Synchrous Risk Management Privacy Policy

Synchrous Risk Management (“Synchrous”) values you as a customer and respects your privacy. Synchrous maintains strict customer information privacy policies and uses state of the art technologies to safeguard customer information from unauthorized intrusions. We do not sell, rent, license, trade or otherwise disclose the Customer Information of our customers without the consent of the customer except as described in this Privacy Policy and in our Terms of Use. This Privacy Policy and the Terms of Use constitute a legally binding contract between Synchrous and its customers, either as an individual or entity user acting through its authorized individuals (“Customer,” “you,” “your”), as well as users and visitors to our website (“Users”).

What We Collect.

Synchrous collects information from our customers at various points on our website (through online forms, cookies, widgets, log files and clear gifs) and through the use of Synchrous’ services. This information may include your name, address, email, IP address, type of web browser used, etc. By establishing a customer account with us and using our website, you are consenting to the terms and conditions of this Privacy Policy. The time period for which we keep information varies according to how we use the information. In some cases, there are legal and business requirements to keep data for a minimum period.

Comments. When visitors leave comments on the site, we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection. An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media. If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Cookies. If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year. If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser. When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed. If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded Content from Other Websites. Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website. These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Registration. For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What is a Cookie? Cookies are small data text files and can be stored on your computer’s hard drive. Most browsers will tell you how to prevent your browser from accepting new cookies and how to disable cookies altogether. Please note that if you refuse to accept cookies, you may not be able to access many of the services and information offered on our sites.

What is a Widget? Widgets are interactive mini-programs that run on our site to provide specific services from another company (e.g., links to bookmarked sites), along with buttons or other tools that link to other companies’ services (e.g., a “Like” button or third-party map). The widget, button or tool may collect and automatically send Customer Information, such as a User’s e-mail address, or other information (such as a User’s browser information, or IP address), to a third party. Information collected or used by a widget, button or tool, including cookie settings and preferences, are governed by and subject to the privacy policy of the company that created it.

How We Use the Information.

Synchrous uses Customer Information to provide our services to the Customer, to monitor and operate our network and website, to communicate with the Customers, and to bill and collect for the services. Synchrous will contact customers via email and/or telephone to provide information about enhancements or changes to Customer’s services. Customers cannot opt-out from receiving this type of correspondence as it is directly related to their account and services. If Customer consents, Synchrous may share Customer Information with other selected third-party partners that offer complementary products or services. In addition to the disclosure described below, Synchrous may share certain customer information with affiliated third parties where those third parties treat such information consistent with this Privacy Policy and where such use is for the provision of a component of the Synchrous service (such as billing & collection.) By activating the Electronic Payment service on our website, you authorize Synchrous or its authorized agent, to debit or charge your account, which allows your payment to be forwarded to us, based on the payment instructions you provide. Some of the Customer Information uses specified in this Section are not mandatory and may be controlled by you. Please refer to Section 8 below for information on opt-out options.

Standard of Care.

Synchrous acknowledges that, in the course of its engagement by Customer, Synchrous may receive or have access to Customer Information. Synchrous will comply with the terms and conditions set forth in this Privacy Policy in its collection, receipt, transmission, storage, disposal, use and disclosure of such Customer Information and be responsible for the unauthorized collection, receipt, transmission, access, storage, disposal, use and disclosure of Customer Information under its control or in its possession by all Authorized Employees.

In recognition of the foregoing, Synchrous agrees and covenants that it will:

Keep and maintain all Customer Information in strict confidence, using such degree of care as is appropriate to avoid unauthorized access, use or disclosure;

Use and disclose Customer Information solely and exclusively for the purposes for which the Customer Information, or access to it, is provided pursuant to the terms and conditions of this Privacy Policy and any contract or service agreement, and not use, sell, rent, transfer, distribute, or otherwise disclose or make available Customer Information for Synchrous’s own purposes or for the benefit of anyone other than Customer, in each case, without Customer’s prior written consent or as otherwise permitted in any contract or service agreement; and

Notwithstanding the foregoing, contingent on receipt of written notice, Synchrous may preserve or disclose all information that is or comes into Synchrous’s possession or control, including Customer Information, if Synchrous believes that it is reasonably necessary to comply with applicable law, regulation or a lawful order (like a search warrant, court order or subpoena) from a competent judicial, administrative or law enforcement authority with jurisdiction over Synchrous or such information. U.S. law authorizes Synchrous to respond to requests for user information from foreign law enforcement agencies that are issued via U.S. court either by way of a mutual legal assistance treaty or a letter rogatory. It is Synchrous’s policy to respond to such U.S. court ordered requests when properly served. We may also access, preserve and share Customer Information and other information when we have a good faith belief it is necessary to: detect, prevent and address fraud and other illegal activity; to protect ourselves, you and others, including as part of investigations; and to prevent death or imminent bodily harm.

Information Security.

Synchrous represents and warrants that its collection, access, use, storage, disposal and disclosure of Customer Information does and will comply with all applicable federal and state privacy and data protection laws, as well as all other applicable regulations and directives, provided that Customer specifically acknowledges and agrees that Synchrous is not acting on your behalf as a business associate or subcontractor.

Without limiting Synchrous’ obligations, Synchrous will implement commercially reasonable administrative, physical and technical safeguards to protect Customer Information that are consistent with accepted industry practices, including:

Taking measures to prevent physical access, such as security systems for securing theremises;

System access controls, which may include authentication via passwords and/or two-factor authentication, documented authorization processes, documented change management processes, logging of access/log-ins, and firewall protections

Data access controls, to ensure that Customer Information cannot be read, copied, modified or removed without authorization; and

Except as otherwise specified in any contract or service agreement, transfers of data outside our website are not encrypted. The content of communications (including sender and recipient addresses) sent through some email or messaging services may not be encrypted once received through such services. Customer is solely responsible for the results of its decision to use non-encrypted communications or transmissions.

At a minimum, Synchrous safeguards for the protection of Customer Information will include: (i) limiting access of Customer Information to Authorized Employees and Authorized Persons; (ii) securing business facilities, data centers, paper files, servers, back-up systems and computing equipment including, but not limited to, all mobile devices and other equipment with information storage capability; (iii) implementing network, device application, database and platform security; (iv) securing information transmission, storage and disposal; (v) implementing authentication and access controls within media, applications, operating systems and equipment; (vi) strictly segregating Customer Information from information of Synchrous or its other customers so that Customer Information is not commingled with any other types of information; (vii) implementing appropriate personnel security and integrity procedures and practices including, but not limited to, conducting background checks consistent with applicable law; and (viii) providing appropriate privacy and information security training to Synchrous’ employees.

When Will Synchrous Disclose Customer Information?

Synchrous acts as a passive conduit for the distribution and receipt of your voice and data transmissions and does not monitor, edit, or disclose the contents of a customer’s communications unless required to do so by law or in the good faith belief that such action is necessary to: (1) conform to the edicts of the law or comply with legal process served on Synchrous (see Section 3 for more information); (2) protect and defend the rights or property of Synchrous; or (3) act under exigent circumstances to protect the personal safety of its Customers or the public. Synchrous may also use Customer Information to investigate and help prevent potentially unlawful activity or activity that threatens the network or otherwise violates the Customer agreement for that service. While Synchrous cannot be responsible for the content, dialing or transmission patterns, or abuse of service of and by its customers or those sending transmissions to its Customers, it is our intention to use legally available means to prevent use of the services for any illegal purpose including, but not limited to, distribution and receipt of unsolicited commercial faxes (“junk faxes”) and harassing phone calls.

Security Breach Procedures.

Synchrous will inform Customer within fourteen (14) business days if Synchrous determines that Customer Information has been subject to a Security Breach.  Notification shall be made by telephone, mail, or email to Synchrous’s primary business contact with Customer.  Synchrous will promptly investigate any Security Breach and take reasonable measures to identify its root cause(s) and prevent a recurrence. As information is collected or otherwise becomes available, Synchrous will provide Customer with a description of the Security Breach, the type of data that was the subject of the Security Breach, and other information Customer may reasonably request concerning the affected persons. Synchrous will coordinate in good faith with Customer to develop the content of any related public statements or any required notices for the affected persons.

Disclaimer.

Synchrous cannot guarantee the confidentiality or security of your browser or any communication transmitted or accessible over the internet. It is important for you to take precautions to prevent unauthorized access to your password and your computer. Be sure to sign off when finished using a shared computer. Synchrous does not represent, warrant, or guarantee that Customer Information will be protected against unauthorized access, loss, misuse or alterations. Similarly, Synchrous disclaims liability for Customer Information submitted through its website. Customers and Users are hereby advised that they submit such Customer Information at their own risk. In the event that Customer Information is acquired, or you or Synchrous reasonably believes that your Customer Information has been acquired, by an unauthorized person and applicable law requires notification, Synchrous will promptly notify you by e-mail, fax, or U.S. mail, consistent with the reasonable needs of law enforcement and/or Synchrous in order to determine the scope of the breach and to investigate and restore the integrity of the data system.

Privacy Choices.

Synchrous believes in permission-based marketing and tracking and provides Customers with options to customize and control the Customer’s preferences. If Customer has a concern, please contact Synchrous directly. To customize and control the Customer’s preferences for receiving electronic information, including opting in to (or out of) newsletters and general interest areas through the Customer’s profile, contact Synchrous directly. The Customer may opt out of e-mail marketing at any time. Synchrous visitors who do not wish to have cookies placed on their computers should set their browsers to refuse cookies before using Synchrous’s websites. Customer understands that certain features of Synchrous’s website may not function properly without the aid of cookies.

Choice of Law.

This Privacy Policy shall be subject to and governed by the laws of the state of Washington. Any dispute, controversy, or claim arising out of or in connection with or relating to this Privacy Policy or any breach or alleged breach hereof, will, upon the request of any party involved, be submitted to, and settled by, arbitration in Vancouver, Washington, pursuant to the American Arbitration Association rules of arbitration.  Any award rendered shall be final and conclusive upon the parties and a judgment thereon may be entered in the highest court of the forum, state or federal, having jurisdiction. In the event that neither party requests Arbitration, each customer hereby consents to the exclusive jurisdiction of Clark County, Washington, Superior Court in any action on a claim arising hereunder.

Privacy Question or Concerns.

If you have any comments, questions or concerns about our Privacy Policy you may contact us.

Changes to Synchrous’ Privacy Policy.

We may make changes to this policy from time to time so be sure to check back periodically. We may also notify our customers by e-mail of significant changes.

California Residents.

California Residents Under California Civil Code Section 1798.83 (also known as S.B. 27), if a Customer/User is a California resident and the Customer/User’s business relationship with Synchrous is primarily for personal, family, or household purposes, the Customer/User may request certain data regarding Synchrous’ disclosure, if any, of Customer Information to third parties for the third-party’s direct marketing purposes. To make such a request, please fill out an inquiry form; the Customer/User may make such a request up to once per calendar year. If applicable, we will provide you, by e-mail, a list of the categories of Customer Information disclosed to third parties for their direct marketing purposes during the immediately preceding calendar year, along with the third parties’ names and addresses. Please note that not all Customer Information sharing is covered by S.B. 27’s requirements.

Definitions.

Capitalized terms used in this Privacy Policy will have the meanings set forth in this Section 13.  Other terms have the definitions provided for them in any contract or service agreement or as otherwise specified below.

“Authorized Employees” means Synchrous’ employees who have a need to know or otherwise access Customer Information to enable Synchrous to perform its obligations under any contract or service agreement.

“Authorized Persons” means (i) Authorized Employees; and (ii) Synchrous’ contractors, agents and auditors who have a need to know or otherwise access Customer Information to enable Synchrous to perform its obligations under any contract or service agreement, and who are bound in writing by confidentiality obligations sufficient to protect Customer Information in accordance with the terms of this Privacy Policy.

“Customer” means the Customer that has purchased services from Synchrous or who is visiting the website.

“Customer Information” means information provided to Synchrous by or at the direction of Customer, or to which access was provided to Synchrous by or at the direction of Customer, in the course of Synchrous’ performance under any contract or service agreement that: (i) identifies or can be used to identify an individual (including, without limitation, names, signatures, addresses, telephone numbers, e-mail addresses and other unique identifiers); (ii) can be used to authenticate an individual (including, without limitation, employee identification numbers, government-issued identification numbers, passwords and PINS, financial account numbers, answers to security questions and other personal identifiers); or iii) information provided by a third-party system to which Synchrous is provided access to perform Services.  Customer’s business contact information is not by itself deemed to be Customer Information.

“Security Breach” means any act or omission that materially compromises either the security, confidentiality or integrity of Customer Information or the physical, technical, administrative or organizational safeguards put in place by Synchrous or any Authorized Persons that relate to the protection of the security, confidentiality or integrity of Customer Information