Privacy Policy

The EPIC Systems Group, LLC (“EPIC”) Privacy Policy is effective as of January 2023:

EPIC is committed to protecting your privacy. This Privacy Policy describes how we collect, use and share personal information obtained from you. Please read this policy carefully. EPIC uses commercially reasonable safeguards to ensure the protection of information transmitted through its sites. However, because information transmitted through the internet is never completely secure, we cannot guarantee or warrant the absolute security of any information you transmit to EPIC. In the event we become aware any information is compromised, we will take all reasonable steps to investigate and, where necessary, inform any individual(s) who has been affected. By accessing, using or submitting information, you consent to the collection, use and sharing of your information as set forth below:

For purposes of this Policy, “personal data” means the information either on its own or in combination with other information that identifies you or allows you to be identified, such as your name, physical address, email address or other contact details, online identifiers, details of your use of our website navigational information, and any information that becomes personally associated with you.

Personal Data Collection

We collect personal data in a number of different ways:

• When you visit one of our websites and/or use other online applications we provide (“Sites” or “Site”);
• When you voluntarily provide your personal data to us (for example, when you opt-in for e-mail or other advertising communications, when you complete a contact form, when you complete an employment application, etc.);
• From publicly available sources (such as LinkedIn or corporate websites);
• When you use our services or when it is necessary for us to do business with you or the company or organization you belong to; and/or
• When we have disclosed the collection and intended use to you in advance through this Policy or at the time of collection.

We may combine the personal data that we collect from various sources to better serve our customer’s needs.

You are not required to provide personal data to us; however, if you do not, we may not be able to provide certain services or information you may request.

We collect a number of different types of personal data such as:

• Personal contact information (name, email, phone, etc.)
• Account login information (email, login, password, security question and answer, etc.)
• Demographic information (date of birth, age range, geographic location, hobbies/interests, etc.)
• Information from computer/mobile device (IP address, operating system type, mobile device ID, geo-location, etc.)
• Website usage information (pages visited, links clicked, time visited, other statistics about visit to site)

For the avoidance of doubt, there are certain types of personal data we typically do not collect:

• We do not proactively collect any sensitive personal data (financial or health-related data);
• Our Sites are for persons aged 18 years or older;
• We only conduct B2B business and do not engage in B2C business.

Our Use of Your Personal Data

This Policy provides you with information as to how we may use your personal data. For certain applications, we may inform you with additional information about how we will use your personal data when you apply for or enter such applications. We hope this will help you make an informed decision about sharing your personal data with us.

We may use personal data that you provide to us for the following business, transactional, and marketing purposes:

• Contact you about a specific request or inquiry;
• Deliver requested services or business transactions as we have agreed;
• Customize and personalize our Sites and personalize and improve your online experience, which may include matching and serving targeted advertisements about our products, services and solutions to make the information delivered more relevant to you; we may utilize ad networks to display targeted digital advertisements on third-party web sites;
• Consider an application for employment from you;
• As deemed necessary to protect our legal rights and our property, to protect other users or any third party, or to prevent personal injury or loss;
• Communicate (via email, regular mail or telephone) with you about products, services and events of EPIC, its subsidiaries and its business partners that you may be interested in;
• Generate leads for us and our business partners (for example, authorized distributors) for business promotion purposes, to provide you better support and services and/or to better respond to your requests or inquiries;
• Invite you to provide feedback or participate in customer surveys; understand better the nature and quality of the provision of our services; improve and further develop products, services, and solutions; and/or
• Use such information in the context of our overall customer relationship management (CRM).

For our marketing activities, we process your personal data in our CRM systems. Every promotional communication will include a link allowing you to opt-out of receiving such communications in the future.

The legal basis for using and processing your personal data is your consent; necessity for responding to inquiries; the performance of requested services; the entering into and performing of contracts and business transactions; and our legitimate business interests.

Information Sharing with Third Parties

Within EPIC, we restrict access to your personal data to employees who need to know the information for the above use purposes. Under no circumstances will EPIC rent, sell or disclose your information to third parties. However, we may share your personal data with third parties for the following purposes:

• With authorized suppliers who are involved in partnering with EPIC to provide a service or solution to you;
• With service providers who provide services to EPIC, such as marketing services, and utilize information collected about you through EPIC’s sites;
• With governmental and/or regulatory authorities where we are required by applicable law or pursuant to a court, administrative or similar order.

We take commercially reasonable steps to implement contractual safeguards and to promote that the third party companies mentioned above:
• Protect your personal data and keep it secure and confidential;
• Do not collect, use, or disclose your personal data for any purpose other than to perform such functions for us or on our behalf and in accordance with applicable privacy laws and our instructions;
• To not keep this information longer than is needed or legally required; and
• To report to us immediately in case of a data breach incident leading to the accidental or unlawful theft, loss, disclosure of or access to personal data.

Aggregating Information

Aggregated or anonymized personal data does not personally identify you or any other user of the Sites. It may be used for statistical analysis and administration, including analysis of trends, tailoring products and services, risk assessment and analysis of costs and charges in relation to our products, services, and solutions.

What Are Cookies and Web Beacons?

A cookie is a small text file that is downloaded to your computer’s hard drive or stored in your web browser’s memory when you visit our Sites. Cookies help us understand which information and business interests you may have. Cookies help us improve the performance of our Sites and your experience using them. Cookies also allow us to remember your preference settings and to track trends and patterns in how visitors navigate our Sites.

Our Sites and emails may also contain small, clear graphic images known as web beacons. Web beacons help us identify user behavior, such as the number of users that visit specific pages of our Site or whether the email messages we send have been opened or acted upon.

Direct Marketing

As noted above, we may wish to provide you with information about existing and new products, services, solutions, about webinars, seminars, trade fairs, and other events, and about promotions and offers, which may be of interest to you. We may also invite you to take part in market research or request feedback on our products, services, and solutions. This communication may occur by email or telephone (telemarketing).

We will obtain your consent for direct marketing through opt-in, where we are required to do so in accordance with applicable laws and will keep track of the consent(s) provided by you.

We will ensure that any direct marketing or market research that you receive or are contacted about by e-mail will provide a simple means for you to withdraw from such further e-mail communication. For example, we may provide you with an ‘unsubscribe’ link in emails, or an email address where you can send an opt-out request.

In such cases, we would not necessarily remove all your personal data from our database(s) but would note and respect your changed direct marketing preferences.

Obtaining Your Consent — Communication Preferences

You may gain a lot of information about our products, services and solutions without having to provide any personal data. However, for certain services, information and events, we may require and request certain personal data. This information will enable us to provide you with additional relevant information or service and to use it for the other purposes described in this Policy or described specifically for the requested service, information or event. We will then provide you with a link to this Policy and the opportunity to opt out of any particular communication type.

We will request, where required by applicable laws, that you grant your explicit consent for our online, electronic direct marketing activities, and for the use of our cookies. Where required, we will request that you grant your explicit consent for us to collect and use your personal data as explained in this Policy.

Such consent will be requested within the web form or hardcopy form used to collect your personal data and/or provided to you to confirm your registrations or preferences (for example, for offline activities, such as trade fairs, seminars and other events).

Information Security — Cross-border Transfers

We have adopted reasonable, risk-based, technical and organizational measures, which seek to protect your personal data against unauthorized access, alteration, disclosure or destruction.

Unfortunately, we cannot guarantee the security of any transmission of personal data over the Internet, via email or other electronic communication. We also cannot guarantee the security of different methods of electronic storage. Electronic communications, such as via email, are not secure unless they have been appropriately encrypted. While we strive to protect such information, we cannot ensure or warrant the security of any information transmitted or exchanged between us. You therefore accept the inherent security implications of dealing online and through email and will not hold us responsible, unless a security breach incident has been caused by the specific gross negligence of EPIC, its subsidiaries or its agents.

Links to Other Websites

Our Sites may contain links to other websites. We are not responsible for the content, terms of service, security and privacy practices of these other websites. Your access and use of such links or websites remain solely at your own risk. You should be aware of this when you leave our Sites, and we encourage you to read the privacy statements on other websites you visit.

Retention of Personal Data

EPIC will take every reasonable measure to ensure your data is only kept for the minimum period necessary. We will retain your data for the longer of the following 1) for twelve months after you last accessed our site; 2) for twelve months after you last subscribed to a marketing campaign; or 3) the law or another written agreement between us requires EPIC to keep the information for a longer period of time. After this time period expires, EPIC will securely archive or delete your information. The information may be kept longer if necessary to comply with legal obligations.

Contact Us

If at any time you wish to edit or correct your information, you may contact us. If you wish to opt out of any communication(s), you may do so by responding to said communication or contacting us at the number below. If you have questions regarding this Policy or our handling of your personal data, please contact us at contracts@epicsysinc.com