Soteria Worx Privacy Notice
(Updated: April 4, 2023)
We are committed to protecting your privacy and all personally identifiable data on our website servers. If you have any questions about data security or if you believe you have discovered an issue, please contact us immediately via email at help at SoteriaWorx.com (Subject line: Data Security).
Soteria Worx, LLC (“Soteria”) has prepared this Privacy Notice (“Notice”) to describe our practices regarding the collection and use of your personal data (as defined below). It explains about the types of information we collect from our website and during our working relationship with you in the fulfillment of the services we provide you as our customer. It also explains what we may do with your information.
In this Notice, we will outline and describe the following with respect to the personal data that we collect:
- What information we collect
- How we collect it
- How we use it
- With whom we share your information
- What we disclose internationally
- How long we keep your information
- Your rights under the law
- The security of your information
- Our website data privacy contact information
- Our policy regarding children
- Information for California Residents
1. What information we collect:
A. Information you provide
If you are just browsing our website, we do not ask you to enter any personal information about yourself unless you complete a form of any kind that is necessary to begin our working relationship with you.
If you wish to take action on any service related to our website or our company, the personal information that you provide may include your full name, physical address (including zip code), email address, and phone number.
We also collect information in the form of the content that you submit during your use of our platform, which may include photos, your personal comments and positions on topics that you may comment on, which could include.
We may also collect your username/handle from social media platforms you interact with when you connect to us from them or wish to connect to them from us.
We may also combine information you provide with personal data we collect automatically (as further described in Part I, Section B below) and with data we receive from third-parties.
We may also associate information you provide with information we collect about you from different devices, browsers and platforms.
B. Information collected automatically
Certain information that identifies you may be passively collected and stored on our or our service providers’ server logs, including your Internet Protocol (“IP”) address, browser type, operating system and information regarding what website pages you accessed, and when you accessed them.
This allows us to help you better navigate our website so you don’t have to start over every time you visit. (Note: An IP address is a number that is automatically assigned to your computer when you use the Internet. In some cases your IP address stays the same from browser session to browser session; but if you use a consumer Internet access provider, your IP address may vary from session to session.)
We also use cookies and navigational data like Uniform Resource Locators (“URL”) to gather information regarding the date and time of your visit our website or access our content through an email or advertising campaign, and the information you searched and/or viewed.
This type of information is collected to make our services more useful to you and our clients, and to tailor the experience with us to meet your special interests and needs.
“Cookies” are small pieces of information that a website sends to your devices while you are viewing a website. We may use both session cookies (which expire once you close your web browser) and persistent cookies (which stay on your computer until you delete them) to provide you with a better experience with our website and company.
Persistent cookies can be easily removed by following your Internet browser directions.
If you choose to disable Cookies, some aspects of our website may perform differently, for instance, you will need to re-enter your information each time you return to use our website.
We seldom if ever offer third-party advertising on our website unless they are trusted partners of Soteria, however if we do, we will respond to “do not track signals” or other mechanisms that might enable our website visitors to opt out of tracking on the Soteria website.
By using our website and agreeing to this policy, you consent to our use of cookies in accordance with the terms of this policy.
C. Information collected from third-parties
In addition to the information that we collect as described above, we also collect information about you from our third-party integrators and vendors.
These parties are used by us to run our website more efficiently and integrate our services with our customers and clients, so that you can take action and participate in campaigns through our website.
The information that we collect through these channels includes your geo location data, derived from the address that you submit,
2. How we collect your information:
We collect your personal data in a number of ways, and this section will describe those methods.
A. Your direct interaction with us
We collect your personal data when you interact directly with us by coming to our website to browse or to enter information in a campaign that uses our website.
B. From our clients
Another way we collect your personal data is from being a client of our company. If you provide your information via a campaign that uses our website, we will collect the information you provide on the form such as name, e-mail address and the full content of your message, including attached files, and other information you provide.
This method of personal data submission to us could occur (i), for instance if you complete a form created by an advertiser, but powered by Soteria, or (ii) where the advertiser captures the data you enter and then transmits that data to us.
C. From Third-Party Technologies and Social Network Sites
We may receive personal data about you from other sources with which you have interacted, such as through third-party technologies that are integrated into the Services like Alexa, which is owned by Amazon, or through social networks like Facebook or Twitter when you grant us permission to access these technologies to further use website or business services.
We may associate this personal data obtained from these sources with the other personal data we have collected about you from other sources as described in this Notice.
We do not control or supervise how these third-parties process your personal data, and any information request that you have regarding the disclosure of your personal data from them to us should be made directly to those third-parties.
D. Third-party analytics
Third-parties who provide us with analytics services for our website and business services may collect some of the information described in Section I, including, for example, IP address, access times, browser type and language, device type, device identifiers and Wi-Fi information.
For instance, we use Google Analytics and similar services to perform certain analytical tasks about our web user’s activities. We use the User-ID feature of Google Analytics to combine behavioral information across devices and sessions (including authenticated and unauthenticated sessions).
3. How we use your information and the legal basis for sharing it:
We may use your information to process information you have submitted on a form either through one of our partner’s campaign forms on a Soteria website form; via text message, voice recognition, conversational messaging system, Ai, or via a phone call;
we may seek your views or comments on the services we provide such as a customer review or customer feedback form;
send you marketing materials and information about other Soterial products with your consent;
invite you to refer others to use our services which may require providing their personal information on a customer referral form, to carry out our obligations arising from our website’s Notices and Terms arising from any contracts entered into by us with you as our customer;
provide, create and maintain a trusted and safer environment and to comply with our legal obligations.
Applicable laws require us to have a “legal basis” for using and sharing your information. These legal bases include the following:
Your consent – to fulfill your express requests.
To carry out our legitimate interests on our website. (“Legitimate interests” is a concept in data protection law which essentially means we have a good and fair reason to use your personal data and we do so only if our interests are not overridden by your fundamental rights and freedoms).
We sometimes require your data to pursue our legitimate interests in a way that might reasonably be expected as part of running our business, including using the information you have shared with us or that we have gather, to enforce the Terms of our working relationship (see Terms and Conditions of Service under legal notices).
To fulfill our obligations with you when the processing is necessary to perform a contract with you, like that of our Terms and Conditions of Service (Terms) which govern our working relationship with you.
To measure the adequate performance of our interactions with you, and to comply with applicable laws.
To promote the safety and security of other our users of our website in our forums, blog, chat community, and other integrated parts of our website. For example, we may use the information to protect against fraud and abuse, respond to a legal request or claim, conduct audits, and enforce our Terms and other applicable policies.
4. How We Share Your Information
A. With your consent
Where you have provided express and unambiguous consent, we share your personal data as described at the time of consent. We do not otherwise share any of your personal data that identifies you, except as instructed by you or required by law.
The specific ways in which you consent to share the personal data you provide to us is when we enable you to send individual emails and related messages to prospective new customers of Soteria so that you can benefit from our Customers Rewards Program or Referral Program.
These messages may include your full name, e-mail address, mailing address and other contact information you may have provided as part of the submission.
You are solely responsible for the specific message(s) you send to those you want to refer to our service and agree not to use any personally identifiable information of anyone on our website except where it is fully encrypted like that in our designated referral forms and feedback forms.
Information you share publicly in relation to your customer experience with us may be indexed through third party search engines, such as Google or Bing.
We do not control or be responsible for the practices of third party search engines, and they may use caches containing your outdated information.
You acknowledge that personal data that you submit when you take action on our website or related online forms may be available, via the internet, around the world.
We cannot prevent the use (or misuse) of such personal data by others.
B. Third-Party Sub-Processors
We use third-party sub-processors (including contractors and service providers) to provide the information and services we provide and to help with our operations, which may require that these sub-processors have access to and use your personal data.
For example, we may use a third-party to communicate with you (via telephone, email, or SMS) to provide customer support, to receive additional data about you like financing a large project through one of our lenders, and to perform analytics and other work that we may need to outsource.
The sub-processors are bound by law and/or contract to protect the confidentiality and security of personal data, and to only process your personal data to provide requested services and only act on our documented instructions.
We take your privacy seriously so we will seek to take legal action against any of our processors or sub-processors as the law allows.
C. Third-Party websites
We may provide links to other websites, such as social network sites (Facebook, Twitter, Instagram, etc.) and other websites may provide links to our website.
Third-party websites operate according to their own terms of use and privacy policies. Soteria has no control over such third-party websites, and by using our website and services, you acknowledge and agree that we are not responsible for the availability of such third-party sites, and do not endorse and are not responsible or liable for any content, advertising, products or other materials on or available from such sites.
You further acknowledge and agree that Soteria will not be responsible or liable, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with use of or reliance upon any content, advertising, products, or other materials on or available from such sites.
D. De-identified information about you
We may also share aggregated or de-identified information (i.e., information that does not personally identify you directly), or statistical information about you, including statistical data and historical use data, with others for a variety of purposes, including for their own uses, for example, for improving their services for you and others, or for educational purposes.
Your personal data will not be shared on an individual, identifiable basis under these circumstances, nor can you ask us to restrict this type of sharing, since it does not identify you.
E. As required by law or legitimate business interest
In addition, we may disclose your personal data where such disclosure is necessary for compliance with a legal obligation to which we are subject, or in order to protect your interests, the interests of another natural person, or Soteria.
Likewise, we may disclose your personal data to our professional advisers as reasonably necessary for the purposes of managing risks, obtaining professional advice, or the establishment, exercise of or defense of legal claims whether directed at is or directed towards you, whether in court proceedings or in an administrative or out-of-court procedure.
Also, we may share some or all of your personal data in connection with or during negotiation of any merger or similar transaction involving sale or transfer of some or all of our business or assets – like that of Soteria selling its company to a third party.
If another company acquires our company or assets, that company will possess the personal data collected by us and will assume the rights and obligations regarding your personal data as described in this Privacy Notice.
5. We may disclose your personal data internationally:
A. Our Headquarters
Our headquarters are in Alachua County State of Florida, United States. Whether or not you live in the United States, information we collect from you will be processed in the United States. The United States has not sought nor received a finding of “adequacy” from foreign officials, including the European Union under Article 45 of the GDPR.
We rely on derogations for specific situations as set forth in Article 49 of the GDPR. In particular, for EEA residents, if you choose to use our website for educational purposes, we collect and transfer to the U.S. personal data only: (i) with your consent; (ii) to perform a contract with you; (iii) to conclude or perform a contract with another person in the furtherance of your or our legal interests (such as with a customer or strategic partner); (iv) or to fulfill a compelling legitimate interest of ours in a manner that does not outweigh your rights and freedoms.
We strive to apply suitable safeguards to protect the privacy and security of your personal data and to use it only consistent with your relationship with Soteria and the practices described in this Privacy Notice.
B. Third-Parties
While many of our third party sub-processors are global companies with operations in the EEA, some of the third-party sub-processors with whom we share personal data are located outside of the EEA.
Certain third countries have been officially recognized by the European Commission as providing an adequate level of protection.
You can find the list of these countries at the following address: simply Google “Data Policy Transfers to third-parties located in other third countries outside the EEA”.
6. How long we keep your personal data:
Your personal data is stored by us on the servers of the cloud-based database management services that we engage, located in the United States.
We retain your personal data collected as reasonably necessary to fulfill the purposes for which we collected it, and to comply with our legal obligations.
Your personal data of EEA residents that remain inactive (you do not take any action or are contacted within 1 full year) will be deleted.
In no event will we keep your personal data for longer than is strictly necessary for the purposes defined in this Notice.
For more information on where and how long your personal data is stored, please contact us at the address or phone number listed below, in Section IX.
7. Your rights in relation to your personal data:
A. For United States Residents and others not living in the EEA
You have the rights provided under the laws applicable to where you live.
Additionally, you can ask us questions about the personal data that we have relating to you, ask us to correct any of that personal data if it is wrong and you can verify that with us.
B. For Residents of the EEA
If you reside within the EEA, the GDPR applies. This law provides certain rights for data Subjects. Under the conditions set by this law, you may be able to exercise the following rights regarding your personal data, subject to the exceptions provided by the GDPR (see also Section IX on who to contact to exercise those rights).
8. Access:
You have the right to access your personal data. You can obtain from us confirmation if personal data is being processed, the purpose of processing, the categories of data, the legal basis of the processing, information on recipients of the data and the non-EU countries in which they are located, and the safeguards put in place for the transfer of data to non-EU countries.
If you have chosen to connect to a social network like Facebook or other social media platform, you can remove permission for the app by changing your account settings with them. You are responsible for keeping your personal information up-to-date.
9. Rectification:
You have the right to request us to correct inaccurate personal data and to have incomplete data completed, but only to the extent that the data is still under our control and has not yet been transmitted.
10. Objection:
You have the right to object to the processing of your personal data for compelling and legitimate reasons relating to your particular situation, except in cases where legal provisions expressly provide for that processing, or when upon your initial request, the personal data has already been transmitted by us to a target of a campaign or petition identified by you.
11. Portability:
You may request your personal data that you have provided to us and which is still retained by us, in a structured, commonly used and machine-readable format, and you have the right to request that we transmit it to other data controllers or processors without hindrance. This right only exists if the processing is based on your consent or on a contract between us, and the processing is carried out by automated means.
12. Restriction:
You may request to restrict Processing of your personal data if: (i) you contest the accuracy of it – for a period we need to verify your request; (ii) the processing is unlawful and you oppose the erasure of it and request restriction instead; (iii) we no longer need it, but you tell us you need it to establish, exercise or defend a legal claim; or (iv) you object to processing based on public or legitimate interest – for a period we need to verify your request. Please note that this right is limited to the extent that the data is still under our control and does not apply to any data that has already been transmitted to a campaign or petition target at the time of your request.
13. Erasure:
You may request to have your personal data erased if: (i) it is no longer necessary for the purposes for which we have collected it, (ii) you have withdrawn your consent and no other legal ground for the processing exists, (iii) you objected and no overriding legitimate grounds for the processing exist, (iv) the processing is unlawful, or (v) erasure is required to comply with a legal obligation. Please note that this right is limited to the extent that the data is still under our control and does not apply to any data that has already been transmitted to a campaign or petition target at the time of your request.
14. Right to lodge a complaint:
You also have the right to lodge a complaint with a supervisory authority, in particular in the EEA member state of your residence, place of employment, or the location where the issue that is the subject of the complaint occurred.
15. Right to refuse or withdraw consent:
Please note that in case we ask for your consent to certain processing, you are free to refuse to give the consent and you can withdraw your consent at any time without any adverse negative consequences. For example, if you withdraw your consent to the use of cookies, we cannot deny your use of the website; however, as explained above in Section 1. B., if you choose to disable cookies, some aspects of our services may perform differently, for instance, you will need to re-enter your information each time you return to use the services.
The lawfulness of any processing of your personal data that occurred prior to the withdrawal of your consent will not be affected.
16. Security of your information:
To help protect the privacy of your personal data collected by us, we maintain physical, technical and administrative safeguards.
We update and test our security technology on an ongoing basis. We restrict access to your personal data to those employees who need to know that information to provide the service we provide to you. In addition, we train our employees about the importance of confidentiality and maintaining the privacy and security of personal data processed by the services. We commit to taking appropriate disciplinary measures to enforce our employees’ privacy responsibilities and will prosecute to the fullest extent of the law in the event an employee acts in non-compliance to our privacy notice.
17. Questions, concerns or complaints – Contact Details:
Soteria Worx, LLC
Attn: Data Security
2603 NW 13th Street, Suite 264
Gainesville, FL 32609 USA
Email: help at soteriaworx.com
Subject line: Data Security