Privacy Policy

Effective Date: May 25th 2018

Bipsync is fully committed to protecting your privacy. With this in mind, we’re providing this Privacy Policy to explain our practices regarding the collection, use, retention and disclosure of information that we receive through our website at www.bipsync.com (the “Site”) and our Research Management System, including the Bipsync applications (the “Bipsync Services” and collectively with the Site, the “Services”). This Privacy Policy does not apply to any third-party websites, services or applications, even if they are accessible through our Services.

Updates in this version of the Privacy Policy reflect changes in data protection law. Certain sections of this Privacy Policy apply differently depending on whether you are a user of the business version of Bipsync (meaning you are an authorized user of a company or other organization that uses the Bipsync Services in the workplace) (“Authorized User”), or if you are a visitor to the Site (“Visitors” and, together with Authorized Users, “Users”). All Authorized Users access Bipsync Services through an individual user account (“Account”) as specified in the applicable Subscription Services Agreement between Bipsync and the organization you are accessing the Bipsync Services on behalf of (“Agreement”). To the extent a definition within this Privacy Policy conflicts with a definition in the Agreement, the definition in the Agreement shall govern.

If at any time you have questions about our practices or any of your rights described below, you may reach our Data Protection Officer (“DPO”) and our dedicated team that supports this office by contacting us at privacy@bipsync.com.

How Do We Collect and Use Information?

If you use our Services, we collect information that identifies or can be used to identify you (“PII”).  The types of PII we may collect (directly from you or from third-party sources, such as your organization) and our privacy practices depend on the nature of the relationship you have with Bipsync and the requirements of applicable law. Some of the ways that Bipsync may collect PII include:

  • You may provide PII directly to Bipsync through interacting with the Services and requesting Services or information, as described below.
  • As you navigate the Services, certain passive information may also be collected about your visit, including through cookies and similar technologies as described below.

Our primary goals in collecting information are to provide and improve our Services, to administer your use of the Services (including your Account, if you are an Account holder), to respond to your comments and questions, to use your email address or other contact information to send you information related to the Services and to enable you to enjoy and easily navigate our Services.

Information You Provide

Account Information: If you create an Account, we’ll collect certain PII such as your name and email address.

Communications with Us: We may collect PII from you such as email address, phone number or mailing address when you choose to request information about our Services, request to receive customer or technical support, or otherwise communicate with us, including via the Contact section of the Site.

Information Provided by Your Organization

If you are an Authorized User, we may receive information about you from your organization to supplement information provided by you, such as your name and email address, to help with Account set-up or management of support requests. 

Information Collected Using Cookies and other Web Technologies

Like many website owners, we use automated data collection tools such as Cookies and Web Beacons to collect certain information. “Cookies” are small text files that are placed on your device by a Web server when you access our Services. We may use both session Cookies and persistent Cookies to identify that you’ve accessed the Site, logged in to the Services and to tell us how and when you interact with our Services. We also use Cookies to monitor aggregate usage and web traffic routing on our Services and to customize and improve our Services. Although most browsers automatically accept Cookies, you can change your browser options to stop automatically accepting Cookies or to prompt you before accepting Cookies. Please note, however, that if you don’t accept Cookies, you will not be able to access all portions or features of the Services. When you access our Site, certain third-party service providers that we engage may also place their own Cookies on your device. However, third-party service providers cannot place their own Cookies on your device when you access the Bipsync Services. Note that this Privacy Policy covers only our use of Cookies and does not include use of Cookies by such third parties.

Web Beacons” (also known as Web bugs, pixel tags or clear GIFs) are tiny graphics with a unique identifier that may be included on our Services for several purposes, including to deliver or communicate with Cookies, to track and measure the performance of our Services and to monitor how many visitors view our Services.

Information Related to Use of the Services

Our servers automatically record certain information about how our Services are used (we refer to this information as “Usage Data”). Usage Data may include information such as a User’s IP address, browser type, operating system, the pages or features of our Services to which a User browsed and the time spent on those pages or features, frequency with which our Services are used by a User, search terms, and other statistics. We use Usage Data to administer the Services and we analyze (and may engage third parties, who are under an obligation of confidentiality, to analyze) Usage Data to improve, customize, and enhance our Services by expanding their features and functionality and tailoring them to our Users’ needs and preferences. For Authorized Users, in addition to this Privacy Policy, all use of Usage Data relating to you will be subject to the terms and conditions of the Agreement between Bipsync and your organization (as applicable). Any use of Usage Data by third parties on our behalf will be subject to requirements that such third parties maintain the confidentiality and integrity of such Usage Data.

Information Sent by Your Mobile Device

We may collect certain information that your mobile device sends when you use our Services, such as a device identifier, user settings, and the operating system of your device, as well as information about your use of our Services. Such information helps us to, and will only be used in order to, improve, customize and enhance our Services.

Location Information

In some cases we collect and store information about where you are located, such as by converting your IP address into a rough geolocation. We may use location information to improve and personalize our Services for you. 

What Information Do We Share With Third Parties?

We will not share any PII that we have collected from you except as described below:

Information Shared with Your Organization

If you are an Authorized User, under the terms of the Agreement between Bipsync and your organization, your organization and other personnel and Authorized Users from your organization are permitted to access the information in your Account, both during your use of the Services and/or when you or your organization ceases using the Services.  In addition, at a minimum, the name associated with your Account may be displayed to others within your organization and in connection with your use of the Bipsync Services. Certain User roles assigned by your organization may allow personnel from your organization with specific User credentials access to Account information as required for purposes such as compliance or management of Users and User groups.

Information Shared with Our Services Providers

We may engage third-party service providers to work with us to administer and provide the Services. These third-party service providers have access to your PII only for the purpose of performing services on our behalf, and in compliance with applicable laws and regulations (including, without limitation, the CAN-SPAM Act of 2003 and the Privacy Shield (as defined herein), as applicable). All such third-party service providers will be required to maintain the confidentiality of all PII that they process on our behalf and to implement and maintain reasonable security controls to protect the confidentiality, integrity and availability of such PII. Such third parties include: customer relationship management software providers, Internet hosting and cloud service provider services, and customer support services and software. 

If you are an Authorized User, your organization may require us, and our service providers, to store your PII in a specific region.

Information Shared with Other Third Parties

We may share aggregated and de-identified information (such that information cannot be identified as the information of a particular User and will therefore not include PII) with third parties for industry research and analysis, demographic profiling and other similar purposes, and for third-party programs to access the Services in a manner that extends the Bipsync user experience and helps us operate and improve the Services.

Information Disclosed in Connection with Business Transactions

Information that we collect from our Users, including PII, is considered to be a business asset. Thus, if we are acquired by a third party as a result of a transaction such as a merger, acquisition or asset sale or if our assets are acquired by a third party in the event we go out of business or enter bankruptcy, some or all of our assets, including your PII, will be disclosed or transferred to a third-party acquirer in connection with the transaction. The disclosure and transfer of any of your PII to such third-party acquirer will be done in compliance with applicable law and regulation (including but not limited to the Privacy Shield, as the case may be), and only as necessary in order to enable Bipsync or the relevant acquirer to continue to perform services to you or your organization.

Information Disclosed for Our Protection and the Protection of Others

We cooperate with government and law enforcement officials or private parties to enforce and comply with the law. In certain circumstances, we will disclose any of your PII to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate: (i) to respond to claims, legal process (including subpoenas), law enforcement requests and national security requests; (ii) to protect our rights and safety and the rights and safety of a third party or the public in general; and (iii) to stop any activity that we consider illegal, unethical or legally actionable activity. In the event of such disclosure or transfer of your PII to public authorities, there is a chance that Bipsync will not be able to require such public authorities to implement and maintain reasonable security controls to protect the confidentiality, integrity and availability of your PII.

Where Do We Send Information?

As our Users operate globally, we need to send User PII to different countries in order to provide the Services, and you might send your PII to different countries in the course of using Bipsync Services. As indicated above, if you are an Authorized User, your organization may require us to store your PII in a specific region. When we send PII outside of the European Economic Area (EEA), we use a variety of legal mechanisms to make sure that your PII is sent with appropriate safeguards:

  • EU-US Privacy Shield

We may send some of your PII from the EEA to Bipsync Ltd. in the US. Bipsync complies with the EU-U.S. Privacy Shield Framework (together with the Swiss-U.S. Privacy Shield, the “Privacy Shield”) as adopted and set forth by the U.S. Department of Commerce and the European Commission regarding the collection, use and transfer of personal data from European Union member countries, as well as from Iceland, Liechtenstein and Norway. Bipsync commits to adhere to and has certified that it adheres to the Privacy Shield Principles of notice, choice, accountability for onward transfer, security, data integrity and purpose limitation, access, recourse, enforcement and liability, as well as the Supplemental Privacy Shield Principles, in each case with respect to all PII that Bipsync receives in reliance on the EU-U.S. Privacy Shield. To learn more about the Privacy Shield, and to view Bipsync’s certification, please visit https://www.privacyshield.gov and https://www.privacyshield.gov/list, respectively.

  • Swiss-US Privacy Shield

 We may send some of your PII from Switzerland to Bipsync Ltd. in the US. Bipsync complies with the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data from Switzerland. Bipsync has certified that it adheres to the Privacy Shield Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Privacy Shield, and to view Bipsync’s certification, please visit https://www.privacyshield.gov.

  • Regulatory Jurisdiction

 The Federal Trade Commission and the relevant EU data protection authorities have jurisdiction to investigate and enforce any issues relating to compliance with or certification to the Privacy Shield. Bipsync will cooperate and comply with the dispute resolution panel established by the relevant EU data protection authorities.

The Security of Your Information

We take reasonable measures to protect the information that we collect from or about you (including your PII) from unauthorized access, use or disclosure. Please be aware, however, that no method of transmitting information over the Internet or storing information is completely secure. Accordingly, we cannot guarantee the absolute security of any information.

In the context of an onward transfer, Bipsync has responsibility for the processing of personal information it receives under the Privacy Shield and subsequently transfers to a third party acting as an agent on its behalf. Bipsync shall remain liable under the Principles if its agent processes such personal information in a manner inconsistent with the Principles, unless Bipsync proves that it is not responsible for the event giving rise to the damage.

Links to Other Sites

Our Services may contain links to other websites and services. Any information that you provide on or to a third-party website or service is provided directly to the owner of the website or service and is subject to that party’s privacy policy. Our Privacy Policy does not apply to such websites or services and we’re not responsible for the content, privacy or security practices and policies of those websites or services. To protect your information we recommend that you carefully review the privacy policies of other websites and services that you access.

Modifying Your Information

You can access the PII associated with your Account via your Account. If you want Bipsync to delete your PII and/or your Account, you can do so by contacting us at support@bipsync.com.  Please note that if you are an Authorized User and you make a request to delete your PII and that data is necessary for the continuation of Services your organization has purchased, the request will be honored only to the extent it is no longer necessary for any Services purchased or required for our legitimate business purposes or legal or contractual record keeping requirements. We’ll take steps to delete your PII as soon as is practicable. If you are a User located in the EU, you have specific rights over your PII, such as:

  • Access: to know whether we process PII about you, to access that PII and find out how we use it and who we share it with;
  • Portability: to receive a subset of the PII we collect from you in a structured, commonly-used and machine-readable format, and to request that we transfer such PII to another party;
  • Correction: to require us to correct PII about you that is accurate or incomplete;
  • Erasure: to request that we erase PII we hold about you in certain circumstances. Note that in cases where we grant your request for deletion, copies of erased PII may remain in archived/backup copies for our records, as we are not always able to delete information from those locations;
  • Restriction: to require us to stop processing the PII we hold about you other than for storage purposes in certain circumstances; and
  • Objection: to object to our processing of PII about you and we will consider your request.

Treatment of Authorized User PII Following Termination

If you are an Authorized User who is utilizing the Bipsync Services under your organization’s Agreement with Bipsync, then following the termination of your or your organization’s access to or use of the Bipsync Services, Bipsync may, if required by the Agreement or your organization, but subject to the requirements of applicable law or any Governmental Authority, deliver to your organization or destroy any PII we have in our possession.

Our Policy Toward Children

Our Services are not directed to children under 13 and we do not knowingly collect PII from children under 13. If we learn that we have collected PII of a child under 13 we will take steps to delete such information from our files as soon as possible.

“Do Not Track”

Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. DNT is a way for users to inform websites and services that they do not want certain information about their webpage visits collected over time and across websites or online services. Please note that we do not respond to or honor DNT signals or similar mechanisms transmitted by web browsers.

California Privacy Rights

California law permits users who are California residents to request and obtain from us once a year, free of charge, a list of the third parties to whom we have disclosed their PII (if any) for their direct marketing purposes in the prior calendar year, as well as the type of PII disclosed to those parties. Bipsync does not share PII with third parties for their own marketing purposes.

Changes to This Privacy Policy

We may modify and revise this Privacy Policy from time to time. If we make any changes to this Privacy Policy, we’ll notify you of those changes by posting them on the Services or by sending you an email or other notification, and we’ll indicate when those changes will become effective. You understand and agree that you will be deemed to have accepted the updated Privacy Policy if you use the Services after the updated Privacy Policy is posted on the Services, so please review our Privacy Policy periodically.

Dispute Resolution

In compliance with the Privacy Shield Principles, Bipsync commits to resolve complaints about our collection or use of your personal information. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Bipsync at privacy@bipsync.com.

Bipsync has further committed to cooperate with the panel established by the EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved Privacy Shield complaints concerning human resources data transferred from the EU and Switzerland.

As a Privacy Shield participant, Bipsync commits to binding arbitration at the request of an individual to address any complaint relating to our privacy notice or our information practices that has not been resolved by other recourse and enforcement mechanisms.

Questions?

Please contact us at privacy@bipsync.com if you have any questions about our Privacy Policy.