Intrigma – Privacy Notice

Updated: 11/19/2022

1. In brief

This Privacy Statement describes the manner in which Intrigma, Inc. may use and/or disclose personal information that we collect from those who engage with us in online business activities. If you have additional questions about privacy or information security, please contact us at support (at) intrigma.com.

Intrigma, Inc. (hereinafter referred to as “Intrigma,” “we,” “us” or “our”), is committed to protecting the privacy of those individuals (“you”) who visit our websites (the “Websites”) or register to use our applications and services (“Services”). This policy describes our privacy practices and how we use and collect the personal information that you share with us when browsing our Website(s) and/or registering an account with us.

Intrigma is headquartered in the United States of America. Therefore, personal information that we collect and maintain may be transferred to or controlled and processed in the United States of America and/or other countries around the world as further described in this notice.. We will protect the privacy and security of the personal information we collect in accordance with this privacy notice, regardless of where it is processed or stored, however, you explicitly acknowledge and consent to the fact that personal information stored or processed in the United States will be subject to the laws of the United States, including the ability of governments, courts, law enforcement and/or regulatory agencies of the United States who have valid jurisdiction over Intrigma to obtain disclosure of your personal information subject to a valid subpoena, court order or similar official request.

This Notice will generally inform you about:

1. How do we collect your Personal Data;
2. The type of personal data we process;
3. The purposes for which We process your personal data;
4. The parties with whom We may share your personal data;
5. What are your rights;
6. How is the information protected;
7. How and who to contact in case you need more information.

We process personal data on a worldwide basis and we are taking all reasonable measures to comply with any applicable data privacy laws, but in particular with laws in the United States and the EU General Data Protection Regulation (GDPR). This is why we will also apply the stringent rules, principles and obligations of the GDPR to the processing of personal data of persons outside of the EEA.

Please review this notice attentively. This Privacy Notice may be revised and reissued from time to time.

2. Definitions

For the purposes of this privacy statement, unless the context will require otherwise, the following terms shall have the meaning as defined hereunder:

1. “controller” means the natural person or legal person, public authority or agency, which alone or jointly with others, determines the means and purposes of processing personal data.
2. “customer” means the organization/business with which Intrigma is under a contractual relationship as a service provider.
3. “user” means the individual person who has a registered account on Intrigma’s platform;
4. “customer data” means the personal data, which is populated by our Customers on our platform, which may include personal data of data subjects for which our Customers are responsible for.
5. “data subject” means an identified or identifiable natural person.
6. “personal data” means personal data the processing of which is regulated by the General Data Protection Regulation.
7. “General Data Protection Regulation” or “GDPR” means Regulation (EU) 2016/679 of the European Parliament and of the Council together with any subordinate legislation or regulation implementing the General Data Protection Regulation.
8. “personal data” means information about an individual that (a) can be used to identify, contact or locate a specific individual; (b) can be combined with other information that can be used to identify, contact or locate a specific individual; or (c) is defined as “personal data” or “personal information” under the applicable law or regulations relating to the collection, use, storage or disclosure of information about an identifiable individual.
9. “processing” means any operation or set of operations that is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
10. “processor” means a natural person or legal person, public authority or agency which processes personal data on behalf of the controller.

3. Website visitors

1. In brief

Intrigma provides you with this page in order to inform you about Intrigma’s services, ensure sure that the Websites remain secure at all times, and distinguish between the unique users accessing our Services.

2. Purpose

Our purpose to process your personal data is to:

1. Provide the website to you; this involves processing traffic data;
2. Use your personal data for ensuring the security of the page.

3. Personal Data

In these circumstances, we may process the following personal data as traffic data for security reasons::

1. IP address;
2. Device /  Internet Connection Information;
3. Location information;
4. Cookies.

It is also important to mention that Intrigma may occasionally aggregate such information with the information we collect from you ourselves to help us form a more complete user profile for you.

5. Storage of the Personal Data

Intrigma collects traffic data for security reasons for a limited period of time.

In case of an incident that is identified by our security system, the information therein will be kept for a period of 1 year, unless there is a particular legal requirement to keep this information for a longer period.

With reference to the retention period of cookies, this is further clarified in the cookies policy.

6. Legal basis

For the processing of the traffic data above, we will use your consent to receive our page.

We base ourselves on your consent when you accept the cookies we use on our website or send us an email (“affirmative action”) when sending an email to a recipient) and, in certain cases, our legitimate interest or legal duty to keep the related communication as evidence.

With reference to security log data, this is based on our legitimate interests. We process the personal data for security reasons to maintain the use of the websites and fulfill Intrigma’s legal duties to keep the website secure.

With reference to the data that is aggregated, we base ourselves on our business legitimate interests which we believe are in line with your expectancies.

As further declared in your rights, you can opt out and withdraw your consent at any time by contacting us at support@intrigma.com 

7. Outsourcing activities to processors

Intrigma uses trustworthy processors that process your personal data in relation to your use of our website.

Our processors process the personal data for the reasons mentioned above.

Processors may change occasionally. The information processed by the foregoing is stored in their systems. Intrigma has privacy agreements in place that safeguard your personal data.

8. Cookies

We use cookies on our websites. More information about the cookies is available in the Cookies Policy available on our website.

9. Intrigma’s role under GDPR

Intrigma processes the personal data as controller as defined under Article 4(7) of the GDPR.

4. Customers of Intrigma

1. In brief

Intrigma also collects and uses the personal information of its customers or potential customers. We may also receive personal information from our business partners and vendors and, so long as it has been collected in accordance with applicable laws and acceptable privacy practices consistent with this privacy notice. We may aggregate such information with the information we collect from you ourselves to help us form a more complete user profile for you.

2. Purpose

Intrigma collects the personal data for the following purposes:

• Register an account with us to use any of our Services;
• Account management;
• Contractual obligations;
• Billing;
• Tax purposes;
• Respond to any Intrigma templates, emails, questionnaires or similar online forms;
•   Contact us to request information or otherwise correspond with us;
•   Enter any employment and/or coverage data on our website(s).

3. Personal data

For this processing activity, we may process the following personal data in relation to our Customers:

• Personal information: First and Last Name;
• Contact data: e-mail address; phone number; company name;
• Account data: account ID on Intrigma’s platform;
• Information necessary for the processing of payments;
• Platform related information: work schedule.

4. Storage of Personal Data

The retention period for the personal data pertaining to customers of Intrigma is set for three years from the date of collection. However, in certain circumstances, we will retain the personal data in a form which will enable the identification of individuals, which may include:

1. For the operational purpose that the personal data was collected for, and which the relevant individual has been informed of;
2. In order to comply with any applicable statutory or regulatory retention requirements; or
3. To enable the exercise of legal rights and/or defense against legal claims necessary for Intrigma or its customer.

Once the personal data related to you will no longer be necessary, we will delete it in a secure manner.

5. Legal basis

Intrigma may process your personal data in order to:

1. Enter into and continue performing the contract between Intrigma and its customers;
2. Legal obligations resulting from the foregoing contract(s); and
3. Intrigma’s legitimate interests.

Processing based on legitimate interests is related to Intrigma’s commercial interests and those of our customers. Intrigma had carefully assessed its processing activities and determined that they are compatible with your interests. It is important to highlight that the main focus of this analysis was to ensure that your fundamental rights and freedoms as a data subject are protected and Intrigma’s interests do not override your fundamental rights and freedoms.

You can always opt out and object to the processing of information by Intrigma at any time by contacting us at support@intrigma.com 

6. Outsourcing activities to processors

Intrigma uses trustworthy processors that process your personal data in relation to the your use of our website.

Our processors process the personal data for the reasons mentioned hereunder.

Processors may change occasionally. The information processed by the foregoing is stored in their systems. Intrigma has privacy agreements in place that safeguard your data.

Generally, we may use processors for the following processing activities:

1. Cloud storage;
2. Communication with You;
3. E-mail delivery service;
4. Electronic signature;
5. Address verification;
6. Tax compliance.

7. Intrigma’s role under GDPR

Intrigma processes the personal data as a controller as defined under Article 4(7) of the GDPR.

5. Users on Intrigma’s platform

1. In brief

Intrigma processes the information of users that will use and interact with Intrigma’s platform. Intrigma processes this information as it provides access to its tools, an enhanced experience, and support if needed. This implies that Intrigma will collect, use, transmit store, share and erase your information.

This processing activity stems from the contractual relationship that Intrigma has with its customers as service providers or when you enter into such a relationship directly with Intrigma. Customers are responsible for the Personal Data that they introduce in Intrigma’s platform from their own systems. Users of Intrigma who use the trial version will insert their personal data when making use of our services.

Under certain jurisdictions, in particular, in the EEA, the legislation differentiates between the “controller” and the “processor”. When you make use of our platform, Intrigma’s Customers are responsible for your personal data as they populate our platform from their lists.  In this case, the controller of the personal data pertaining to you is our customer, typically your employers (business/organization / healthcare provider)  that had integrated your Personal Data on our platform.

2. Purpose

Our purpose to process your personal data is for the following purposes:

1. To provide, update, maintain and protect our services, website, platform, and business;
2. To communicate with you on the platform by responding to requests, comments or questions or any other customer support-related issue;
3. As required by the applicable law, legal process or regulation;
4. To send service, technical, and other administrative emails, messages, and other types of communications.
5. To inform you about changes in our services, offerings, and important services-related notices, such as security and fraud notices);
6. To investigate and help prevent security issues and abuse.
7. Due to contractual obligation as a service provider;
8. Account management;
9. Billing;
10. Tax purposes.

3. Personal data

For this processing activity, we may process the following personal data pertaining to you:

1. Personal information: First and Last Name;
2. Contact data: e-mail address and password; phone number; organization name; time zone;
3. Account data: account IT on Intrigma’s platform;
4. Information is necessary for the processing of payments, if any.
5. Platform-related information: work schedule.

4. Storage of the Personal Data

The retention period for the Personal Data pertaining to users on Intrigma’s platform is set by the controllers responsible for your personal data. This period will also be set in accordance with the agreement between Intrigma and its clients. For more information, please contact the business/organization that is responsible for your personal data.

For users on Intrigma’s platform who have a direct relationship with Intrigma, the retention period of their personal data is set to be deleted after 7 years of being inactive, unless agreed otherwise.

For data subjects with whom we do not have a direct relationship, you can also contact us at: support@intrigma.com and we will transfer your request to the appropriate controller.

5. Legal basis

Intrigma may process your personal data when necessary for:

1. The performance of a contract to which you are party or in order to take steps at your request prior to entering into a contract;
2. Legal obligation to which Intrigma is subject to; and
3. Intrigma’s legitimate interests.

Personal data processing that is based on Intrigma’s legitimate interests is related to the provision of services. Intrigma had carefully assessed its processing activities and determined that they are compatible with your interests. It is important to highlight that the focus of this analysis was to ensure that your fundamental rights and freedoms as a data subject are protected and Intrigma’s interests do not override your fundamental rights and freedoms.

You can always opt-out and object to the processing of information by Intrigma at any time by contacting us at support@intrigma.com 

6. Outsourcing activities to processors

Intrigma uses trustworthy processors that process your personal data in relation to your use of our websites.

Intrigma’s processors process the personal data on our behalf for the reasons mentioned above. We inform you that processors may change from time to time. The information processed by the latter is stored in their systems. However, the personal data pertaining to you will be safely disposed of by the latter, subsequently to as a result of the termination of the contract. Intrigma has privacy agreements in place that safeguard your personal data.

Generally, we may use processors for the following processing activities:

1. Cloud storage;
2. Communication with you;
3. E-mail delivery service;
4. Tax compliance.

7. Intrigma’s role under GDPR

Intrigma processes the Personal Data as a controller as defined under Article 4(7) of the GDPR when you are under a direct business relationship with Intrigma. If your employer/organization is under a direct business relationship with Intrigma, we will act as a processor for the latter as defined under Article 4(8) of the GDPR.

6. Messages via our Contact page

1. In brief

We may receive general requests or questions via the contact tool that is available on our websites. Should you submit such a request, the latter will go through a ticket system.

2. Purpose

The purpose for this processing activity is to assign the ticket to an employee of Intrigma in order to reply to your request.

3. Personal Data

We will process the personal data that you choose to disclose and disseminate to us via the contact form, including:

• Your name;
• Phone number;
• E-mail;
• Your message, which may include personal data.

4. Retention period

Tickets are automatically deleted after six months from the last communication, unless there is a legal obligation to keep the ticket, such as accounting regulations or keeping evidence of legal requests.

5. Legal basis

We will process this information based on your consent that is received when you decide to submit your request.

In certain cases, we may process this information based on our legitimate interest or legal duty to keep the communication exchange as legal evidence.

You can always opt out and object to the processing of information by Intrigma at any time by contacting us at support@intrigma.com 

6. Processors

Intrigma uses trustworthy processors that process your personal data in relation to your use of our websites.

Our processors process the personal data for the reasons mentioned under item above.

Processors may change occasionally. The information processed by the foregoing is stored in their systems. Intrigma has privacy agreements in place that safeguard your data.

Generally, we may use processors for the following processing activities:

1. Cloud storage;
2. Communication with you;
3. E-mail delivery service.

7. Intrigma’s ro under the GDPR

Intrigma will process the Personal Data as a controller as defined under Article 4(7) of the GDPR.

7. Data subject rights

We are aware that persons across the globe, including the European Economic Area (EEA), have certain statutory rights in relation to their personal data. In all cases mentioned above, individuals in the EEA have the rights mentioned hereunder. It is however important to mention that Intrigma will generally apply the data subject rights pursuant to the GDPR also to individuals that are not protected by the GDPR, unless provided otherwise by the applicable law to which Intrigma is subject to.

1. Right of access

You have the right to request confirmation as to whether or not personal data concerning you is processed by Intrigma. You are entitled to receive the following information:

1. The purpose of the processing;
2. The categories of personal data concerned;
3. The recipients or categories of recipients to whom the personal data has been or will be disclosed, in particular, recipients in third countries (i.e. non-EEA countries) or international organizations;
4. Where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
5. The right to lodge a complaint with the relevant data protection authority;
6. Where the personal data wasn’t collected directly from you, any available information in relation to the source;
7. The existence of automated-decision making tools.

You can request a copy of all the personal data we are processing related to you in a machine-readable format at any time.

2. Right to rectification under the GDPR

You have the right to request rectification of any inaccurate personal data that is processed by Intrigma.

You have the right to provide additional personal data that is necessary to complete any missing information. You also have the right to directly rectify directly on the platform a number of parameters, e.g. e-mail address, password etc.

If this request will also affect personal data that was further disseminated to third parties, we will make our best efforts to contact the foregoing third-parties in relation to your request.

3. Right to erasure

Under certain conditions, you are given the possibility to be able to completely or partially delete the personal data pertaining to you that is processed by Intrigma.

4. Right to data portability

In some circumstances, you may be entitled to obtain your personal data from a data controller in a format that makes it easier to reuse your information in another context, and to transmit this data to another data controller of Your choosing without hindrance.

This is referred to as the right to data portability.

5. Right to object to, or limit to restrict, the use of data

You can object to the processing activities performed by Intrigma at any time, for the following reasons:

1. You contest the accuracy of the personal data that is processed by Intrigma, for a period enabling us to verify the accuracy of the personal data;
2. The processing is unlawful and you oppose the erasure of the personal data and request the restriction of its use instead;
3. We no longer need the personal data for the purposes of the processing, but it is required for the establishment, exercise or defence of legal claims;
4. You object to processing that is based on legitimate grounds as you consider that Intrigma’s interests override yours.

Where personal data was disseminated in advance to processors of Intrigma, we will make our best efforts to inform the latter about your request. However, Intrigma’s third-party contracts will ensure that your rights are also respected by our customers or processors.

6. Information about data recipients

You are entitled to request information about the identities of recipients to whom we have disclosed or intend to disclose your personal data.

7. Right to filing complaints

To exercise your rights described above, please submit a verifiable request to us by sending us an email at support@intrigma.com.

You have the right to file complaints with the relevant data protection authority in your country if you are in the European Union in relation to Intrigma’s processing of your personal data.

More information about this is available at the following address: https://edpb.europa.eu/about-edpb/board/members_en. If you are not in the European Union, we advise you to contact your national data protection authority in for further guidance.

The response we provide will also explain the reasons we cannot comply with a request, if applicable.

8. Information sharing and disclosure

Intrigma will not transfer your personal information to third parties that was collected for materially different, unrelated or incompatible purposes without providing you notice. However, we may transfer your personal information without your prior consent to the extent required to do so by law or in the good faith belief that such action is necessary to: (i) conform to the edicts of law or comply with legal process served on Intrigma or the site; (ii) protect or defend the rights or property of Intrigma; (iii) act in urgent circumstances to protect the personal safety, property, or privacy of Intrigma’s employees, users of Intrigma’s products or service, or members of the public; or (iv) effect a transaction, restructuring or proceeding that transfers to a third party the assets or line of business to which the information pertains.

If you choose to provide us with your personal information, we may transfer that information within Intrigma or to Intrigma’s third-party service providers with your permission. In addition, Intrigma may send your personal information to other companies or people under any of the following circumstances: when we have your consent to share the information; we need to share your information to provide the product or service you have requested; we need to send the information to companies who work on behalf of Intrigma to provide a product or service to you (we will only provide those companies the information they need to deliver the service, and they are prohibited from using that information for any other purpose); or we want to keep you up to date on the latest product announcements, software updates, special offers or other information we think you’d like to hear about either from us or from our business partners (unless you have opted out of these types of communications).

In addition, we may share non-identifiable aggregate information about our users (for example, the proportion of male and female users) with advertisers, business partners, and other third parties in an effort to customize or enhance the content and advertising on our Website for our users. We may engage third party consultants to review and analyze system information, including user and client data solely for the purpose of security and performance enhancements. We may export user information to other Intrigma platforms for purposes of communicating training or services, but in no event shall it include the unlawful transfer of Confidential Information.

Personal data of individuals in the EEA may be transferred to our processors, which are based / process this data outside the EEA under strict compliance rules pursuant to the GDPR. We ensure that all necessary measures have been taken to protect the personal data in accordance with the applicable law.

The personal data will only be transferred if the recipient ensures an adequate level of protection for the rights and freedoms of the data subjects or the transfer is performed in accordance with Chapter V of the GDPR and in particular, with any of the safeguards that are provided under Article 46 of the GDPR.

9. Data security

Your personal information is protected for your privacy and security. Intrigma safeguards the security and confidentiality of the data you send us with physical, technical, and managerial procedures. Please be aware that, despite our best efforts, no security measures are perfect or impenetrable.

While we strive to protect your personal information, we cannot ensure the security of the information you transmit to us, and so we urge you to take every precaution to protect your personal data when you are on the Internet.

Change your passwords often, use a combination of letters and numbers, take advantage of multi-factor authentication features where available and make sure you use an up-to-date and secure browser.

9. Third-party sites

Our Websites may contain links to websites operated by third parties. Some of these third-party sites may be co-branded with an Intrigma logo even though they are not operated or maintained by Intrigma. Although we choose our business partners carefully, Intrigma is not responsible for the privacy practices of websites operated by third parties that are linked to our Websites.

Once you have left our Websites, you should check the applicable privacy policy of the third-party website to determine how they will handle any information they collect from you.

10. Changes to this privacy notice

Intrigma may amend this policy from time to time. If we make any substantial changes in the way we use your personal information which differs from the manner intended at the time of the collection, we will make that information available by posting a notice on the website and within our application when applicable.

11. Children’s privacy

Our website is a general audience site that does not target and is not intended for children under the age of 13. Intrigma does not knowingly solicit or maintain personal information pertaining to children under the age of 13.

If Intrigma is informed about the processing of such personal data from a child under the relevant age without parental consent, Intrigma will take all reasonable steps to delete that data.

12. Contact us

Intrigma welcomes your comments regarding this privacy statement and our privacy practices. If you have reason to believe that Intrigma has not adhered to this privacy statement, please contact us electronically at support@intrigma.com or at the address provided below:

Intrigma, Inc.

Attention: General Counsel

1460 Broadway

New York, NY

10036                   

Last Revised: 17/09/2022