ReFocus AI Privacy Policy
Effective date: 09/11/2020
We know privacy and data security are important for business and individuals. That’s why we at ReFocus are committed to protecting your privacy and information. ReFocus considered personal information to be confidential. We protect the privacy of that information in accordance with federal and state privacy laws, as well as our own company privacy policies.
This Privacy Policy describes the data protection practices of ReFocus AI Inc. (“ReFocus,” “we,” “us,” or “our”). This Privacy Policy applies to information that we collect, receive, use, store, transfer, or process when you access or use ReFocus’s website, Services, or otherwise interact with Us. We periodically update this Product Privacy Policy. We will post any changes on this page.
This policy is supplemental to, and forms an integral part of, the Terms of Service Agreement (“Agreement”), and is effective upon its incorporation into the Agreement, which incorporation may be specified in the Agreement, an Order, or an executed amendment to the Agreement. The terms of this policy shall follow the terms of the Agreement.
This policy also explains your choices surrounding how we use information about you, which include how you can object to certain uses of information about you and how you can access and update certain information about you. If you do not agree with this policy, do not access or use our Services or interact with any other aspect of our business.
1. Definitions
SERVICE means the refocusai.com website and ReFocus mobile application operated by ReFocus AI Inc.
PERSONAL DATA means data about a living individual who can be identified from those data (or from those and other information either in our possession or likely to come into our possession).
SERVICE DATA means any content, data, or information You provide to ReFocus by virtue of Your use of the Service.
USAGE DATA is data collected automatically either generated by the use of the Service or from Service infrastructure itself (for example, the duration of a page visit).
COOKIES are small files stored on your device (computer or mobile device).
DATA CONTROLLER means a natural or legal person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be, processed. For the purpose of this Privacy Policy, we are a Data Controller of your data.
DATA PROCESSORS (OR SERVICE PROVIDERS) means any natural or legal person who processes the data on behalf of the Data Controller. We may use the services of various Service Providers in order to process your data more effectively.
DATA SUBJECT is any living individual who is the subject of Personal Data.
THE USER is the individual using our Service. The User corresponds to the Data Subject, who is the subject of Personal Data.
2. Your Responsibilities
Within the scope of the Agreement and in its use of the services, Users shall be responsible for complying with all requirements that apply to it under applicable data protective, privacy, and security laws with respect to Your processing and transmittal of information to ReFocus. You acknowledge and agree that You shall be solely responsible for:
- Accuracy, quality, and legality of any information, including any user content;
- Complying with all necessary laws concerning the collection and use of user content, including obtaining any necessary consents and authorizations;
- Ensuring You have the right to transfer, or provide access to, the User Content to ReFocus for purposes of providing the Services under the Agreement.
3. Information Collection and Use
We collect several different types of information for various purposes to provide and improve our Service to you. When you use our Service, we may ask you to provide certain personal information and other information.
4. Types of Data Collected
Personal Data
While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you (“Personal Data”). Personally identifiable information may include, but is not limited to:
- Email address
- First name and last name
- Phone number
- Address, State, Province, ZIP/Postal code, City
- Cookies and Usage Data
We may use your Personal Data to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you. You may opt out of receiving any, or all, of these communications from us by following the unsubscribe link or by emailing at support@refocusai.com.
Usage Data
We may also collect information that your browser sends whenever you visit our Service or when you access Service by or through a mobile device (“Usage Data”).
This Usage Data may include information such as your computer’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.
When you access Service with a mobile device, this Usage Data may include information such as the type of mobile device you use, your mobile device unique ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browser you use, unique device identifiers and other diagnostic data.
Tracking Cookies Data
We use cookies and similar tracking technologies to track the activity on our Service and we hold certain information.
Cookies are files with a small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Other tracking technologies are also used such as beacons, tags and scripts to collect and track information and to improve and analyze our Service.
You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.
Examples of Cookies we use:
- Session Cookies: We use Session Cookies to operate our Service.
- Preference Cookies: We use Preference Cookies to remember your preferences and various settings.
- Security Cookies: We use Security Cookies for security purposes.
Service Data
We may collect data by virtue of Your use of the Service. In other words, the data that You provide to Us in connection with our Services. By using our Service, You agree that We may collect the following types of Service Data: internal authentication such as passwords; insurance related information, such as past and present insurance claims and prior insurance carriers; external identity information such as name, username, government issued identification, demographic information, medical and health records, and physical characteristics; financial institution information; social communication preferences such as professional titles, academic titles, and communications.
5. Use of Data
ReFocus uses the collected data for various purposes:
- to provide and maintain our Service;
- to notify you about changes to our Service;
- to allow you to participate in interactive features of our Service when you choose to do so;
- to provide customer support;
- to gather analysis or valuable information so that we can improve our Service;
- to monitor the usage of our Service;
- to detect, prevent and address technical issues;
- to fulfill any other purpose for which you provide it;
- to carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection;
- to provide you with notices about your account and/or subscription, including expiration and renewal notices, email-instructions, etc.;
- to provide you with news, special offers and general information about other goods, services and events which we offer that are similar to those that you have already purchased or enquired about unless you have opted not to receive such information;
- in any other way we may describe when you provide the information;
- for any other purpose with your consent.
We may aggregate and/or anonymize information collected through the Services so that such information does not identify you as the source of the information. We may use such information to improve the Services, by and through any third-party we use to integrate Services with the users’ database, for research.
6. Retention of Data
We will retain your all data provided by you only for as long as is necessary for the purposes set out in this Privacy Policy, including without limitation in anonymized form in order to provide, maintain, and improve our Service. We will retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.
7. Transfer of Data
Because ReFocus is a US-based company, Your information will be collected and processed in the United States. The United States has its own laws governing data protection and government access to information. The rules that protect Your personal information under United States law may be different than in Your home country. If You choose to use the Services, You need to agree with the Agreement, which set out the contract between ReFocus and its Users.
To the extent You reside outside of the United States, ReFocus will comply with applicable laws regarding collection and transfer of personal information from countries that have privacy or data security laws, including but not limited to the General Data Protection Regulation (GDPR).
ReFocus will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information.
8. Sharing of Information
In certain situations, we may be required to disclose personal information in response to lawful requests by government authorities. We may disclose personal information to respond to subpoenas, court orders, or legal process, or to establish or exercise our legal rights or defend against legal claims. We may also share such information if we believe it is necessary in order to investigate, prevent, or act regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our Terms, or as otherwise required by law.
In certain circumstances, we share personal information with third parties where disclosure is necessary in connection with the delivery and offering of the Online Services to you and the operation of our business (for example, to provide payment-card processing, business analytics). These third-party service providers are required to protect personal information we share with them and may not use any directly identifying personal information other than to provide the services for which we have contracted them. They are not allowed to use the personal information we share for purposes of their own direct marketing (unless you have separately consented to such use under the terms provided by the third party). Any information shared will be governed by the third-party provider’s privacy policy (including any personal information we may access via the third-party provider). These third-party providers should inform you about how you can modify your privacy settings on their sites.
9. Security of Data
The security of your data is important to us but remember that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security. ReFocus protects your information with industry standard technical and organizational measures to secure the information we store. ReFocus have implemented controls and measures to protect the confidentiality, integrity, and availability of our Service, including without limitation, Amazon Simple Storage Service (“S3”), AES-256 encryption, and two-factor authentication.
10. Your Data Protection Rights Under General Data Protection Regulation (GDPR)
Data protection law in Europe requires a “lawful basis” for collecting and retaining personal information from citizens or residents of the European Economic Area. Our lawful bases include use of information as described throughout this Privacy Policy. In addition, our use may include:
- To establish and maintain contractual relationships with Our Members, including Project Creators;
- To comply with our legal obligations: For example, there may be times where we need to (1) demonstrate compliance with applicable privacy and data security law, (2) comply with incident monitoring, reporting, assessment, and notification requirements, or (3) comply with other applicable criminal and civil law and regulatory requirements under federal, state, and international law.
- To provide services and information that You request and consent to receive: This includes:
- To provide customer service and support;
- To communicate with You, including responding to Tour comments, questions, and requests;
- To process and complete transactions, and send You related information, including purchase confirmations and invoices;
- o To provide direct marketing, email, and other distributed information distribution.
If You have consented to Our use of information about You, You have the right to change Your mind at any time, but this will not affect any processing that has already taken place. Where We are using Your information because We or a third party (e.g. payment processor) have a legitimate interest to do so, You have the right to object to that use, though, in some cases, this may mean You can no longer use the Ecosystem and/or Services.
11. Your Data Protection Rights under the California Privacy Protection Act (CCPA)
If You are a California resident, there are some additional rights that may be available to You under the California Consumer Protection Act (“CCPA”). This policy explains the tools that we have made available to You to exercise your data rights under the CCPA, such as the right to deletion and the right to request access to the categories of information we have collected about You. We encourage You to manage your information, and to make use of the privacy controls we have included in our Services. You will not be discriminated against for exercising any of Your privacy rights under the CCPA.
You have the right to request the deletion of any Personal Information about You. In order to protect Your information from unauthorized access or deletion, we may require You to provide additional information for verification. Upon receiving a verified request to delete your Personal Information, we will do so unless otherwise authorized by law. If we cannot verify Your identity, we will not provide or delete Your information.
If You are a California resident you may have the right:
- to request disclosure of the categories and specific pieces of information collected about You;
- to request the disclosure of the business purpose for collecting or selling Personal Information; the categories of third parties with whom it is shared, and the categories of sources from which Personal Information is collected;
- to request the deletion of Your Personal Information Personal Information, subject to the limitations set forth in California Civil Code Section 1798.105(d); and
- not to be discriminated against for exercising the rights guaranteed by California Civil Code Section 1798.100 et seq.
This policy describes the categories of personal information We may collect, the sources of that information, and Our deletion and retention policies. We’ve also included information about how we may process Your information, which includes for “business purposes” under the CCPA – such as to protect against illegal activities, and for the development of new products, features, and technologies.
Our Policy on “Do Not Track” Signals:
We honor Do Not Track signals and do not track, plant cookies, or use advertising when a Do Not Track browser mechanism is in place. Do Not Track is a preference you can set in your web browser to inform websites that you do not want to be tracked.
You can enable or disable Do Not Track by visiting the Preferences or Settings page of your web browser.
12. Third Party Links
The Services contain links to third-party websites. If you choose to use these sites or features, you may disclose your information not just to those third-parties, but also to their users and the public more generally depending on how their services function. We are not responsible for the content or practices of those websites or services. The collection, use, and disclosure of your information will be subject to the privacy policies of the third-party websites or services, and not this Privacy Policy. We urge you to read the privacy and security policies of these third-parties.
13. Payments
We may provide paid products and/or services within Service. In that case, we use third-party services for payment processing (e.g. payment processors).
We will not store or collect your payment card details. That information is provided directly to our third-party payment processors whose use of your personal information is governed by their Privacy Policy. These payment processors adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of payment information. We recommend you visit the third-party service’s and review its privacy policies.
14. Links to Other Sites
Our Service may contain links to other sites that are not operated by us. If you click a third-party link, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site you visit. You accept and agree that We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services.
15. Children’s Privacy
Our Services are not intended for use by children under the age of 18 (“Child” or “Children”).
We do not knowingly collect personally identifiable information from Children under 18. If you become aware that a Child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from Children without verification of parental consent, we take steps to remove that information from our servers.
16. Changes to This Privacy Policy
We may update our Privacy Policy from time to time. It is strongly recommended to check this page often, referring to the date of last modification listed at the top. You will NOT be notified of to the Privacy Policy. If the user objects to any of the changes to the Policy, the User must cease using this Application and can request that ReFocus erase the Data. Unless stated otherwise, in writing, the current privacy policy applies to all Data ReFocus has about Users.
17. Contact Us
If you have any questions about this Privacy Policy, please contact us:
By email: support@refocusai.com.