Earnix

User Platform Privacy Policy

Earnix (“Earnix “, “we“, “our” or “us“) provides an end-to-end pricing, rating and underwriting software suite and service (the “Service”). The Service enables our customers to create real-time dynamic pricing for their consumers and underwriting rules, based on analytical modeling tools.

This User Platform Privacy Policy (the “Policy”) describes how we collect, store, use and disclose personal data, which means any data which relates to an identified or identifiable individual ("Personal Data") about the users of our Service (“Users” or “You”) The terms of this Policy are not intended whatsoever to override existing rights of Customer and/or Users and in the event of any conflict, the latter shall prevail.

You are not legally required to provide us with any Personal Data. However, not providing us with certain Personal Data may not allow us to provide our Service.

We do not knowingly process Personal Data about minors. Any person who provides Personal Data to us (or to others on our behalf) in connection with the Service represents to us that they are at the minimum 18 (eighteen) years of age (or such other lawful age – where lower than 18). If we learn that Personal Data about a minor was collected, we will take reasonable steps to delete such data as soon as possible.

Personal Data We Collect

We, or others on our behalf,  may collect the following types of Personal Data about you:

  • Registration data – whenever you register to our Service, You and/or the entity on behalf of which you are duly using the Service (the “Customer”), may provide us with Personal Data such as your name, workplace and position, contact details (such as e-mail, phone and address), and account login credentials (usernames and hashed passwords), as well as any other data that we may require in order to register you with the Service.

  • Service activity information - whenever you use the Service, we may monitor your use of the Service and record your activity in it. The information that we gather about you in this context includes any activity that you perform in the Service, such as your interactions with notification that we send to you as part of the Service, dates and times on which You use the Service, your interaction with the Service, etc.

  • Service usage data - we collect or gather certain technical data concerning your use of the Service. We collect or generate such data either independently or with the help of third-party services (as detailed below). This mainly consists of connectivity, technical and aggregated usage data, such as IP addresses, non-identifying data regarding a device, operating system, browser type, local and language settings, the cookies and pixels installed on such device, session logging and duration, heatmaps and scrolls, screen resolution, ISP, referring or exit pages, page views and date/time stamps, and the activity (clicks, browsing, zooms and other interactions) within the Service.

  • Communication information - when you contact us, through any channel of any kind, you may provide us with certain information, such as Your full name, e-mail address, job description, telephone number and the content of your communication with us.

  • Customer survey information - We conduct customer satisfaction surveys as part of our commitment to improving our services. The participation in those surveys is voluntary. Within these surveys, we may collect personal information from our customers, Users and/or other authorized representatives, occupying relevant positions within their respective organizations. The types of personal data we collect may include contact information  job titles and roles within the customer's organization, feedback on our products and services, information about the foregoing individuals’ experience with Us, and preferences pertaining to to our product and service offerings.

  • Aggregate Information - we will also create statistical, aggregated and anonymized data relating to the users and the Service for analytical purposes, including business development and Service improvements. Aggregated data is derived from Personal Data but in its aggregated form it does not relate to or identify any particular customer or individual or any specific user’s data. This data is used to understand our customer base and to develop, improve and market our Service.

1. Cookies and Tracking Technologies

We use cookies and other tracking technologies to enhance your experience with our Service. For more detailed information about the types of cookies we use, why we use them, and how you can control your cookie preferences, please refer to our Cookie Policy.

2. Data Uses and Legal Bases

We use Personal Data for one or more of the purposes outlined in this section and according to the appropriate legal basis. We will not process Personal Data about you unless there is a legal basis for such processing.

The legal basis according to which we may process Personal Data about you are as follows:

  • Processing is necessary for the performance of a contract. This refers to all the information required for us to provide you the Service and grant you access thereto. By way of example, we collect your contact information in order to send you operational service messages as part of the provision of the Service, as well as other customer and support services.

  • Processing is necessary for compliance with a legal obligation to which we are subject.

  • Processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms which require protection of Personal Data. By way of example, we may use the data you submit when you open a support ticket with us for the purpose of improving our Service or for the exercise or defense of legal claims.

  • You have given Your consent to certain processing activities.

Specifically, unless otherwise agreed between us and Customer, we use Personal Data for the following purposes:

  • To facilitate, operate, and provide our Service;       

  • To send You communications (including notifications regarding changes or updates to our Service, billing issues, service changes, surveys, etc.);

  • To develop, customize and improve the Service and general user experience. To this end, we may use the information collected through our customer surveys to analyze and improve our products and services, enhance overall customer experience, identify areas for improvement in our customer support and service delivery, and tailor our offerings to better meet customer needs and preferences. This data also enables us to communicate with you about improvements or changes based on your feedback. We process this information on the legal basis of our legitimate interest in maintaining and improving our business relationships and service quality.;

  • To authenticate the identity of the Users, and to allow them access to the Service;

  • To provide our Customers and Users with assistance and support;

  • To send you marketing communications in connection with the Service;

  • To support our corporate and business administrative operations, by way of example enhance our data security measures, support our external accreditations and audits, such as ISO and SOC2 certifications, including for the purposes of preventing and mitigating the risks of fraud, error or any illegal or prohibited activity. In connection with the foregoing, we may use the information for consultation with external advisors as further detailed below under ‘Data Sharing’;

  • To comply with any applicable laws and regulations, or court orders;

  • To perform and maintain various activities supporting the offering and provision of the Service; and

  • To protect our rights and assets, and to act in accordance with our policies, such as Anti Bribery and Anti Fraud policies, including to detect, investigate and prevent fraudulent transactions or unauthorized or illegal activities and to initiate or exercise of defense of legal claims.

3.  Data Location and Retention

Data Location:  Unless otherwise agreed in writing by Earnix and Customer, Personal Data may be maintained, processed, and stored by us and our authorized affiliates and Service Providers (defined below) in the EU, United States of America (U.S.), the State of Israel and the UK, as necessary for the proper delivery of our Services, or as may be required by law, or in other jurisdictions, if explicitly agreed between Us and Customer.

Any transfer of your Personal Data to another country shall be done in compliance with all applicable laws and the agreement with Customer. While privacy laws may vary between jurisdictions, Earnix and its affiliates are each committed to protect Personal Data in accordance with this Privacy Policy, regardless of any lesser legal requirements that may apply in their jurisdiction. If you are a European resident, please note that when we or our affiliates transfer your Personal Data outside the European Economic Area, one of the following conditions will be met:

  • The transfer is to a third country or an international organization that the EU Commission has decided provides an adequate level of protection to the Personal Data that is transferred to it pursuant to Article 45(3) of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (the "GDPR");

  • The transfer is according to a legally binding and enforceable instrument between public authorities or bodies pursuant to Article 46(2)(a) of the GDPR; or

  • The transfer is in accordance with standard data protection clauses adopted by the EU Commission pursuant to Article 46(2)(c) of the GDPR.

Data Retention: Unless otherwise agreed between Us and Customer, we retain your Personal Data for as long as reasonably necessary for the fulfilment of the purposes for which such Personal Data is collected. The retention period of your Personal Data may be determined by the instructions of the Customer, the status of your account, our legal obligations and more. We will also retain your Personal Data for as long as is required in order to comply with our legal and contractual obligations, and to protect ourselves from any potential disputes.
Please note that except as required by applicable law or the agreement between Us and Customer, we will not be obligated to retain your Personal Data for any particular period, and we are free to securely delete it for any reason and at any time, with or without notice to you. If you have any questions about our data retention policy, please contact us by email at privacy@earnix.com.

4. Data Sharing

  • Legal Compliance - we may disclose or allow government and law enforcement officials access to your Personal Data, in response to a subpoena, search warrant, a requirement from a governmental body or court order (or similar requirement), or in compliance with applicable laws and regulations. Such disclosure or access may occur if we believe in good faith that we are legally compelled to do so, or that it is appropriate in connection with efforts to investigate, prevent, or take action regarding actual or suspected illegal activity, fraud, or other wrongdoing.

  • Service Providers - we may engage trusted third party service providers to perform services facilitating the Service, such as – hosting, support, CRM, analytics, mailing, etc., as well as our business, legal and financial advisors (collectively, “Service Providers“). Where the Service integrate third-party platforms, which integrations will be easily visible to you, such third-parties act as "Controllers" of your Personal Data within the services they provide, and this Policy will not apply to the processing of the Personal Data by such third-parties, but rather, their own Privacy Policy applies.  We encourage You to read and acknowledge such Service Providers’ Privacy policy before providing them with Personal Data.

  • Sharing Personal Data with our Customers - we may share the Personal Data of our Users with our customers who employ them, or otherwise on behalf of which such Users operate. Earnix is not responsible for, and does not control any further disclosure, use or monitoring by or on behalf of, such customers, who may use the Personal Data for their own purposes.

  • Protecting Rights and Safety  - we may share your Personal Data with others if we reasonably believe that this will help protect the rights, property or personal safety of Earnix, customers or their Users, or of other third parties, and only to the extent necessary to protect any such rights taking into account the level of risk and nature of the Personal Data being shared.

  • Earnix Subsidiaries and affiliated entities - we may share Personal Data internally within our group of entities, for the purposes described in this Policy and subject to the provisions of this Policy.

  • For the avoidance of doubt, Earnix may share your Personal Data in additional manners, such as pursuant to your explicit approval, if we are legally obligated to do so, or if we have successfully rendered such data non-personal and anonymous. We may transfer, share or otherwise use non-personal data at our sole discretion and without the need for further approval.

5. Data Security

In order to protect your Personal Data held with Us and our Service Providers and subject to any agreement between Earnix and the Customer, we use industry-standard physical, procedural and electronic security measures. Although we endeavor to provide you with the maximum protection possible, absolute protection is beyond our control.

6. Selling/sharing of Personal Data

We do not "sell" Personal Data about our users for monetary consideration. We may share information about our users, with third-party platforms, such as Google Ads, Google Analytics and Linkedin,for purposes of serving ads and related marketing materials that are relevant to you (including related activities such as campaign measurement and analytics), as well as to monitor your use of our Service, in order to improve our Service and your user experience. Such data collected  may amount to "valuable consideration" under the CCPA. For more information on how Google uses the data collected, please refer to Google Analytics Privacy & Terms.

If you reside in California, Virginia, Colorado, Connecticut, Utah or in any other state in the United States that its laws entitle its residents the right to opt-out of the "sale" of their personal information, you may request that we do not "sell" your personal information by email at privacy@earnix.com.

7. Data Subject Rights

Based on your residency and your eligibility in accordance with applicable privacy laws, you may be afforded specific rights regarding your personal information. These rights may include:

  • The right to access your information. In some circumstances, you have the right to object to our processing of your Personal Data and can ask us to restrict our use of your Personal Data and to delete it.  You may also have the right to ask us to correct your Personal Data if it is inaccurate and, to ask us to transfer Personal Data you have provided, to withdraw consent you have given us to use your Personal Data and to ask us not to use automated decision-making which will affect you (as and if applicable).

  • We would like to make you aware that your rights do not always apply in all cases, for example we might not be able to delete your Personal Data if we need it to provide our Service or we are required to keep it by law. We also might not be able to provide you with Personal Data if it would infringe someone else’s rights. We will always try to help you with your request and will let you know in our correspondence with you how we will be able to meet your request and explain why if we are unable to do so. 

  • If you wish to exercise your rights under any applicable law, including the EU General Data Protection Regulation (GDPR) or the California Privacy Act (CCPA) – please contact us by email at privacy@earnix.com. Please note that once you contact us by e-mail regarding your data subject rights, we may require additional information and documents, including certain Personal Data, in order to authenticate and validate your identity and to process your request. Such additional data will be then retained by us for legal purposes (e.g., as proof of the identity of the person submitting the request), in accordance with Sections 3 and 4 above.

  • If you are a European Union (the “EU”) resident or reside within the European Economic Area (the “EEA”) you also have the right to lodge a complaint with a supervisory authority established by a Member State to protect the fundamental rights and freedoms of natural persons in relation to the processing of Personal Data within the European Union.

  • If you reside in the U.S.A, please read below with respect to the California Consumer Privacy Act (CCPA), California Privacy Rights Act (CPRA), the Virginia Consumer Data Protection Act (VCDPA), and the Colorado Privacy Act (CPA)) rights you might have:

 

Right

Scope

1

Right to know

 

 

 

You have the right to receive the following information:

  • What types of Personal Data collected;

  • What are the types of sources of the Personal Data collected;

  • To what end we collect sell or share the Personal Data;

  • Types of third parties to whom we disclose Personal Data; and

  • The specific pieces of Personal Data we have collected about you.

2

Right to Correct

Considering the nature of the Personal Data and the purposes of the processing thereof, you have the right to request that we correct inaccurate Personal Data about you.

3

 

 

 

 

 

Right of Erasure

 

 

 

 

 

 

You may ask us to delete Your Personal Data and direct our Service Providers to do so.

Please note that we may not delete your Personal Data if it is necessary to complete our legal obligation to you to provide the Service or otherwise protect our legal rights, comply with an existing legal obligation; or use your Personal Data, internally, in a lawful manner that is compatible with the context in which you provided the information.

4

Right to Limit Use and Disclosure of Sensitive Personal Data

You have the right to request that we limit our use or disclosure of your “sensitive personal information” to the extent collected from you. We may deny your limitation request if the use and/or disclosure of the information is necessary for us to perform our Service or provide the goods or services as reasonably expected by an average consumer.

5

Right to Non-Discrimination for the exercise of your privacy rights

You have the right to not be discriminated by Us because You exercised any of your rights under the CCPA.

6

Right to designate an authorized agent to submit CCPA requests on your behalf

You may designate an authorized agent to make a request under the CCPA on your behalf. To do so, you need to provide the authorized agent written permission to do so and the agent will need to submit to us proof that such agent has been authorized by you. We will also require that you verify your own identity, as explained below.

In order to exercise Your rights, please contact us by sending us a message to the following address: privacy@earnix.com.

If you are a resident of the EU or EEA, please contact Lionheart Squared (Europe) Ltd., acting as Earnix EU Data Controller Representative, at: earnix@lionheartsquared.eu.

8. Data Controller

Any Personal Data processed by us in connection with this Policy is controlled by Earnix Ltd., including our authorized affiliates, Earnix Inc. and Earnix UK Ltd., each which is considered the “data controller” of Personal Data, based on your residency under applicable data protection laws.

If you wish to exercise any of the above mentioned rights, or have any questions or concerns with respect to your Personal Data, please contact us at: privacy@earnix.com and we will take the necessary actions to fulfill your request and/or respond to your queries, as applicable.

If you are located within the European Union (the “EU”) or within the European Economic Area (the “EEA”), please contact Lionheart Squared (Europe) Ltd., acting as Earnix EU Data Controller Representative, at: earnix@lionheartsquared.eu

If you are located in the EU or EEA, you also have the right to lodge a complaint with the relevant authority in the EEA, UK or Switzerland, as applicable. 

9. Changes to this Policy

We may update and amend this Policy from time to time by posting an amended version on our platform. The amended version will be effective as of the date it is so published. We will strive to inform you about changes that we believe are substantial to your rights via any of the communication means we believe are reasonably appropriate to inform you of such changes. Unless stated otherwise, all such changes will enter into force upon publication of the updated Policy on our platform.

10. External Links

While our Service may contain links to other websites or services, we are not responsible for their privacy practices, and encourage you to pay attention when you leave our Service to the website or application of such third parties and to read the privacy policies of each and every website or service you visit. This Policy applies only to our Service.

11. Contact Us

If you have any comments or questions about this Policy, or if you have any concerns regarding your Personal Data, please contact us at privacy@earnix.com