PRIVACY POLICY | Core NX-OS

Our blog comment section is managed by a third party application that may require you
to register to post a comment. We do not have access or control of the information
posted to the blog. You will need to contact or login into the third party application if you
want the personal information that was posted to the comments section removed. To
learn how the third party application uses your information, please review their privacy
policy.
Testimonials
With your consent we may post your testimonial along with your name. If you wish to
update or delete your testimonial, you must contact us at [email protected].
Promotional Communications
We may send you promotional emails or text messages if you provide your consent to
receiving such communications. To unsubscribe from promotional emails, you may use
the unsubscribe link found at the bottom of the email. To opt-out of receiving
promotional text messages, you may reply “STOP.” Note that you will continue to
receive transaction-related emails regarding products or services you have requested.
We may also send you certain non-promotional communications regarding us and our
services, and you will not be able to opt-out of those communications (e.g.,
communications regarding the services or updates to this Privacy Policy). Our Clients
are required to comply with our Acceptable Use Policy when using our Services to send
promotional communications, including the applicable legal requirements for email and
text communications.
CUSTOMER CONTENT AND INFORMATION RELATED TO DATA COLLECTED
THROUGH THE CORE NX-OS PLATFORM
Act-On collects information under the direction of its clients, and has no direct
relationship with the individuals whose personal data is provided, or is collected at the
direction of, our business clients. CORE NX-OS serves as a processor of this data. CORE NX-OS
works with its clients to help them provide notice to their customers concerning the
purpose for which personal information is collected.
We collect information for our clients, if you are a customer of one of our clients and
would no longer like to be contacted by one of our clients that use our Service, please
contact the client that you interact with directly.
CORE NX-OS may transfer personal information to companies that help us provide our
Service. Transfers to subsequent third parties are covered by the provisions in this
Policy regarding notice and choice and the service agreements with our clients.
CORE NX-OS has no direct relationship with the individuals whose personal data it processes
as part of Customer Content (i.e., all user data processed through our Services or
collected on behalf of our business clients). An individual who seeks access, or who
seeks to correct, amend, or delete inaccurate data within Customer Content should
direct his query to the CORE NX-OS client (the data controller). If the client requests CORE NX-OS to
remove the data, we will respond to their request within 30 days.
CORE NX-OS will retain personal data we process on behalf of our clients for as long as
needed to provide Service to our client. CORE NX-OS will retain and use this personal
information as necessary to comply with our legal obligations, resolve disputes, and
enforce our agreements.
SECURITY
CORE NX-OS has implemented processes intended to protect user information and maintain
security of data. Each account holder is assigned a unique user name and password,
which is required to access their account. It is each user’s responsibility to protect the
security of his or her login information. We have attempted to protect CORE NX-OS’s servers
by locating them areas with security procedures, using of firewalls and implementing
other generally available security technologies. These safeguards help prevent
unauthorized access, maintain data accuracy, and ensure the appropriate use of data,
but NO GUARANTEE CAN BE MADE THAT YOUR INFORMATION AND DATA WILL
BE SECURE FROM INTRUSIONS AND UNAUTHORIZED RELEASE TO THIRD
PARTIES.
When you enter sensitive information (such as login credentials), we encrypt the
transmission of that information using secure socket layer technology (SSL). We follow
protocols to protect the personal information submitted to us, both during transmission
and once we receive it. No method of transmission over the Internet, or method of
electronic storage, is 100% secure, however. Therefore, we cannot guarantee its
absolute security. If you have any questions about security on our website, you can
contact us at [email protected].
By using our Services or providing personal information to us, you agree that we may
communicate with you electronically regarding security, privacy, and administrative
issues relating to your use of our Services. If we learn of a security system’s breach, we
may attempt to notify you electronically by posting a notice on our Services, by mail, or
by sending an email to you.
CANCELLATION OR TERMINATION OF THE ACCOUNT
If your account is terminated for any reason, please contact us within 30 days of such
termination at [email protected] with any requests to view your data. Please be
aware that CORE NX-OS may for a time retain residual information in our backup and/or
archival copies of our data stores and databases. We will make reasonable commercial
efforts to delete your information as soon as reasonably practical.
COMPLIANCE WITH CHILDREN’S ONLINE PRIVACY PROTECTION ACT
As a business service, CORE NX-OS does not target its offerings toward, and does not
knowingly collect any personal information from users under 13 years of age. If you
believe that your child has provided us with personal information without your consent,
you may contact us at [email protected]. If we learn that we have collected any
personal information in violation of applicable law, we will promptly take steps to delete
such information and terminate the child’s account.
YOUR PRIVACY RIGHTS
When we have a direct relationship with you and are processing your data as a
“controller” or “business,” you may have certain privacy rights that you can exercise
directly with us as described below. When we do not have a direct relationship with you
and are processing data as a “processor” or “service provider” on behalf of our business
clients, including when we process your information as part of Customer Content, you
must contact the relevant business client to exercise the privacy rights you that you may
have.
When we have direct relationship with you, in accordance with applicable law, you may
have the right to:
· Access to and Portability of Your Personal Information, including: (i)
confirming whether we are processing your personal information; (ii) obtaining
access to or a copy of your personal information; and (iii) receiving an electronic
copy of personal information that you have provided to us, or asking us to send
that information to another company in a structured, commonly used, and
machine readable format (also known as the “right of data portability”);
· Request Correction of your personal information where it is inaccurate or
incomplete. In some cases, we may provide self-service tools that enable you to
update your personal information;
· Request Deletion of your personal information;
· Request Restriction of or Object to our processing of your personal
information where the processing of your personal information is based on our
legitimate interest or for direct marketing purposes, including (i) the right to
opt-out of the sharing of personal information for certain advertising, (ii) object to
or restrict our use of or your sensitive personal information, including the right to
opt-out of the sharing of sensitive personal information in some circumstances,
and (iii) opt out of the processing of your personal information for purposes
profiling in furtherance of decisions that produce legal or similarly significant
effects concerning you; and
· Withdraw your Consent to our processing of your personal information
for certain purposes. Please note that your withdrawal will only take effect for
future processing and will not affect the lawfulness of processing before the
withdrawal.
You can submit a request to determine and exercise your privacy rights by contacting us
as [email protected] or by contacting us using the information in the “Questions”
section below.
When you use the CORE NX-OS website or Service, we make good faith efforts to provide you
with access to your personal information and either to correct this data if it is inaccurate
or to delete such data at your request if it is not for legitimate business purposes. You
may update your account information by logging into your account. When requests
come to CORE NX-OS with regard to personal information, we ask individual users to identify
themselves and the information requested to be accessed, corrected or removed before
processing such requests, and we may decline to process requests that are
unreasonably repetitive or systematic, require disproportionate technical effort,
jeopardize the privacy of others, or would be extremely impractical (for instance,
requests concerning information residing on backup tapes), or for which access is not
otherwise required. We retain and use your information as necessary to comply with our
legal obligations, resolve disputes and enforce our agreements. In any case where we
provide information access and correction, we perform this service free of charge,
except if doing so would require a disproportionate effort. We will respond to these
requests in accordance with applicable laws within a reasonable timeframe.
SUPPLEMENTAL NOTICE FOR RESIDENTS OF CALIFORNIA AND CERTAIN
OTHER US STATES
This Supplemental Notice is for residents of states that have adopted comprehensive
privacy legislation and others that may come into effect from time to time, including, but
not limited to, California, Connecticut, Colorado, Utah and Virginia (collectively,
“Applicable State Laws”). In some states, you may have the rights described in “Your
Privacy Rights” above and be entitled to the following supplemental information:
Categories of Personal Information Collected and Sources
The “Data Collection” section above identifies the categories of personal information we
may have collected in the 12 past twelve months, and the sources from which we obtain
such information.
Purposes for Collection
We collect and use personal information for the business or commercial purposes
described in the “Data Uses and Sharing” section above.
Categories of Personal Information Disclosed and Categories of Recipients]
We may have disclosed the following categories of personal information in the
preceding 12 months for our business or commercial purposes to the Categories of
Recipients listed below.
Categories of Personal Information We
Disclose
Categories of Recipients
Identifiers Affiliates, Service Providers, and Business Partners
Professional Information Affiliates, Service Providers, and Business Partners
User Content Affiliates, Service Providers, and Business Partners
Preferences Affiliates, Service Providers, and Business Partners
Internet or other electronic activity Affiliates, Service Providers, and Business Partners
For more details on how your personal information is disclosed and the purposes it’s
disclosed for, please see the “Data Uses and Sharing” section above.
We Do Not Sell Personal Information
Act-On does not provide your personal information to other companies for money, or
otherwise “sell” personal information of consumers as that term is commonly
understood, including information of consumers under 16 years of age.
We may, however, share information with third-party advertising partners for the
purpose of promoting our Services as described above, such as for cross-context
behavioral or targeted advertising. You can opt-out of such sharing by following the
instructions found above in the section titled “Cookie Controls” or by clicking here, or
you can contact us as described in the “Questions” sections below.
Additional Privacy Rights and Choices
In addition to the right to opt-out of sharing for certain advertising purposes, you may
have the privacy rights described above in the section titled “Your Privacy Rights.”
Non-Discrimination. Residents of certain states have the right not to receive
discriminatory treatment by us for the exercise of their rights conferred by applicable
law.
Authorized Agent. Only you, or someone legally authorized to act on your behalf, may
make a verifiable consumer request related to your personal information. You may also
make a verifiable consumer request on behalf of your minor child. To authorize an
agent, provide written authorization signed by you and your designated agent and
contact us as set forth in “Questions” below for additional instructions.
Verification. To protect your privacy, we will take steps to reasonably verify your identity
before fulfilling your request. These steps may involve asking you to provide sufficient
information that allows us to reasonably verify you are the person about whom we
collected personal information or an authorized representative, or to answer questions
regarding your account and use of our Services.
Appeal. When exercising your privacy rights, you may have the right to appeal a
decision or response that we provide. You may exercise right by submitting a request
to us as described in the “Questions” section, labeling it “Appeal,” and referencing our
prior response or decision.
De-Identified Information. If we create or receive de-identified information, we will not
attempt to reidentify such information, except to comply with applicable law.
California Shine the Light.
California residents may request information concerning the categories of personal
information, if any, we share with third parties or affiliates for their direct marketing
purposes. If you would like more information, please contact us as described in the
“Questions” section below.
DO NOT TRACK DISCLOSURES
Some browsers offer a “Do Not Track” privacy preference. Generally, when a user turns
on the Do Not Track Signal, their browser sends a message to websites requesting that
the user not be tracked. Our websites currently do not respond to “Do Not Track”
signals.
INTERNATIONAL DATA TRANSFERS
All information processed by us may be transferred, processed, and stored anywhere in
the world, including, but not limited to, the United States or other countries, which may
have data protection laws that are different from the laws where you live. We endeavor
to safeguard your information consistent with the requirements of applicable laws.
If we transfer personal information which originates in the European Economic Area,
Switzerland, and/or the United Kingdom to a country that has not been found to provide
an adequate level of protection under applicable data protection laws, one of the
safeguards we may use to support such transfer is the EU Standard Contractual
Clauses.
For more information about the safeguards we use for international transfers of your
personal information, please contact us as set forth below.
SUPERVISORY AUTHORITY
If your personal information is subject to the applicable data protection laws of the
European Economic Area, Switzerland, the United Kingdom, or Virginia, you have the
right to lodge a complaint with the competent supervisory authority or attorney general if
you believe our processing of your personal information violates applicable law:
· EEA Data Protection Authorities (DPAs)
· Swiss Federal Data Protection and Information Commissioner (FDPIC)
· UK Information Commissioner’s Office (ICO)
· Virginia Attorney General
RETENTION OF PERSONAL DATA
We store the personal information we collect as described in this Privacy Policy for as
long as you use our Services, or as necessary to fulfill the purpose(s) for which it was
collected, provide our Services, resolve disputes, establish legal defenses, conduct
audits, pursue legitimate business purposes, enforce our agreements, and comply with
applicable laws, or based upon other criteria, including, but not limited to, the sensitivity
and volume of such data. Additionally, we endeavor to retain all such personal
information in accordance with legal requirements.
DATA PRIVACY FRAMEWORK
Act-On Software, Inc. complies with the EU-U.S. Data Privacy Framework (EU-U.S.
DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy
Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce.
CORE NX-OS has certified to the U.S. Department of Commerce that it adheres
to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with
regard to the processing of personal data received from the European Union in reliance
on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK
Extension to the EU-U.S. DPF. Act-On Software, Inc. has certified to the U.S.
Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework
Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data
received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict
between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the
Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data
Privacy Framework (DPF) program, and to view our certification, please visit
https://www.dataprivacyframework.gov/.
DPF INTERNAL COMPLAINTS MECHANISM
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the
Swiss-U.S. DPF, Act-On Software, Inc. commits to resolve DPF Principles-related
complaints about our collection and use of your personal information. EU and UK
individuals and Swiss individuals with inquiries or complaints regarding our handling of
personal data received in reliance on the EU-U.S. DPF and the UK Extension to the
EU-U.S. DPF, and the Swiss-U.S. DPF should first contact CORE NX-OS at:
[email protected].
INDEPENDENT RECOURSE MECHANISM
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the
Swiss-U.S. DPF, Act-On Software, Inc. commits to refer unresolved complaints
concerning our handling of personal data received in reliance on the EU-U.S. DPF and
the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF to TrustArc, an
alternative dispute resolution provider based in the United States. If you do not receive
timely acknowledgment of your DPF Principles-related complaint from us, or if we have
not addressed your DPF Principles-related complaint to your satisfaction, please visit
https://feedback-form.truste.com/watchdog/request for more information or to file a
complaint. The services of TrustArc are provided at no cost to you.

CHANGES TO THIS POLICY
We may update this Privacy Policy to reflect changes to our information practices or due
to changes in applicable law. If we make any material changes we will notify you by
email (sent to the e-mail address specified in your account) or by means of a notice on
this website prior to the change becoming effective. We encourage you to periodically
review this page for the latest information on our privacy practices.
QUESTIONS
Any questions about this Privacy Policy should be addressed to [email protected].