, such as to collect, store, analyze or use it solely for our Client’s benefit and at their direction as part of the Services we provide. We generally are only able to help data subjects exercise their rights as to the personal data we are a data controller of. If you have a question or request as to data we’re a processor of, you should generally address that to the relevant data controller.

    C. Exercising Your Rights

    This provides for instructions on how you can exercise your rights under applicable Data Privacy Laws.

    1. How to Exercise Your Rights

    To submit a request to access, rectify, delete, port your personal data you can submit a request to us either:
        ● by email at [email protected]; or
        ● by calling us at 1-855-489-5972

    Note in the body of the email the specific right you want to exercise. In the subject line, include “<Your State/Country> Consumer Request”.

    To protect the privacy and security of your personal information, we will attempt to verify your identity before acting on your request.  Your request must include details sufficient for us to properly understand, evaluate, and respond to the request.

    Please also note that as part of the verification process, we’re required to consider:
        • the difficulty of verifying whether data that we hold and data we have linked to it truly and solely belongs to the data subject making the request, along with; and
        • the potential adverse effects on disclosure of personal data to the wrong individual (or a person who is purposefully seeking the information of another) because such improper disclosure would likely adversely affect the privacy rights and freedoms of the relevant data subject/consumer, we limit certain personal data we make available.

    2. Use of an Authorized Agent

    An agent legally authorized to act on your behalf—may make a verifiable request related to your personal information. If you are making a request through an authorized agent, you must provide the authorized agent with written permission to do so, and a power of attorney that fulfills the requirements of the Data Privacy Laws. We may request more information from the authorized agent (or from you) if needed to verify the authorized agent’s identity or to avoid any breach of security or instances of fraud.

    3. Minors

    We do not knowingly collect personal information of minors (minority age depends on the applicable Privacy Laws) under the age of 13, nor are our Sites or Services developed for, offered to, or directed at children under the age of 13. If you believe that we have collected information of a child under the age of 13, please contact us and we will take appropriate action.

    4. Shiftsuite as a Service Provider

    Most of the time we act as a “Service Provider” to other companies, our Clients — for instance, when we help other businesses use their own customers’ information as we provide our Services to them. As to personal information that we hold as a “Service Provider,” you would generally need to reach out to the business (our Clients) or we will refer your request to them so they can act on your request to exercise your rights stated here.

    IX. Changes to this Privacy Notice

    Changes to this Privacy Notice will be posted on this page. If we make a material change to our privacy practices, we will provide notice on our Site or by other means as appropriate. If we are required by applicable data protection laws to obtain your consent to any material changes before they come into effect, then we will do so in accordance with law.

    X. Contact Us

    If you have any questions, or complaints, regarding the collection or use of your personal information or the content of this notice, please contact our Privacy Officer at the coordinates below.

    Privacy Officer
    InhabitIQ
    2035 Lakeside Centre Way, Suite 250, Knoxville, Tn 37922
    [email protected]

    We respect your privacy rights and commit to the security of your personal information. If you do not agree to how we process your personal information as discussed in this Privacy Notice, please reach out to us. Please also see our Terms of Use  for more information on the Services we provide.

    [separate page]
    Your California Privacy Choices
    (linked title – posted in all pages of the website, beside the privacy policy link in your website footer/header. Also please include the opt-out icon next to the title—this icon must be similar in size to the other icons in the business’s header or footer)

    LIMIT THE USE OF MY SENSITIVE PERSONAL INFORMATION

    Under the California Consumer Privacy Act of 2018 (“CCPA”) and the California Privacy Rights Act (“CPRA”), you have the right to request that we limit our disclosure or use of sensitive personal information (as defined by California law) to certain disclosures or uses specified by in the CCPA and CPRA.

    Therefore, you may request us to limit the use of your sensitive personal information to only what is necessary for us to perform our Services or for other business purposes (e.g. auditing, security, debugging, quality assurance and service improvement).
    We will notify you if at any point we intend to use your sensitive personal information for any additional purposes.

    DO NOT SELL OR SHARE MY PERSONAL INFORMATION

    California Consumers have the right to opt out of “sales” of their personal information.
    California law broadly defines sale such that it may include allowing third parties to receive certain information, such as cookies IP address and/or browsing behavior, to deliver targeted advertising. This means that if you make a request to opt out of our “sales” of personal information, it will likely have a direct impact on the types of advertisements you see online. We will honor requests to opt out of “sales” of your personal information.
    Please note that we do not sell your Personal Information or share your personal information with third parties for their own marketing purposes.

    HOW TO EXERCISE YOUR RIGHTS

    You have the right to opt out of the sharing and selling of your personal information and limit the use of your sensitive personal information by completing and submitting the form below.
    You may also send your request by email at [email protected]. In the subject line, include “California Consumer Request,” and note in the body of the email that you would like to opt-out of sale or limit the use of your sensitive personal information. For more information about your rights as a California resident, you can visit our California Privacy Rights (linked).

    First Name:
    Last Name:
    Email Address :
    Opt out of sharing and selling of my personal information
    Limit the use of my sensitive personal information
    SUBMIT  (button)