LAST UPDATED November 28, 2022
Regulatory Statement:Changing privacy regulations, like the EU General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), impose additional requirements upon companies to strengthen the security around and enhance the protection of an individuals’ Personal Data. UVA Software LLC has a dedicated team overseeing Uva Software LLC's privacy and security readiness.
Privacy Notice: Uva Software LLC is committed to protecting the privacy of those involved in its business. Our Privacy Notice is meant to help you understand, among other things, how we process data. We use it only as described in this policy and for no other purpose.
Uva Software, LLC and its affiliated companies and subsidiaries (“Uva Software, LLC”) are committed to protecting the information relating to you that you share with us (“Personal Data”). This includes our customers and visitors of the Uva Software, LLC website(s), our business partners, and individuals who register to use our products and services (“Customers”). This Privacy Notice (“Privacy Notice”) describes our privacy practices in relation to the use of Uva Software, LLC websites (including any customer portal or interactive website), our software, services, and related applications, and programs offered by Uva Software, LLC (the “Services”). This Privacy Notice also describes how we collect, access, use, disclose, correct, and otherwise process Personal Data to provide our Services and to generally operate our business (“Sites”).
Uva Software LLC is the owner of Scanii, which is a software service that processes your incoming files to identify unsafe content.
Information We Collect About You
Uva Software LLC collects information as part of its normal business operations and in the administration of Customer relationships, which may include Personal Data.
Business Contact and Customer Relationship Management. We collect and maintain information about our Customers, which may include company name, business contact name and title, phone number, email and other contact details. We may also collect billing address, financial account, credit card information (which is currently processed through Stripe and the information is not held by Uva Software LLC), order details, subscription and license information, and usage details. In addition, we collect user credential and profile data (name, contact, authorized users).
Data Submitted on Sites. In order to enjoy the full functionality of the Sites or to conduct business with us, you may be prompted to provide certain Personal Data to us:
- by filling in forms (for example, a “Contact Us” form) on our Sites;
- by downloading or accessing the Uva Software LLC Services/Scanii; or
- by corresponding with us by phone, e-mail or otherwise using our contact details.
Typically, the Personal Data includes name, business affiliation, business address, telephone number, and email address, and any other personal details provided or required to resolve inquiries or complaints.
Customer Support and Service. When Customers contact us for support or other customer service requests, we maintain support tickets and other records related to the requests. We may also collect call recordings related to support and customer service-related calls.
Usage Details. We collect information about Customers’ usage of our Services, including IP address, Customer ID, email address, and other usage statistics. We do not collect usage details about Customer end users, except as necessary to provide and support the Services requested by Customers.
We do use persistent first-party cookies to store certain preferences, make it easier for you to use our applications and support some in-house analytics. These settings can be adjusted within your own browser at any time.
Information We DO NOT Collect
We do not collect any characteristics of protected classifications including age, gender, religion, sexual orientation, gender identity, gender expression, or physical and mental abilities or disabilities.
Accessing or Sharing Your Information
In general, our practice is to not access your information and we will never sell your information. In fact, the only times we would ever access or share your info are:
To deliver the products and/or services that you, our customer, have requested. We have entered into DPAs with all third-party sub-processors that support the delivery of our products and services, therefore this same personal data (email, name, company name) may also be shared with our public list of sub processors.
To assist you in troubleshooting or to fix a software bug when you reach out to us for support.
To investigate, prevent, or take action regarding illegal activities.
In response to lawful requests by public authorities, for law enforcement or national security reasons, or when such action is necessary to comply with a judicial proceeding to court order, or when otherwise required by law.
Business Transfers. Uva Software LLC may disclose Personal Data in connection with, or during the negotiation, of any merger or sale of company assets, financing, acquisition, dissolution, corporate reorganization or similar event. We will inform any buyer that your Personal Data shall only be used in accordance with this Privacy Notice.
International Transfers of Personal Data
Transfers outside of the EU. If Personal Data is transferred outside the EU to other Uva Software LLC group companies or to third-party service providers, we will take steps to ensure that your Personal Data receives the same level of protection as if it remained within the EU. This includes entering into data transfer agreements, using the European Commission approved Standard Contractual Clauses. For transfers to other Uva Software LLC group companies in the United States (a country that has not received a decision from the European Commission determining that the United States provides adequate protection to Personal Data), we have put in place European Commission approved Standard Contractual Clauses, which protect Personal Data transferred between Uva Software LLC entities. You have a right to obtain details of the mechanism under which your Personal Data is transferred outside of the EU by contacting email@example.com.
We contractually require agents, service providers, and affiliates who may process Personal Data related to the Services to provide the same level of protections for Personal Data as required under the Principles. Uva Software LLC currently does not transfer Personal Data to a third party for the third party’s own use, but only for Uva Software LLC’ purposes as outlined above. Uva Software LLC will remain liable under the Principles if one of its third-party processors processes Personal Data in a manner inconsistent with the Principles, if we are responsible for the event giving rise to the damage.
Vendor Data Protection Requirements. Uva Software LLC recognizes that the use of third-party vendors must be properly managed. Before entering into third party relationships, we take deliberate steps to conduct an assessment of risk related to the vendor relationship. We take care to understand the compliance, reputational, strategic, operational, and transactional risks relating to a particular vendor before entering into a contractual relationship.
Any vendor who has access to Personal Data is expected to demonstrate their security policies, processes, and procedures and prove that they are able to provide adequate protection of such data, including against misuse or compromise.
Sub-processors located in the United States include:
Amazon Web Services: Cloud services provider
Stripe: Payment processing services
Help Scout: Helpdesk software
Microsoft: Cloud services provider
The Sites, Services and portal are not for use by children under the age of 16 years and Uva Software, LLC does not knowingly collect, store, share or use the Personal Data of children under 16 years. If you are under the age of 16 years, please do not provide any Personal Data to Uva Software LLC, even if prompted to do so. If you are under the age of 16 years and you have provided Personal Data, please ask your parent(s) or guardian(s) to notify Uva Software LLC, and Uva Software LLC will delete all such Personal Data.
Where lawful to do so, and subject to your consent where required, we may communicate with Customers (and related business contacts) about our Services. If you wish to unsubscribe from receiving marketing communications, please update your preferences in your www.scanii.com account page.
Uva Software LLC maintains (and requires its service providers to maintain) appropriate organizational and technical measures designed to protect the security and confidentiality of Personal Data we process. However, no environment or security procedures or protocols are ever guaranteed to be 100% secure or error-free. Accordingly, we cannot be held responsible for unauthorized or unintended access that is beyond our control. We encourage you to take care when disclosing Personal Data online and use readily available tools and security measures to protect yourself online.
Check out Scanii’s Security Overview for additional details.
Retention of Your Personal Data
We apply a general rule of keeping Personal Data for as long as it is required to fulfill the purposes for which it was collected. In some circumstances, however, we may retain Personal Data for other periods of time, including where we are required to do so in accordance with legal, tax and accounting requirements or if required to do so by a legal process, legal authority, or other governmental entity capable of making this request.
In specific circumstances, we may also retain your Personal Data for longer periods of time, which may correspond to a statute of limitations, so that we have an accurate record of your dealings with us in the event of any complaints or challenges.
The Sites may contain links to third-party sites. Since Uva Software LLC does not control nor is responsible for the privacy practices of those websites, we encourage you to review the privacy policies of these third-party sites. This Privacy Notice applies solely to Personal Data collected by our Sites or in the course of our business activities.
Your Privacy Rights and Choices
Individuals have the right to access the Personal Data processed about them, subject to applicable law; individuals may request to access their Personal Data processed by us by contacting us.
Subject to applicable law, you may also have some or all of the following rights available to you as to your Personal Data:
- to obtain a copy of your Personal Data together with information about how and on what basis that Personal Data is processed;
- to rectify inaccurate Personal Data (including the right to have incomplete Personal Data completed);
- in limited circumstances, to port your data in machine-readable format to a third party (or to you) when we justify our processing on the basis of your consent or the performance of a contract with you;
- to erase your Personal Data (in limited circumstances, such as where it is no longer necessary in relation to the purposes for which it was collected or processed);
- to restrict processing of your Personal Data under certain circumstances;
- to withdraw your consent to our processing of your Personal Data (where that processing is based on your consent); and
- to obtain or see a copy of the appropriate safeguards under which your Personal Data is transferred to a third country or international organization.
In addition to the above rights, EU data protection law provides applicable individuals the right to object to processing of your Personal Data for which we have justified based on a legitimate interest, including profiling (as opposed to your consent) or to perform a contract with you. You also have the right to object at any time to any processing of your Personal Data for direct marketing purposes, including profiling for marketing purposes.
You also have the right to lodge a complaint with your local supervisory authority for data protection.
To exercise such rights, please contact us at firstname.lastname@example.org. Please note that we may request proof of identity, and we reserve the right to charge a fee where permitted by law, especially if your request is manifestly unfounded or excessive. We will endeavor to respond to your request within all applicable timeframes.
If you contact us regarding Customer Data for which we are a data processor, we will attempt to refer your request to the relevant Customer, and data controller for your Personal Data.
California Consumer Privacy Act (CCPA)
Uva Software, LLC provides services to other businesses, and in doing so we may collect and process Customer Data on behalf of our business customers, including Personal Data about California residents; in doing so, Uva Software, LLC is a service provider under the CCPA. As a service provider, we will collect and process Customer Data on behalf of a customer to provide the services for which that customer has engaged us, in accordance with our contract with such customer. The Uva Software, LLC Data Processing Addendum, which we enter into with customers, contains terms addressing our role and obligations as a service provider under the CCPA. If you’d like to exercise your rights under the CCPA with respect to your Personal Data we hold as a service provider for a customer, you should contact that customer directly.
If you have a question or would like to submit a request related to the Personal Data (other than Customer Data) we collect related to our business-to-business relationship with you or your company, please email email@example.com.
Privacy Shield Policy
Despite recent rulings, Uva Software, LLC continues to be committed to and comply with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of Personal Data transferred from the European Union, the United Kingdom and Switzerland to the United States.
Uva Software, LLC is subject to the investigatory and enforcement jurisdiction of the Federal Trade Commission (FTC) with regard to the Privacy Shield Framework.
Privacy Shield Principles
The Privacy Shield Framework uphold specific principles, many of which have been described in the section of this policy titled Your Rights to Your Information. To further clarify, Uva Software LLC commits to uphold the following principles for all EU, UK, and Swiss personal data transferred into the United States.
Individuals have the right to access their personal data and to update, correct, and/or amend information that is incomplete. Individuals also have the right to request erasure of personal information that has been processed in violation of the principles. Individuals may exercise these rights by signing in and directly updating their account information. If you have questions about exercising these rights or need assistance, please contact us at https://bbbprograms.org/privacy-shield-complaints for more information and to file a complaint. This service is provided to you free of charge.
If your Privacy Shield complaint cannot be resolved through these channels, under limited conditions, you may invoke binding arbitration before a Privacy Shield Panel. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction
Changes to Our Privacy Notice
Uva Software LLC will review and update this Privacy Notice periodically to respond to changing legal, technical and business developments. We will note the date of its most recent revision herein. Please review this Privacy Notice frequently to be informed of your rights and how Uva Software LLC is protecting your Personal Data.