Privacy Policy

 

Our Commitment to Our Customers, Suppliers, and Partners

 

AdaptOne Website Privacy & General Data Protection Regulation (GDPR) Compliance Policy

At AdaptOne LLC (“we,” “us,” or “our”), we take our commitment to data privacy and GDPR regulatory compliance very seriously. Not only do we strive for total data security and privacy protection online, but we also ensure a compliant and consistent approach to security and data protection. Our robust and effective data protection program meets existing laws and adheres to data protection principles. While we have constantly surpassed our obligations, we proactively expand our program to enhance your security further. We invite you to review our policy to understand how we treat your personal information when you use our services.

Information Collection and Use

AdaptOne is committed to safeguarding the information collected on this site and all AdaptOne-managed websites. We may collect, use, store, and transfer the following data about users:

  • Information end-users give us. This information is about the information end-users provide us by filling out forms on our website or by corresponding with us by phone, e-mail, trade shows, or otherwise. It includes information end-users offer when applying for our services, subscribing to our services or publications, requesting marketing information to be sent to end-users, entering a competition, promotion, or survey, when end-users report a problem with one of our sites, and when end-users provide feedback. The information end-users give us may include the end-user’s name, firm or company, practices, address, e-mail address, phone number, gender, marital status, date of birth, and financial and credit card information.
  • Information we collect about end-users. For each of the end-users that visits our site, we may automatically collect the following information:
    • Technical information, including the Internet protocol (IP) address used to connect the end-user’s computer to the Internet; end-user login information, browser type and version, time zone setting, browser plug-in types, and versions; operating system and platform;
    • Information about end-users visit(s), including the full Uniform Resource Locators (URL), clickstream to and from our site (including date and time), products end-users viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, and any phone number used to call our customer service number.
  • Information we receive from other sources. We may receive personal data about end-users from various third parties, including business partners, vendors, and subcontractors in technical services, payment and delivery services, advertising networks, analytics providers, and search information providers.

We may also collect, use, and share aggregated data, such as statistical or demographic data, for any purpose. Aggregated data may be derived from the end-user’s personal data but is not considered personal data in law as this data does not directly or indirectly reveal the end-user’s identity. However, if we combine or connect aggregated data with end-users’ personal data so that it can directly or indirectly identify end-users, we treat the combined data as personal data, which will be used in accordance with this privacy policy.

Uses Made of End-User Information

We will only use end-users’ personal data when the law allows us to. Most commonly, we will use end-user personal information:

  • to carry out our obligations arising from any contracts entered into between end-users and us or to take steps at an end-user’s request before entering into any contracts;
  • to comply with any legal obligations to which we are subject; or
  • where it is necessary for our or a third party’s legitimate interests, including to prevent fraud, except where the end-user’s interests or fundamental rights and freedoms override such interests.

Generally, we do not rely on consent as a legal basis for processing end-user personal information other than to send direct marketing communications to end-users via email.

Purposes for Which We Will Use End-User Personal Data

In a table format, we have outlined below a description of how we use or potentially use an end-user’s personal data and which legal bases we rely on to do so. We have also identified our legitimate interests where appropriate.  We may process end-users’ personal data for more than one lawful ground, depending on the specific purpose for which we are using end-users’ data. Please contact us if end-users need details about the specific legal grounds we rely on to process an end-user’s personal data, where more than one ground has been set out in the table below.

Purpose/ActivityType of dataLawful basis for processing, including
basis of legitimate interest
To register end-users as a new customerIdentity and contact detailsPerformance of a contract with end-users
To process and deliver end-user orders, including:

(a) Manage payments, fees, and charges;

(b) Collect and recover money owed to us

Identity, contact details, and financial and credit card information(a) Performance of a contract with end-users

(b) Necessary for our legitimate interests (to recover debts due to us)

To manage our relationship with end-users, which will include:

(a) Notifying end-users about changes to our terms or privacy policy;

(b) Asking end-users to leave a review or take a survey

Identity, contact details, and marketing preferences

 

(a) Performance of a contract with end-users

(b) Necessary to comply with a legal obligation

(c) Necessary for our legitimate interests (to keep our records updated and to study how customers use our products/services)

To enable end-users to partake in a prize draw, competition or complete a surveyIdentity, contact details, and marketing preferences(a) Performance of a contract with end-users

(b) Necessary for our legitimate interests (to study how customers use our products/services, to develop them and grow our business)

To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)Identity, contact details, and technical data such as IP address(a) Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganization or group restructuring exercise)

(b) Necessary to comply with a legal obligation

To deliver relevant website content and advertisements to end-users and measure or understand the effectiveness of the advertising we serve to end-usersIdentity, contact details, technical data such as IP address, marketing preferencesNecessary for our legitimate interests (to study how customers use our products/services, to develop them, to grow our business, and to inform our marketing strategy)
To use data analytics to improve our website, products/services, marketing, customer relationships and experiencesTechnical data such as IP addressNecessary for our legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business, and to inform the direction of our marketing strategy)
To make suggestions and recommendations to end-users about goods or services that may be of interest to end-usersIdentity, contact details, usage data, and marketing preferencesNecessary for our legitimate interests (to develop our products/services and grow our business)

Marketing

We strive to provide end-users with choices regarding the use of personal data, particularly marketing and advertising. We may use the end-user’s identity, contact details, usage data, technical data, and marketing preferences to form a view of what we think end-users may want or need or what may be of interest to them. This is how we decide which products, services, and offers may be relevant to them.

End-users will receive marketing communications from us if end-users have requested information from us or purchased services from us or if end-users provided us with end-users details when end-users entered a competition or registered for a promotion and, in each case, end-users have not opted out of receiving that marketing. We will attain the end-user’s express opt-in consent before we share the end user’s personal data with any company outside the AdaptOne, LLC group for marketing purposes.

End-users can contact us or third parties to ask us to stop sending them marketing messages at any time. Where end-users opt out of receiving these marketing messages, this will not apply to personal data provided to us as a result of a product/service purchase, warranty registration, product/service experience, or other transactions.

Change of Purpose

We will only use the end-user’s personal data for the purposes we collected it unless we reasonably consider that we need to use it for another reason and that that reason is compatible with the original purpose. If end-users wish to have us explain how the processing for the new purpose is consistent with the original purpose, please contact us.

If we need to use end-users’ personal data for an unrelated purpose, we will notify them and explain the legal basis for our decision. Please note that we may process their personal data without their knowledge or consent in compliance with the above rules, where this is required or permitted by law.

Website Privacy

AdaptOne LLC takes the privacy of our website users seriously. We are committed to protecting and respecting your privacy and complying with GDPR. Therefore, we have developed a web privacy policy that outlines how we collect, use, and share Personally Identifiable Information (PII) that we may collect through our website(s). PII includes information such as your name, email, address, phone number, and other details that could identify you personally. Our policy applies to all instances where you provide us with PII, whether online or offline, or when you visit our website(s) to browse, obtain information, conduct a transaction, or register on our customer’s website(s). Please note that we don’t require you to register or provide personal information to visit our website(s).

The PII you provide on the AdaptOne website(s) will be used only for its intended purpose. We will protect your information in a manner consistent with the principles of the Privacy Act of 1974, the E-Government Act of 2002, and the Federal Records Act.

Personally Identifiable Information

As a general rule, AdaptOne does not collect PII about you when you visit our website unless you provide such information. Submitting PII through our website is voluntary. By doing so, you are permitting AdaptOne to use the information for the stated purpose. However, not providing certain information may result in AdaptOne’s inability to provide you with the desired service. By providing us with PII on an AdaptOne website(s) through such methods as completing a web form or sending us an email, we will use that information to help us provide you with the information or service you requested or respond to your message. The information we may receive varies based on what you do when visiting our website(s).

Opt-Out Notification

We have provided a Subscribe/Opt-Out option that will either appear on the web page collecting the information or be accessible through a hyperlink (link) prominently displayed immediately above or below the information request.

Email

Many of our programs and website(s) allow you to email us. We will use the information you provide to respond to your inquiry. We will only send you general information via email. As a reminder, that email may not necessarily be secure against interception. Therefore, we suggest you not send sensitive personal data (such as your Social Security number) to us via email. Suppose your intended email communication is very sensitive or includes information such as your bank account, credit card, or Social Security number. In that case, you should alternatively upload this type of information directly through secure web pages of our supplier/member portals.

Electronic mail messages that meet the definition of records in the Federal Records Act (44 U.S.C. 3101 et seq.) are covered under the same disposition schedule as all other federal records. This means that emails you send us will be preserved and maintained for varying periods of time if those emails meet the definition of federal records. Electronic messages that are not federal records are deleted when they are no longer needed.

Automatically Collected Information

We collect and temporarily store certain information about your visit for site management and security purposes only. We collect and analyze this information because it helps us better design our website to suit your needs. We may also automatically collect information about the web content you view in case of a known security or virus threat. This information includes:

The Internet domain from which you access our website (for example, “xcompany.com” if you use a private Internet access account, or “yourschool.edu” if you connect from an educational domain);

  • The Internet Protocol (IP) address (a unique number for each computer connected to the Internet) from which you access our website;
  • The type of browser (e.g., Firefox, Internet Explorer, Edge, Chrome) used to access our site;
  • The operating system (e.g., Windows, Mac OS, Unix) used to access our site;
  • The date and time you access our site;
  • The Universal Resource Locators (URLs), or addresses, of the pages you visit;
  • Your username, if it was used to log in to the website and
  • If you visited this website from another website, the URL of the forwarding site.

We may share the above information with our employees or representatives with a “need-to-know” in performing their official duties, other federal agencies, or other named representatives to quickly process your request or transaction. This information is only used to help us make our site more useful for you. Raw data logs are retained temporarily for security and site management purposes only.

Third-Party Websites and Applications

AdaptOne uses social media websites and other kinds of third-party websites. Social media websites are used to publicize AdaptOne, the company, and its solutions and services offerings.  AdaptOne also uses web measurement and customization technologies to measure the number of visitors to our websites and their various sections and help make them more useful to visitors. The third-party application may request an email address, username, password, and geographic location (e.g., state, region, or ZIP code) for account registration. AdaptOne does not use third-party websites to solicit and collect PII from individuals. Any PII passively collected (i.e., not solicited) by the third-party website will not be transmitted or stored by AdaptOne; no PII will be disclosed, sold, or transferred to any other entity outside AdaptOne unless required for law enforcement purposes or by statute.

Information Collected for Tracking and Customization (Cookies)

Our website uses cookies to distinguish end-users from other website users. Cookies are small files of information that save and retrieve information about your visit to our tools and websites. This helps us provide end-users with a good experience when they visit and log onto our websites and also allows us to improve them.

A cookie is a small file that a website transfers to your computer to allow it to remember specific information about your session while you are connected. Your computer will only share the information in the cookie with the website that provided it, and no other website can request it. There are two types of cookies:

  • Session: Session cookies last only as long as your web browser is open. Once you close your browser, the cookie is deleted. Websites may use session cookies for technical purposes, such as to enable better navigation or to allow you to customize your preferences for interacting with the website.
  • Persistent: Persistent cookies are saved on a user’s hard drive to determine which users are new to the site or are returning and to block recurring invitations to take a satisfaction survey for repeat visitors.

If you do not wish to have a session or persistent cookies stored on your machine, you can turn cookies off in your browser. You can still access all information and resources at the AdaptOne websites. However, turning off cookies may affect the functioning of some AdaptOne websites. Be aware that disabling cookies in your browser will also affect cookie usage at all other websites.

Disclosure of End-User information

We may have to share end-users personal information with the third parties set out below, or any other third parties notified to end-users, for the purposes set out in paragraph 3 above:

  • Professional advisers, lawyers, bankers, auditors, and insurers.
  • Regulators and other authorities who require reporting of processing activities in certain circumstances.
  • Third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other companies or merge with them. If a change happens to our business, then the new owners may use end-users personal data in the same way as set out in this privacy policy.
  • Fraud prevention agencies.

We require all third parties to respect the security of end-users personal data and treat it according to the law. We do not allow our third-party service providers to use end-users’ personal data for their purposes and only permit them to process it for specified purposes and in accordance with our instructions.

Data Security

We have implemented appropriate security measures to prevent end-users personal data from being accidentally lost, used, or accessed in an unauthorized way, altered, or disclosed. In addition, we limit access to end-users’ personal data to those employees, agents, contractors, and other third parties who have a business need to know. They will only process end-users’ personal data according to our instructions, and they are subject to a duty of confidentiality.

However, information transmission via the Internet is never completely secure. Although we do our best to protect end-users’ personal data, we cannot guarantee the security of data transmitted to our site; any transmission is at the end-user’s own risk.

We have procedures for dealing with any suspected personal data breach. We will notify end-users and any applicable regulator of a breach where legally required.

Security

AdaptOne takes the security of all PII very seriously. We take precautions to maintain the security, confidentiality, and integrity of the information we collect at this site. Such measures include access controls designed to limit access to the information to the extent necessary to accomplish our mission. We also employ various security technologies to protect the information stored on our systems. We routinely test our security measures to ensure that they remain operational and effective.

We take the following steps to secure the information we collect:

  • Employ internal access controls to ensure that only personnel who have access to your information must do so to perform their official duties.
  • Train appropriate personnel on our privacy and security policies and compliance requirements.
  • Secure the areas where we retain paper copies of the information we collect online.
  • Perform regular backups of the information we collect online to ensure against loss.
  • Use technical controls to secure the information we collect online, including, but not limited to:
    • Secure Socket Layer (SSL)
    • Encryption
    • Firewalls
    • Password protections
    • Periodically test our security procedures to ensure personnel and technical compliance.
    • Employ external access safeguards to identify and prevent unauthorized access by outsiders that attempt to “hack” into or cause harm to the information contained in our systems.

We hold our contractors and other third-party providers to the same high standards that we use to ensure the security, confidentiality, and integrity of personal information they may have access to during their work completed on behalf of AdaptOne.

Retention

We will only retain end-users’ personal information for as long as necessary to carry out the purpose for which it was collected, including to satisfy any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of end-users’ personal data, the purposes for which we process end-users’ personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

In some circumstances, we may anonymize end-users personal data (so that it can no longer be associated with end-users) for research or statistical purposes, in which case we may use this information indefinitely without further notice to end-users.

End-Users’ Rights

End-users may be entitled to the following rights:

  • Where end-users have provided end-users consent to the processing of end-users personal data for any purpose, end-users have the right to withdraw such consent at any time by contacting us at AdaptOne, LLC, 6495 Shiloh Road, Suite 310, Alpharetta, Georgia 30005 or by email to DataPrivacy@AdaptOne.com).
  • End-users can ask us to rectify any inaccuracies in the personal information that we hold about end-users.
  • To request the erasure of personal information that we hold about end-users where there is no good reason for us to continue processing it, where end-users have successfully exercised their right to object to processing, where we may have processed end-user’s information unlawfully, or where we are required to erase end user’s personal data to comply with local law.
  • To object to our processing of end-user’s personal data where we are relying on a legitimate interest (or that of a third party) and there is something about an end user’s particular situation that makes end-users want to object to processing on this ground as end-users feel it impacts on end-users fundamental rights and freedoms. End-users also have the right to object where we are processing end-users’ personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process end-users information, which overrides end-users rights and freedoms.
  • To restrict our processing of end-user’s personal data (a) if end-users want us to establish the data’s accuracy; (b) where our use of the data is unlawful but end-users do not want us to erase it; (c) where end-users need us to hold the data even if we no longer require it as end-users need it to establish, exercise or defend legal claims; or (d) end-users have objected to our use of end-users data, but we need to verify whether we have overriding legitimate grounds to use it.
  • To request a copy of end-users’ personal data from us in a commonly used and machine-readable format or that we transmit end-users’ personal data to another data controller.
  • Not to be subject to automated decision-making, including profiling, which has legal or other significant effects on end-users.
  • To access information held about end-users. End-users will not have to pay a fee to access their personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if the end-user request is unfounded, repetitive, or excessive. Alternatively, we may refuse to comply with end-users’ requests in these circumstances.

Any data subject can exercise any of the above rights at any time by contacting us at AdaptOne LLC, 6495 Shiloh Road, Suite 310, Alpharetta, Georgia 30005, or by emailing DataPrivacy@AdaptOne.com.

Links to and from Our Site

Our websites may, from time to time, contain links to and from the websites of our partners and affiliates. If end-users follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before end-users submit any personal data to these websites.

Interaction with Children Online

AdaptOne is committed to protecting children’s online privacy. The Children’s Online Privacy Protection Act (COPPA) governs information gathered online from or about children under 13. Verifiable consent from a child’s parent or guardian is required before collecting, using, or disclosing personal information from a child under age 13. If an AdaptOne website intends to collect information about children under 13 years old, COPPA-required information and instructions will be provided by the specific web page that collects information about the child. The web page will specify exactly what the information will be used for, who will see it, and how long it will be kept.

Whistleblower Protection Policy

AdaptOne is dedicated to upholding the highest levels of business ethics and integrity. We urge all employees, board members, officers, users, and volunteers to report any concerns they may have regarding violations of our code of ethics or suspected breaches of laws and regulations. If you have any concerns, please use the following link to fill out our Whistleblower Form and confidentially report your concern(s).

Reporting Responsibility:

  • It is the responsibility of every individual associated with AdaptOne to raise serious concerns internally. By doing so, we can promptly address and rectify any inappropriate conduct or actions.
  • Concerns can relate to ethical violations, suspected fraud, discrimination, or other legal matters.

No Retaliation:

AdaptOne strictly prohibits retaliation against anyone who reports an ethics violation or suspected legal breach in good faith. Employees who retaliate against whistleblowers are subject to disciplinary action, including termination.

Reporting Procedure:

  • Employees are encouraged to share their concerns with their immediate supervisor. If uncomfortable doing so or unsatisfied with the response, they can escalate to AdaptOne leadership.
  • Supervisors and managers are required to report complaints or concerns in writing to AdaptOne leadership or a designated employee/board member.
  • AdaptOne is responsible for investigating and resolving all reported complaints related to unethical or illegal conduct.

Changes to End-Users’ Personal Data

It is essential that the personal data we hold about end-users is accurate and current. End-users should keep us informed if end-users’ personal data changes during end-users’ relationship with us.

Changes to Our Privacy Policy

Any changes we make to our privacy policy in the future will be posted on our website. End-users should check back frequently for any updates or changes to our privacy policy.

Contact Information

Questions, comments, requests, and complaints regarding this privacy policy are welcomed and should be addressed to AdaptOne, LLC, 6496 Shiloh Road, Suite 310, Alpharetta, Georgia 30005, or by submitting the online form.

Last Update: 12.15.2023