Xima Privacy Policy

Last Updated December 3, 2024

This Privacy Policy (“Privacy Policy”) describes how Xima, LLC and its subsidiaries and affiliates (“Xima,” “us,” “we,” or “our”) may collect, use, and share your personal information in connection with ximasoftware.com, xima.cloud, and any other websites and platforms we own and operate that link to this Privacy Policy (collectively, the “Website”), and our related services, events, social media pages, and email and other electronic communications (collectively, and together with the Website, the “Services”), and the choices you have with respect to your personal information. This Privacy Policy does not apply to personal information that we may store or maintain on behalf of the users of our Services, where applicable.

Xima reserves the right, at any time, to modify this Privacy Policy. If we modify how we collect, use, or share personal information, we will post the updated Privacy Policy on this page. In some cases, such as where required by law, we may notify you about an update by sending you an email, posting a notice about the update on the Website, or other means. In all cases, your continued use of the Services following posting or other notification of changes constitutes your acknowledgement of such changes. Please review this Privacy Policy periodically to keep up to date on our most current policies and practices.

This Privacy Policy covers the following topics:

  • COLLECTION OF PERSONAL INFORMATION
  • USE OF PERSONAL INFORMATION
  • SHARING OF PERSONAL INFORMATION
  • INTERNATIONAL TRANSFERS OF PERSONAL INFORMATION
  • CHOICES ABOUT YOUR PERSONAL INFORMATION
  • CHILDREN’S PRIVACY
  • SECURITY OF PERSONAL INFORMATION
  • SMS MESSAGING AND 10DLC COMPLIANCE
  • OTHER SITES AND SERVICES
  • NOTICE TO CALIFORNIA RESIDENTS (SHINE THE LIGHT LAW)
  • NOTICE TO NEVADA RESIDENTS
  • NOTICE TO EUROPEAN USERS
  • CONTACTING US

 

COLLECTION OF PERSONAL INFORMATION

Personal Information Collected. We may collect the following personal information about you. We may also collect other personal information that is not specifically listed here, which we will use as described in this Privacy Policy or as otherwise disclosed at the time of collection.

  • Contact details, such as first and last name, email address, phone number, account name or username, and social media handle.
  • Account information, such as your log-in details, information that you store in your account, and other details about your use of the Services.
  • Professional information, such as company name, job title, company location, email, and phone, and other details we may collect about the company.
  • Payment information, such as bank account number, credit or debit card number, or financial account details used for payments. All payment processing services connected with your use of the Services are provided to you by third-party payment processors. Xima does not access or keep information related to credit cards, banking information, or other sensitive financial information.
  • Order history, such as records of products and services you have purchased from us.
  • Transaction and billing data, such as payment amounts and payment methods used to complete transactions, and other relevant information about the financial institutions you use to conduct business.
  • Preferences, such as any preferences you set in your account and any marketing or communications preferences.
  • Survey responses, such as the information you provide in response to our surveys, questionnaires, or contests.
  • Communications, such as the information associated with your requests or inquiries, including for support, assistance, or order information, and any feedback you provide when you communicate with us.
  • Online activity information, such as the website you visited before browsing to the Service, pages or screens you viewed, how long you spent on a page or screen, navigation paths between pages or screens, information about your activity on a page or screen, access times, and duration of access.
  • Device information, such as your computer or mobile device operating system type and version number, wireless carrier, manufacturer and model, browser type, screen resolution, IP address, unique identifiers, and general location information such as city, state, or geographic area.

Unless we specifically request it, we ask that you not provide us with any sensitive personal information (e.g., information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background or trade union membership) on or through the Services, or otherwise to us.

Sources of Personal Information. We obtain personal information from a variety of sources, including the following sources:

  • Personal Information You Provide. Xima collects personal information when you voluntarily submit it to us, such as when you fill out a form on the Website or communicate with us.
  • Personal Information Automatically Collected. Xima, our service providers, and our advertising partners may automatically log information about you, your computer, or mobile device, and your activity over time on our Services and other sites and online services, such as the online activity information and device information listed above. Like many online services, we use cookies and similar technologies to facilitate some of the automatic data collection described above, such as:
    • Cookies, which are text files that websites store on a visitor’s device to uniquely identify the visitor’s browser or to store information or settings in the browser for the purpose of helping you navigate between pages efficiently, remembering your preferences, enabling functionality, helping us understand user activity and patterns, and facilitating online advertising.
    • Flash cookies, or locally-stored objects, which are used on websites for purposes similar to cookies but allow storage of a larger amount of data.
    • Web beacons, also known as pixel tags or clear GIFs, which are typically used to demonstrate that a webpage or email was accessed or opened, or that certain content was viewed or clicked, typically to compile statistics about usage of websites and the success of marketing campaigns.

For more information, please visit our Cookie Policy.

  • Personal Information Obtained from Third Parties. Xima may receive personal information from third parties, such as our service providers, resellers, advertising partners, data analytics partners, operating systems and platforms, social media platforms, event sponsors, publicly available sources, or data providers. We may merge or combine such personal information with the personal information we collect from you directly or automatically.
  • Referrals. Users of the Services may have the opportunity to refer colleagues or other contacts to us and share their contact information. Please do not provide us with someone’s contact information unless you have their permission to do so.

 

USE OF PERSONAL INFORMATION

Xima’s primary purpose in collecting personal information is to provide the Services that you request. We also use personal information for the purposes set forth below and as otherwise described in this Privacy Policy or at the time of collection.

To Provide the Services. We may use personal information to provide our Services and operate our business. For example, we use personal information to:

  • process your transactions, including purchasing products and services;
  • establish, manage, monitor, and maintain your account;
  • improve and personalize your experience on or with the Services;
  • verify your identity or determine your eligibility for offers and promotions;
  • communicate with you, including providing notices about your account or transaction and responding to any of your requests, feedback, or questions;
  • provide any contests, surveys, sweepstakes, or other promotions you participate in;
  • provide maintenance and support; and
  • fulfill any other purpose for which you provide personal information.

Research and Development. We use personal information for research and development purposes, including to study and improve the Services and our business, understand and analyze the usage trends and preferences of our users, and develop new features, functionality, products, and services. As part of these activities, we may create aggregated, de-identified, or other anonymous data from personal information we collect. We make personal information into anonymous data by removing information that makes the data personally identifiable to you. We may use this anonymous data and share it with third parties for our lawful business purposes.

Direct Marketing. We may send you Xima-related or other direct marketing communications as permitted by law, including materials, updates, information, special offers, and promotional material from us and our business partners. You may opt-out of our marketing communications as described in the “YOUR CHOICES” section below.

Interest-Based Advertising. We work with third-party advertising companies and social media companies to help us advertise our business and to display ads for our products and services. These companies may use cookies and similar technologies to collect information about you (including the online activity information and device information described above in the section called “Personal Information Automatically Collected”) over time across our Services and other websites and services or your interaction with our emails, and use that information to serve ads that they think will interest you. In addition, some of these companies may use hashed customer lists that we share with them to deliver ads to you and to similar users on their platforms. You can learn more about your choices for limiting interest-based advertising in the “YOUR CHOICES” section below.

To Comply with Laws and Regulations. We will use personal information as we believe necessary or appropriate to comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities.

For Compliance, Fraud Prevention, and Safety. We may use personal information and disclose it to law enforcement, government authorities, and private parties as we believe necessary or appropriate to: (a) maintain the safety, security, and integrity of the Services and our products and services, business, databases, and other technology assets; (b) protect our, your, or others’ rights, privacy, safety or property (including by making and defending legal claims); (c) audit our internal processes for compliance with legal and contractual requirements and internal policies; (d) enforce the terms and conditions that govern the Services; and (e) prevent, identify, investigate, and deter fraudulent, harmful, unauthorized, unethical or illegal activity, including cyberattacks and identity theft.

With Your Consent. We will disclose your personal information in accordance with your prior direction or, in some cases, we may specifically ask you for your consent to collect, use, or share your personal information, such as when required by law.

 

SHARING OF PERSONAL INFORMATION

In addition to the specific situations discussed elsewhere in this Privacy Policy or at the point of collection, Xima may share your personal information with the following entities or persons:

Related Companies. We may share your personal information with our affiliates, subsidiaries, and other related companies.

Resellers and Partners. We may share your personal information with our resellers and other sales partners for the purpose of assisting you with ordering and implementing the Services.

Service Providers. We may share your personal information with third parties who perform services on our behalf that are necessary for the orderly operation of our business. For example, we work with service providers that help us perform website hosting, maintenance services, database management, analytics, fraud protection, marketing, customer relationship management, finances, and other purposes.

Advertising Partners. We may also share personal information with third parties who we partner with for advertising campaigns or that collect information about your activity on the Services for the purposes described in the “Interest-Based Advertising” section above.

Professional Advisors. We may share personal information with persons, companies, or professional firms providing Xima with advice and consulting in accounting, administrative, legal, tax, financial, debt collection, and other matters.

Law Enforcement. Under certain circumstances, we may be required to disclose personal information to law enforcement, government authorities, and other parties if required to do so by law or in response to valid requests by public authorities (e.g., a court or a government agency).

Compliance. We may disclose personal information in the good faith belief that such action is necessary to comply with a legal obligation or for the purposes described above in the section titled “Compliance, Fraud Prevention, and Safety.”

Business Transaction Participants. We may disclose personal information to third parties in connection with any business transaction (or potential transaction) involving a merger, acquisition, sale of shares or assets, financing, consolidation, reorganization, divestiture, or dissolution of all or a portion of our business (including in connection with a bankruptcy or similar proceedings).

 

INTERNATIONAL TRANSFERS OF PERSONAL INFORMATION

Xima is based in the United States, and we have service providers in the United States and potentially other countries. Your personal information may be collected, used, and stored in these countries or other locations outside of your home country. Privacy laws in the locations where we handle your personal information may not be as protective as the privacy laws in your home country. By providing your personal information, where applicable law permits, you specifically and expressly consent to such transfer and processing and the collection, use, and disclosure set forth herein.

Users located in Europe can view more information about cross-border transfers in the section below titled “Notice to European Users.”

 

CHOICES ABOUT YOUR PERSONAL INFORMATION

You can make the following choices regarding your personal information:

Review and Request Changes to Your Personal Information. We rely on you to update and correct the personal information contained in your account. Note that we may keep historical information in our backup files as permitted by law. If the Website does not permit you to update or correct certain personal information, please submit a request to us using the contact information listed at the end of this Privacy Policy.

Marketing Emails. You may opt-out of marketing-related emails by clicking the “unsubscribe” link at the bottom of the email or by contacting us as described below. You may still receive service-related communications, such as those about your account, to fulfill orders for offers you have requested, or deliver notifications directly to you through the Services.

Text Messages. We may offer communications via text messages sent by Xima or any of our service providers, such as for customer service, multi-factor authentication, account-related purposes, or marketing purposes. To stop receiving text messages from us, reply STOP to any text message you receive from us, or send your request and mobile telephone number to the email address listed at the end of this Privacy Policy. Note that we may send you a message to confirm receipt of your STOP request.

Cookies. Most browsers let you remove and/or stop accepting cookies from the websites you visit. To do this, follow the instructions in your browser’s settings. Many browsers accept cookies by default until you change your settings. If you do not accept cookies, however, you may not be able to use all functionality of the Services and our Website may not work properly. For more information about cookies, including how to see what cookies have been set on your browser and how to manage and delete them, visit www.allaboutcookies.org.

Analytics. The Website uses Google Analytics to help us analyze how the Website is being accessed and used. You can learn more about Google Analytics cookies by clicking here and about how Google protects your data by clicking here. To opt-out of Google Analytics, you can download and install the Google Analytics Opt-out Browser Add-on, available here.

Advertising Choices. You can limit the use of your information for interest-based advertising by blocking third-party cookies in your browser settings, using browser plug-ins/extensions, and/or using your mobile device settings to limit the use of the advertising ID associated with your mobile device. You can also opt out of interest-based ads from companies participating in the following industry opt-out programs by visiting the linked websites: the Network Advertising Initiative (http://www.networkadvertising.org/managing/opt_out.asp) and the Digital Advertising Alliance (https://optout.aboutads.info). Some of the companies we work with may offer their own opt-out mechanisms. For example, you can learn more about how Google uses cookies for advertising purposes by clicking here and opt-out of ad personalization by Google by clicking here.

Many of the opt-out preferences described in this section must be set on each device and/or browser for which you want them to apply. Please note that some of the advertising companies we work with may not participate in the opt-out mechanisms described above, so even after opting-out, you may still receive interest-based advertisements from other companies. If you opt-out of interest-based advertisements, you will still see advertisements online but they may be less relevant to you.

Do Not Track. Some browsers may be configured to send “Do Not Track” signals to the online services that you visit. The Services currently do not respond to “Do Not Track” or similar signals. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.

 

CHILDREN’S PRIVACY

The Services are not intended for use by anyone under the age of 16, and we do not knowingly collect personal information from children under 16.

 

SECURITY OF PERSONAL INFORMATION

No method of transmission over the Internet, or method of electronic storage, is fully secure. While we use reasonable efforts to protect your personal information from the risks presented by unauthorized access or acquisition, we cannot guarantee the security of your personal information.

SMS MESSAGING AND 10DLC COMPLIANCE

Xima complies with all applicable laws and regulations related to 10DLC messaging, ensuring that all SMS campaigns respect consumer privacy and maintain compliance with industry standards.

Use of Consumer Data. We collect and process mobile information only for purposes essential to providing our services, such as communicating with you regarding your inquiries, transactions, and preferences. Mobile information will not be shared with third parties or affiliates for marketing or promotional purposes. Text messaging originator opt-in data and consent will not be shared with any third parties under any circumstances.

Consent and Opt-Out Rights. By opting in to receive SMS communications from Xima, you consent to receive text messages regarding our services. However, you have the right to opt out at any time. To stop receiving SMS messages at any time, you can text “STOP”. Upon receiving your opt-out request, we will promptly remove you from the messaging campaign.

Data Protection. All SMS communication data, including opt-in and opt-out records, is securely stored in a HIPAA and PCI-compliant environment to ensure the safety of your personal information. If you have any questions regarding your data or wish to exercise your rights, please contact us at legal@ximasoftware.com.

OTHER SITES AND SERVICES

The Services may contain links to other websites and online services operated by third parties. These links are not an endorsement of, or representation that we are affiliated with, any third party. In addition, our content may be included on web pages or online services that are not associated with us. We do not control third party websites or online services, and we are not responsible for their actions. Other websites and services follow different rules regarding the collection, use, and sharing of your personal information. We encourage you to read the privacy policies of the other websites and online services you use.

 

NOTICE TO CALIFORNIA RESIDENTS (SHINE THE LIGHT LAW)

Under California Civil Code sections 1798.83-1798.84, California residents who have an established business relationship with Xima are entitled to ask us for a notice describing what categories of personal information we share with third parties for the third parties’ direct marketing purposes. If you are a California resident and would like a copy of this notice, please submit your request to the email address listed in the section titled “CONTACTING US” below with “Shine the Light” in the subject line.

 

NOTICE TO NEVADA RESIDENTS

Nevada Revised Statutes Chapter 603A allows Nevada residents to opt-out of the “sale” of certain types of personal information. Subject to several exceptions, Nevada law defines “sale” to mean the exchange of certain types of personal information for monetary consideration to another person. If you are a Nevada resident who wishes to exercise your “sale” opt-out rights, you may submit a request to us using the contact information listed at the end of this Privacy Policy.

 

NOTICE TO EUROPEAN USERS

The information provided in this section applies only to individuals in the European Economic Area and the United Kingdom (collectively, “Europe”). Except as otherwise specified, references to “personal information” in this Privacy Policy are equivalent to “personal data” governed by European data protection legislation.

Controller. The controller of your personal information covered by this Privacy Policy for purposes of European data protection legislation is Xima, LLC, 10610 South Jordan Gateway, Suite 300, South Jordan, UT 84095.

Legal Bases for Processing. The legal bases of our processing of your personal information as described in this Privacy Policy will depend on the type of personal information and the specific context in which we process it. However, the legal bases we typically rely on are set out in the table below. We rely on our legitimate interests as our legal basis only where those interests are not overridden by the impact on you (unless we have your consent or our processing is otherwise required or permitted by law). If you have questions about the legal basis of how we process your personal information, contact us at legal@ximasoftware.com.

Processing Purpose (as described above in the “Use of Personal Information” section)Legal Basis
To Provide the ServicesProcessing is necessary to perform the contract governing our operation of the Services, or to take steps that you request prior to engaging our services. Where we cannot process your personal information as required to operate the Services on the grounds of contractual necessity, we process your personal information for this purpose based on our legitimate interests as further described in this Privacy Policy.
Research and DevelopmentProcessing is based on our legitimate interests in performing research and development as described in this Privacy Policy.
Direct Marketing

Processing is based on your consent where that consent is required by applicable law. Where we rely on your consent you have the right to withdraw it any time in the manner indicated when you consented or via the relevant Services.

Where such consent is not required by applicable law, we process your personal information for this purpose based on our legitimate interests in promoting our business and providing you with tailored, relevant content.

Interest-Based Advertising
To Comply with Laws and RegulationsProcessing is necessary to comply with our legal obligations.
For Compliance, Fraud Prevention, and SafetyProcessing is necessary to comply with our legal obligations or based on our legitimate interests in protecting our or others’ rights, privacy, safety, or property.
With Your ConsentProcessing is based on your consent. Where we rely on your consent you have the right to withdraw it any time in the manner indicated when you consent or via the relevant Services.

Use for New Purposes. We may use your personal information for reasons not described in this Privacy Policy where permitted by law and the reason is compatible with the purpose for which we collected it. If we need to use your personal information for an unrelated purpose, we will notify you and explain the applicable legal basis.

Retention. We will retain your personal information for as long as necessary to fulfill the purpose of collection, including for the purposes of satisfying any legal, accounting, or reporting requirements, to establish and defend legal claims, for fraud prevention purposes, or as long as required to meet our legal obligations. To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.

Your Rights. European data protection laws may give you certain rights regarding your personal information. You may ask us to take the following actions in relation to your personal information that we hold:

  • Access. Provide you with information about our processing of your personal information and give you access to your personal information.
  • Correct. Update or correct inaccuracies in your personal information.
  • Delete. Delete your personal information.
  • Port. Transfer a machine-readable copy of your personal information to you or a third party of your choice.
  • Restrict. Restrict the processing of your personal information.
  • Object. Object to our reliance on our legitimate interests as the basis of our processing of your personal information that impacts your rights.

You may submit these requests by contacting us at legal@ximasoftware.com. We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to legal restrictions. If you would like to submit a complaint about our use of your personal information or our response to your requests regarding your personal information, you may contact us or submit a complaint to the data protection regulator in your jurisdiction. In the European Economic Area, you can find your data protection regulator here. In the United Kingdom, you can find your data protection regulator here.

Cross-Border Data Transfer. If we transfer your personal information to a country outside of Europe such that we are required to apply additional safeguards to your personal information under European data protection laws, we will do so. Please contact us at legal@ximasoftware.com for further information about any such transfers or the specific safeguards applied.

 

GOOGLE LIMITED USE REQUIREMENTS

Xima CCaaS’ use and transfer to any other app of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.

 

CONTACTING US

If you have any questions or concerns about our Privacy Policy or any other privacy or security issue, please contact us at legal@ximasoftware.com.

Feature Release Webinar

Join us for an exclusive webinar as we dive into our latest product releases for IVR, MMS Messaging, and our Social Media Integration.

  • IVR (Interactive Voice Response)

  • MMS Messaging

  • Social Media Integration

Thursday, September 12, 2024 | 11:00AM ET