Last Updated June 15, 2023
- COLLECTION OF PERSONAL INFORMATION
- USE OF PERSONAL INFORMATION
- SHARING OF PERSONAL INFORMATION
- INTERNATIONAL TRANSFERS OF PERSONAL INFORMATION
- CHOICES ABOUT YOUR PERSONAL INFORMATION
- CHILDREN’S PRIVACY
- SECURITY OF PERSONAL INFORMATION
- OTHER SITES AND SERVICES
- NOTICE TO CALIFORNIA RESIDENTS (SHINE THE LIGHT LAW)
- NOTICE TO NEVADA RESIDENTS
- NOTICE TO EUROPEAN USERS
- CONTACTING US
COLLECTION OF PERSONAL INFORMATION
- Contact details, such as first and last name, email address, phone number, account name or username, and social media handle.
- Account information, such as your log-in details, information that you store in your account, and other details about your use of the Services.
- Professional information, such as company name, job title, company location, email, and phone, and other details we may collect about the company.
- Payment information, such as bank account number, credit or debit card number, or financial account details used for payments. All payment processing services connected with your use of the Services are provided to you by third-party payment processors. Xima does not access or keep information related to credit cards, banking information, or other sensitive financial information.
- Order history, such as records of products and services you have purchased from us.
- Transaction and billing data, such as payment amounts and payment methods used to complete transactions, and other relevant information about the financial institutions you use to conduct business.
- Preferences, such as any preferences you set in your account and any marketing or communications preferences.
- Survey responses, such as the information you provide in response to our surveys, questionnaires, or contests.
- Communications, such as the information associated with your requests or inquiries, including for support, assistance, or order information, and any feedback you provide when you communicate with us.
- Online activity information, such as the website you visited before browsing to the Service, pages or screens you viewed, how long you spent on a page or screen, navigation paths between pages or screens, information about your activity on a page or screen, access times, and duration of access.
- Device information, such as your computer or mobile device operating system type and version number, wireless carrier, manufacturer and model, browser type, screen resolution, IP address, unique identifiers, and general location information such as city, state, or geographic area.
Unless we specifically request it, we ask that you not provide us with any sensitive personal information (e.g., information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background or trade union membership) on or through the Services, or otherwise to us.
Sources of Personal Information. We obtain personal information from a variety of sources, including the following sources:
- Personal Information You Provide. Xima collects personal information when you voluntarily submit it to us, such as when you fill out a form on the Website or communicate with us.
- Cookies, which are text files that websites store on a visitor’s device to uniquely identify the visitor’s browser or to store information or settings in the browser for the purpose of helping you navigate between pages efficiently, remembering your preferences, enabling functionality, helping us understand user activity and patterns, and facilitating online advertising.
- Flash cookies, or locally-stored objects, which are used on websites for purposes similar to cookies but allow storage of a larger amount of data.
- Web beacons, also known as pixel tags or clear GIFs, which are typically used to demonstrate that a webpage or email was accessed or opened, or that certain content was viewed or clicked, typically to compile statistics about usage of websites and the success of marketing campaigns.
- Personal Information Obtained from Third Parties. Xima may receive personal information from third parties, such as our service providers, resellers, advertising partners, data analytics partners, operating systems and platforms, social media platforms, event sponsors, publicly available sources, or data providers. We may merge or combine such personal information with the personal information we collect from you directly or automatically.
- Referrals. Users of the Services may have the opportunity to refer colleagues or other contacts to us and share their contact information. Please do not provide us with someone’s contact information unless you have their permission to do so.
USE OF PERSONAL INFORMATION
To Provide the Services. We may use personal information to provide our Services and operate our business. For example, we use personal information to:
- process your transactions, including purchasing products and services;
- establish, manage, monitor, and maintain your account;
- improve and personalize your experience on or with the Services;
- verify your identity or determine your eligibility for offers and promotions;
- communicate with you, including providing notices about your account or transaction and responding to any of your requests, feedback, or questions;
- provide any contests, surveys, sweepstakes, or other promotions you participate in;
- provide maintenance and support; and
- fulfill any other purpose for which you provide personal information.
Research and Development. We use personal information for research and development purposes, including to study and improve the Services and our business, understand and analyze the usage trends and preferences of our users, and develop new features, functionality, products, and services. As part of these activities, we may create aggregated, de-identified, or other anonymous data from personal information we collect. We make personal information into anonymous data by removing information that makes the data personally identifiable to you. We may use this anonymous data and share it with third parties for our lawful business purposes.
Direct Marketing. We may send you Xima-related or other direct marketing communications as permitted by law, including materials, updates, information, special offers, and promotional material from us and our business partners. You may opt-out of our marketing communications as described in the “YOUR CHOICES” section below.
To Comply with Laws and Regulations. We will use personal information as we believe necessary or appropriate to comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities.
For Compliance, Fraud Prevention, and Safety. We may use personal information and disclose it to law enforcement, government authorities, and private parties as we believe necessary or appropriate to: (a) maintain the safety, security, and integrity of the Services and our products and services, business, databases, and other technology assets; (b) protect our, your, or others’ rights, privacy, safety or property (including by making and defending legal claims); (c) audit our internal processes for compliance with legal and contractual requirements and internal policies; (d) enforce the terms and conditions that govern the Services; and (e) prevent, identify, investigate, and deter fraudulent, harmful, unauthorized, unethical or illegal activity, including cyberattacks and identity theft.
With Your Consent. We will disclose your personal information in accordance with your prior direction or, in some cases, we may specifically ask you for your consent to collect, use, or share your personal information, such as when required by law.
SHARING OF PERSONAL INFORMATION
Related Companies. We may share your personal information with our affiliates, subsidiaries, and other related companies.
Resellers and Partners. We may share your personal information with our resellers and other sales partners for the purpose of assisting you with ordering and implementing the Services.
Service Providers. We may share your personal information with third parties who perform services on our behalf that are necessary for the orderly operation of our business. For example, we work with service providers that help us perform website hosting, maintenance services, database management, analytics, fraud protection, marketing, customer relationship management, finances, and other purposes.
Advertising Partners. We may also share personal information with third parties who we partner with for advertising campaigns or that collect information about your activity on the Services for the purposes described in the “Interest-Based Advertising” section above.
Professional Advisors. We may share personal information with persons, companies, or professional firms providing Xima with advice and consulting in accounting, administrative, legal, tax, financial, debt collection, and other matters.
Law Enforcement. Under certain circumstances, we may be required to disclose personal information to law enforcement, government authorities, and other parties if required to do so by law or in response to valid requests by public authorities (e.g., a court or a government agency).
Compliance. We may disclose personal information in the good faith belief that such action is necessary to comply with a legal obligation or for the purposes described above in the section titled “Compliance, Fraud Prevention, and Safety.”
Business Transaction Participants. We may disclose personal information to third parties in connection with any business transaction (or potential transaction) involving a merger, acquisition, sale of shares or assets, financing, consolidation, reorganization, divestiture, or dissolution of all or a portion of our business (including in connection with a bankruptcy or similar proceedings).
INTERNATIONAL TRANSFERS OF PERSONAL INFORMATION
Xima is based in the United States, and we have service providers in the United States and potentially other countries. Your personal information may be collected, used, and stored in these countries or other locations outside of your home country. Privacy laws in the locations where we handle your personal information may not be as protective as the privacy laws in your home country. By providing your personal information, where applicable law permits, you specifically and expressly consent to such transfer and processing and the collection, use, and disclosure set forth herein.
Users located in Europe can view more information about cross-border transfers in the section below titled “Notice to European Users.”
CHOICES ABOUT YOUR PERSONAL INFORMATION
You can make the following choices regarding your personal information:
Marketing Emails. You may opt-out of marketing-related emails by clicking the “unsubscribe” link at the bottom of the email or by contacting us as described below. You may still receive service-related communications, such as those about your account, to fulfill orders for offers you have requested, or deliver notifications directly to you through the Services.
Cookies. Most browsers let you remove and/or stop accepting cookies from the websites you visit. To do this, follow the instructions in your browser’s settings. Many browsers accept cookies by default until you change your settings. If you do not accept cookies, however, you may not be able to use all functionality of the Services and our Website may not work properly. For more information about cookies, including how to see what cookies have been set on your browser and how to manage and delete them, visit www.allaboutcookies.org.
Analytics. The Website uses Google Analytics to help us analyze how the Website is being accessed and used. You can learn more about Google Analytics cookies by clicking here and about how Google protects your data by clicking here. To opt-out of Google Analytics, you can download and install the Google Analytics Opt-out Browser Add-on, available here.
Many of the opt-out preferences described in this section must be set on each device and/or browser for which you want them to apply. Please note that some of the advertising companies we work with may not participate in the opt-out mechanisms described above, so even after opting-out, you may still receive interest-based advertisements from other companies. If you opt-out of interest-based advertisements, you will still see advertisements online but they may be less relevant to you.
Do Not Track. Some browsers may be configured to send “Do Not Track” signals to the online services that you visit. The Services currently do not respond to “Do Not Track” or similar signals. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.
The Services are not intended for use by anyone under the age of 16, and we do not knowingly collect personal information from children under 16.
SECURITY OF PERSONAL INFORMATION
No method of transmission over the Internet, or method of electronic storage, is fully secure. While we use reasonable efforts to protect your personal information from the risks presented by unauthorized access or acquisition, we cannot guarantee the security of your personal information.
OTHER SITES AND SERVICES
The Services may contain links to other websites and online services operated by third parties. These links are not an endorsement of, or representation that we are affiliated with, any third party. In addition, our content may be included on web pages or online services that are not associated with us. We do not control third party websites or online services, and we are not responsible for their actions. Other websites and services follow different rules regarding the collection, use, and sharing of your personal information. We encourage you to read the privacy policies of the other websites and online services you use.
NOTICE TO CALIFORNIA RESIDENTS (SHINE THE LIGHT LAW)
Under California Civil Code sections 1798.83-1798.84, California residents who have an established business relationship with Xima are entitled to ask us for a notice describing what categories of personal information we share with third parties for the third parties’ direct marketing purposes. If you are a California resident and would like a copy of this notice, please submit your request to the email address listed in the section titled “CONTACTING US” below with “Shine the Light” in the subject line.
NOTICE TO NEVADA RESIDENTS
NOTICE TO EUROPEAN USERS
|Processing Purpose (as described above in the “Use of Personal Information” section)||Legal Basis|
Processing is based on your consent where that consent is required by applicable law. Where we rely on your consent you have the right to withdraw it any time in the manner indicated when you consented or via the relevant Services.
Where such consent is not required by applicable law, we process your personal information for this purpose based on our legitimate interests in promoting our business and providing you with tailored, relevant content.
|To Comply with Laws and Regulations||Processing is necessary to comply with our legal obligations.|
|For Compliance, Fraud Prevention, and Safety||Processing is necessary to comply with our legal obligations or based on our legitimate interests in protecting our or others’ rights, privacy, safety, or property.|
|With Your Consent||Processing is based on your consent. Where we rely on your consent you have the right to withdraw it any time in the manner indicated when you consent or via the relevant Services.|
Retention. We will retain your personal information for as long as necessary to fulfill the purpose of collection, including for the purposes of satisfying any legal, accounting, or reporting requirements, to establish and defend legal claims, for fraud prevention purposes, or as long as required to meet our legal obligations. To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.
Your Rights. European data protection laws may give you certain rights regarding your personal information. You may ask us to take the following actions in relation to your personal information that we hold:
- Access. Provide you with information about our processing of your personal information and give you access to your personal information.
- Correct. Update or correct inaccuracies in your personal information.
- Delete. Delete your personal information.
- Port. Transfer a machine-readable copy of your personal information to you or a third party of your choice.
- Restrict. Restrict the processing of your personal information.
- Object. Object to our reliance on our legitimate interests as the basis of our processing of your personal information that impacts your rights.
You may submit these requests by contacting us at firstname.lastname@example.org. We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to legal restrictions. If you would like to submit a complaint about our use of your personal information or our response to your requests regarding your personal information, you may contact us or submit a complaint to the data protection regulator in your jurisdiction. In the European Economic Area, you can find your data protection regulator here. In the United Kingdom, you can find your data protection regulator here.
Cross-Border Data Transfer. If we transfer your personal information to a country outside of Europe such that we are required to apply additional safeguards to your personal information under European data protection laws, we will do so. Please contact us at email@example.com for further information about any such transfers or the specific safeguards applied.
GOOGLE LIMITED USE REQUIREMENTS
Xima CCaaS’ use and transfer to any other app of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.