Privacy Policy
Updated at 2021-04-08
eSRX (“we,” “our,” or “us”) is committed to protecting your privacy. This Privacy Policy explains how your personal information is collected, used, and disclosed by the eCPTED mobile app. This Privacy Policy applies tothe eSRX website and its associated subdomains (collectively, our “Service”) alongside our application, the eCPTED mobile app. By accessing or using our Service, you signify that you have read, understood, and agree toour collection, storage, use, and disclosure of your personal information as described in this Privacy Policy and ourTerms of Service.
Definitions and Key Terms
To help explain things as clearly as possible in this Privacy Policy, every time any of these terms are referenced,are strictly defined as:
-
Cookie: small amount of data generated by a website and saved by your web browser. It is used to identify your browser, provide analytics, remember information about you, such as your language preference or login information.
-
Company: when this policy mentions “Company,” “we,” “us,” or “our,” it refers to eSRX, which is responsible for your information under this Privacy Policy.
-
Country: where the eCPTED mobile app or the owners/founders of the eCPTED mobile app are based, in this case, is the United States.
-
Customer: refers to the company, organization, or person who signs up to use the eCPTED Service to manage the relationships with your consumers or service users.
-
Device: any internet-connected device such as a phone, tablet, computer or any other device that canbe used to visit the eCPTED mobile app and use the services.
-
IP address: every device connected to the internet is assigned a number known as an Internet Protocol (IP) address. These numbers are usually assigned in geographic blocks. An IP address can often be used to identify the location from which a device is connecting to the internet.
-
Personnel: refers to those individuals who are employed by the eCPTED mobile app or are undercontract to perform a service on behalf of one of the parties.
-
Personal Data: any information that directly, indirectly, or in connection with other information —including a personal identification number — allows for the identification or identifiability of a natural person.
-
Service: refers to the service provided by the eCPTED mobile app as described in the relative terms (if available) and on this platform.
-
Third-party service: refers to hosting and marketing partners, and others who provide our contentor whose products or services we think may interest you.
-
Website: the eCPTED mobile app’s site, which can be accessed via https://e-srx.com.
-
You: a person or entity that is registered with the eCPTED mobile app to use the Services.
What Information Do We Collect?
We collect information from you when you visit our app, register on our site, place an order, subscribe to ournewsletter, respond to a survey or fill out a form.
-
Debit/credit card numbers for payment purposes only.
-
Age, to ensure that the eCPTED mobile app reaches its designed target audiences: owners of physical property, such as residences, businesses or other physical locations need of CPTED assessments.
We also collect information from mobile devices for a better user experience, although these features are entirely optional:
-
Location (GPS): Location data helps to create an accurate representation of your site’s location in order to ensure we provide you with the most accurate assessment possible.
How Do We Use the Information We Collect?
Any of the information we collect from you may be used in one of the following ways:
-
To improve our app (we continually strive to improve our app offerings based on the information and feedback we receive from you).
-
To improve customer service (your information helps us to more effectively respond to your customer service requests and support needs).
-
To process transactions.
When Does the eCPTED Mobile App Use End User Information from Third Parties?
The eCPTED mobile app will collect only the minimum End User Data necessary to provide the eCPTED mobile app services to our customers. We will never request additional information from you via the eCPTED app, email or phone. We do not collect information from your social media websites, nor will we broadcast any End UserData on any social media site.
When Does the eCPTED Mobile App Use Customer Information from Third Parties?
We receive some information from the third parties when you contact us. For example, when you submit your email address to establish your log-in credentials and your credit card information to pay for services, we may receive information from a third party that provides automated fraud detection services for the eCPTED mobile app. Rest assured, we will never collect information about End Users that is publicly available on social media websites.
Do we share the information we collect with third parties?
We engage trusted third-party service providers to perform functions and provide services to us, such as hosting and maintaining our servers and the app, database storage and management, email management, and credit card processing. We will only share your personal information with these third parties to enable them to perform these services for you and for us. We may share portions of our log file data, including IP addresses, for analytics purposes with third parties such as web analytics partners, application developers, and ad networks. If your IP address is shared, it may be used to estimate general location and other technographics such as connection speed, whether you have visited the app in a shared location, and the type of device used to visit the app.
We will only disclose personal information about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate in order to respond to claims, legal process (including subpoenas), to protect our rights and interests or those of a third party, the safety of the public or any person, to prevent or stop any illegal, unethical, or legally actionable activity, or to otherwise comply with applicable court orders, laws, rules and regulations.
Where and When is Information Collected from Customers and End Users?
The eCPTED mobile app will collect personal information that you submit to us. We may also receive personalinformation about you from third parties as described above.
How Do We Use Your Email Address?
When you submit your email address on this app, it is only used to establish a login credential — Nothing else. No emails will be issued to you advertising other products and services either from third parties or us. We do not send unsolicited commercial emails because we hate spam as much as you do.
How Long Do We Keep Your Information?
We keep your information only so long as we need it to provide the eCPTED mobile app to you and fulfill the purposes described in this policy. This is also the case for anyone that we share your information with and who carries out services on our behalf. When we no longer need to use your information and there is no need for us to keep it to comply with our legal or regulatory obligations; we will either remove it from our systems or depersonalize it so that we can't identify you.
How Do We Protect Your Information?
We implement a variety of security measures to maintain the safety of your personal information when you place an order or enter, submit, or access your personal information. Our hosting service offers the use of a secure server. All supplied sensitive/credit information is transmitted via Secure Socket Layer (SSL) technology and then encrypted into our Payment gateway providers database only to be accessible by those authorized with special access rights to such systems, and are required to keep the information confidential. After a transaction, your private information (credit cards, social security numbers, financials, etc.) is never kept on file. We cannot, however, ensure or warrant the absolute security of any information you transmit to the eCPTED mobile app or guarantee that your information on the Service may not be accessed, disclosed, altered, or destroyed by a breach of any of our physical, technical, or managerial safeguards.
Could My Information be Transferred to Other Countries?
E-SRX, the designer and implementer of the eCPTED mobile app, is registered in the United States. Information collected via our website, through direct interactions with you, or from the use of our help services may be hosted on third-party servers located anywhere in the world, including countries that may not have laws of general applicability regulating the use and transfer of such data. To the fullest extent allowed by applicable law, by using any of the above, you voluntarily consent to the trans-border transfer and hosting of such information.
Is the information Collected Through the eCPTED Mobile App Secure?
We take precautions to protect the security of your information. We have physical, electronic, and managerial procedures to help safeguard, prevent unauthorized access, and correctly use your information while our third-party hosting service maintains data security. However, neither people nor security systems are foolproof, including encryption systems. Therefore, while we use reasonable efforts to protect your personal information, we cannot guarantee its absolute security. If applicable law imposes any non-disclaimable duty to protect your personal information, you agree that intentional misconduct will be the standards used to measure our compliance with that duty.
Can I Update or Correct My Information?
The rights you have to request updates or corrections to the information collected by the eCPTED mobile app depends on your relationship with eSRX.
Customers have the right to request the restriction of certain uses and disclosures of personally identifiable information as follows. You can contact us in order to (1) update or correct your personally identifiable information or (2) delete the personally identifiable information maintained about you on our systems (subject to the following paragraph) by cancelling your account.
Such updates, corrections, changes and deletions will have no effect on other information that we maintain or information that we have provided to third parties in accordance with this Privacy Policy prior to such update, correction, change or deletion. To protect your privacy and security, we may take reasonable steps (such as requesting a unique password) to verify your identity before granting you profile access or making corrections. You are responsible for maintaining the secrecy of your unique password and account information at all times.You should be aware that it is not technologically possible to remove each and every record of the information you have provided to us from our system. The need to back up our systems to protect information from inadvertent loss means that a copy of your information may exist in a non-erasable form that will be difficult or impossible for us to locate.
Promptly after receiving your request, all personal information stored in databases we actively use, and other readily searchable media will be updated, corrected, changed or deleted, as appropriate, as soon as and to the extent reasonably and technically practicable. If you are an end-user and wish to update, delete, or receive any information we have about you, you may do so by contacting the organization of which you are a customer.
Sale of Business
We reserve the right to transfer information to a third party in the event of a sale, merger or other transfer of all or substantially all of the assets of the creators and administrators of the eCPTED mobile app or any of its Corporate Affiliates (as defined herein), or that portion of e-SRX or any of its Corporate Affiliates to which the Service relates, or in the event that we discontinue our business or file a petition or have filed against us a petition in bankruptcy, reorganization or similar proceeding, provided that the third party agrees to adhere to the terms of this Privacy Policy.
Affiliates
We may disclose information (including personal information) about you to our Corporate Affiliates. For purposes of this Privacy Policy, "Corporate Affiliate" means any person or entity which directly or indirectly controls, is controlled by or is under common control with the eCPTED mobile app, whether by ownership or otherwise. Any information relating to you that we provide to our Corporate Affiliates will be treated by those Corporate Affiliates in accordance with the terms of this Privacy Policy.
Governing Law
The laws of the United States govern this Privacy Policy without regard to its conflict of laws provision. You consent to the exclusive jurisdiction of the courts in connection with any action or dispute arising between the parties under or in connection with this Privacy Policy except for those individuals who may have rights to make claims under the Privacy Shield or the Swiss-US framework.
The laws of the United States, excluding its conflicts of law rules, shall govern this Agreement and your use of the app.
Your use of the app may also be subject to other local, state, national, or international laws. By using the eCPTED mobile app or contacting us directly, you signify your acceptance of this Privacy Policy. If you do not agree to this Privacy Policy, you should not engage with our website or use our services. Continued use of the website, direct engagement with us, or following the posting of changes to this Privacy Policy that do not significantly affect the use or disclosure of your personal information will mean that you accept those changes.
Your Consent
We've updated our Privacy Policy to provide you with complete transparency into what is being set when you visit our site and how it's being used. By using our app, registering an account, or making a purchase, you hereby consent to our Privacy Policy and agree to its terms.
Links to Other Websites
This Privacy Policy applies only to the Services. The Services does not contain links to other websites not operated or controlled by the eCPTED mobile app.
Cookies
The eCPTED mobile app does not use "cookies" to identify the areas of our website that you have visited.
Payment Details
In respect to any credit card or other payment processing details you have provided us, we commit that this confidential information will be stored in the most secure manner possible.
Kids' Privacy
We do not address anyone under the age of 18. We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian aware that your child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from anyone under the age of 18 without verification of parental consent, We take steps to remove that information from our servers.
Changes to Our Privacy Policy
We may change our Service and policies, and we may need to make changes to this Privacy Policy to reflect our Service and policies accurately. Unless otherwise required by law, we will notify you (for example, through our Service) before we make changes to this Privacy Policy and give you an opportunity to review them before they go into effect. Then, if you continue to use the Service, you will be bound by the updated Privacy Policy. If you do not want to agree to this or any updated Privacy Policy, you can delete your account.
Third-Party Services
We will not display, include or make available third-party content (including data, information, applications andother products services) or provide links to third-party websites or services ("Third- Party Services"). You acknowledge and agree that eCPTED shall not be responsible for any Third-Party Services, including their accuracy, completeness, timeliness, validity, copyright compliance, legality, decency, quality or any other aspect thereof. eCPTED does not assume and shall not have any liability or responsibility to you or any other person orentity for any Third-Party Services. Third-Party Services and links thereto are provided solely as a convenience to you, and you access and use them entirely at your own risk and subject to such third parties' terms and conditions.
Information for California Residents
The California Consumer Privacy Act (CCPA) requires us to disclose categories of Personal Information we collect and how we use it, the categories of sources from whom we collect Personal Information, and the third parties with whom we share it, which we have explained above. We are also required to communicate information about rights California residents have under California law. You may exercise the following rights:
-
Right to Know and Access. You may submit a verifiable request for information regarding the: (1) categories of Personal Information we collect, use, or share; (2) purposes for which categories of Personal Information are collected or used by us; (3) categories of sources from which we collect Personal Information; and (4) specific pieces of Personal Information we have collected about you.
-
Right to Equal Service. We will not discriminate against you if you exercise your privacy rights.
-
Right to Delete. You may submit a verifiable request to close your account, and we will delete Personal Information about you that we have collected.
-
Request that a business that sells a consumer's personal data not sell the consumer's personal data. If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us. We do not sell the Personal Information of our users. For more information about these rights, please contact us.
California Online Privacy Protection Act (CalOPPA)
CalOPPA requires us to disclose categories of Personal Information we collect and how we use it, the categories of sources from whom we collect Personal Information, and the third parties with whom we share it, which we have explained above. CalOPPA users have the following rights:
-
Right to Know and Access. You may submit a verifiable request for information regarding the: (1) categories of Personal Information we collect, use, or share; (2) purposes for which categories of Personal Information are collected or used by us; (3) categories of sources from which we collect Personal Information; and (4) specific pieces of Personal Information we have collected about you.
-
Right to Equal Service. We will not discriminate against you if you exercise your privacy rights.
-
Right to Delete. You may submit a verifiable request to close your account, and we will delete Personal Information about you that we have collected.
-
Right to request that a business that sells a consumer's personal data not sell the consumer's personal data. If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us. We do not sell the Personal Information of our users. For more information about these rights, please contact us.
Contact Us
Don't hesitate to contact us if you have any questions.
-
Via Email: info@e-SRX.com
-
Via Phone Number: (301) 466-0759
Privacy Policy information for Residents in the European Economic Area
Information about General Data Protection Regulation (GDPR)
We may be collecting and using information from you if you are from the European Economic Area (EEA). In this section of our Privacy Policy, we will explain exactly how and why this data is collected and how we maintain this data under protection from being replicated or used in the wrong way.
What is GDPR?
GDPR is an EU-wide privacy and data protection law that regulates how EU residents' data is protected by companies and enhances the control the EU residents have over their personal data.
The GDPR is relevant to any globally operating company and not just the EU-based businesses and EU residents. Our customers’ data is important irrespective of where they are located, which is why we have implemented GDPR controls as our baseline standard for all our operations worldwide.
What is personal data?
Any data that relates to an identifiable or identified individual. GDPR covers a broad spectrum of information that could be used on its own, or in combination with other pieces of information, to identify a person. Personal data extends beyond a person’s name or email address. Some examples include financial information, political opinions, genetic data, biometric data, IP addresses, physical addresses, sexual orientation, and ethnicity.
The Data Protection Principles include requirements such as:
-
Personal data collected must be processed in a fair, legal, and transparent way and should only be used in a way that a person would reasonably expect.
-
Personal data should only be collected to fulfil a specific purpose, and it should only be used for that purpose. Organizations must specify why they need the personal data when they collect it.
-
Personal data should be held no longer than necessary to fulfil its purpose.
-
People covered by the GDPR have the right to access their own personal data. They can also request a copy of their data and that their data be updated, deleted, restricted, or moved to another organization.
Why is GDPR important?
GDPR adds some new requirements regarding how companies should protect individuals' personal data that they collect and process. It also raises the stakes for compliance by increasing enforcement and imposing greater fines for breach. Beyond these facts, it's simply the right thing to do. At e-SRX, we firmly believe that your data privacy is paramount, and we already have solid security and privacy practices in place that go beyond the requirements of this new regulation.
Individual Data Subject's Rights - Data Access, Portability and Deletion
We are committed to helping our customers meet the data subject rights requirements of GDPR. The eCPTED mobile app processes or stores all personal data in fully vetted, DPA compliant vendors. We do store all conversation and personal data for up to six (6) years unless your account is deleted. In which case, we dispose of all data in accordance with our Terms of Service and Privacy Policy, but we will not hold it longer than 60 days.
We are aware that if you are working with EU customers, you need to be able to provide them with the ability to access, update, retrieve and remove personal data. We got you! We've been set up as self-service from the start and have always given you access to your data and your customers' data. Our customer support team is here for you to answer any questions you might have about working with the API.