PRIVACY POLICY
("NESS Behavior Consulting," "we," "us," or "our"), oversees this website, including the services underlying the site and the content appearing herein, https://www.nessbehaviorconsulting.com/ (collectively, the "Site"). We have developed this privacy policy ("Privacy Policy") to inform users ("user," "you," or "your") about how we collect information in the course of conducting our business, including on the Site, how we use the collected information, and a user’s rights with respect to the collected information. The terms contained herein apply to all users of this Site.
This Privacy Policy is binding on all those who access, visit, and/or use our Site, whether acting as an individual or on behalf of an entity, including you and all persons, entities, or digital engines of any kind that harvest, crawl, index, scrape, spider, or mine digital content by an automated or manual process or otherwise. Please read this Privacy Policy carefully. If you do not agree to be bound by this Privacy Policy, then do not access or use the Site. By accessing and/or using the Site, you accept and agree to be bound by this Privacy Policy.
If you have any questions about this Privacy Policy, please contact us at info@nessbehaviorconsulting.com or at the contact information at the bottom of this page.
The Site is hosted and operated in the United States. If you use the Site from outside the United States, please be aware that the information you provide to us is transmitted to, processed, and stored in the United States. Data will be collected, processed, maintained, and used subject to this Privacy Policy and applicable privacy laws in the United States and in the European Economic Area. These laws may be different from the privacy laws in your country. However, this does not change our commitments to safeguard your privacy, and we will comply with all applicable laws relating to the cross-border transfer of your Personal Data (as that term is described below).
1. Data and Information We Collect
When you use the Site, we collect and/or process the following types of data:
a. Personal Data
"Personal Data" means any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier. We collect Personal Data that you provide to us when you make a purchase; create an appointment; subscribe to one of our newsletters; contact us via phone, email, postal mail, or other means; chat with us on our Site; or respond to our communications to you (e.g., surveys, requests for feedback).
This may include your first or last name, email address, social media usernames, telephone number, mailing address, billing address, payment information, organization name, geolocation information, or your IP address. We may also collect demographic information such as gender, nationality, ethnic origin, interests or preferences, business or company information, professional experience, educational background, professional or personal reference contact information, or social media URLs.
In the European Economic Area ("EEA"), Personal Data includes an identification number, location information, and/or an online identifier.
If we combine or associate information from other sources with Personal Data that we collect through the Site, we will treat the combined information as Personal Data in accordance with this Privacy Policy.
b. Non-Personal Data
"Non-Personal Data" does not identify you, but provides insights regarding your use of the Site. We collect Non-Personal Data that may include information about your use of the Site, including but not limited to, Internet connection information, computer equipment information, web browser specifications, websites visited before accessing our Site, websites visited after leaving our Site, other similar information about traffic and usage as you navigate to, through, and away from our Site, chat interactions on the Site (including text exchanged during the interactions), donation amounts and frequencies, items purchased, purchase histories, information you post or otherwise submit to the Site, or emails you send to us.
Non-Personal Data that we collect may also include "Log Data." Log Data refers to certain information about how a user uses our Site.
Log Data may include the pages or features of the Site to which a User browsed and the time spent on those pages or features, the frequency with which the Site are used by a User, search terms, the links on our Site that a user clicked on or used, and related timestamps.
We use automated information collection tools, such as cookies and web beacons, to collect certain types of Non-Personal Data. You can set your browser to reject cookies, but that may limit your use of some convenience features on the Site. We also use Google Analytics and automated chat and email marketing software to provide services and website functionality to Users.
Personal Data and Non-Personal Data are collectively referenced as "Data."
In some jurisdictions, such as the United States, an IP address may be considered Non-Personal Data. In the European Economic Area, for example, an IP address is considered Personal Data under applicable data protection laws. If this is the case, we process Non-Personal Data for the same purposes as Personal Data under this Privacy Policy.
c. Health Information
When you schedule an appointment, we will obtain sensitive information related to your health, which is defined as Protected Health Information ("PHI") under the Health Insurance Portability and Accountability Act ("HIPAA"). We act in compliance with the federal healthcare privacy and security rules, such as HIPAA and the Health Information Technology for Economic and Clinical Health ("HITECH") Act, when receiving and processing your PHI. You can learn more about our PHI data practices and obligations under our Privacy Policy.
d. Geolocation Information
You may choose to allow us to access your location by granting the Site access to your location when prompted. You may change this setting on your device or browser. We may also determine location information about you based on information in your Internet connection data or provided by your ISP (e.g., your IP address).
e. Third-Party Social Networking Service(s)
If you choose to access, visit, and/or use any third-party social networking service(s) that may be integrated with our Site, we may receive your Personal Data and other information about you and your computer, mobile, or other device that you have made available to those social networking services, including information about your contacts through those services.
For example, some social networking services allow you to push content from our Site to your contacts or to pull information about your contacts so you can connect with them on or through our Site. Some social networking services also will facilitate registration or enhance or personalize your experience on our Site. This includes if you "follow," "like," or link your social networking account to our Site. Your decision to use a social networking service in connection with our Site is voluntary.
However, you should make sure you are comfortable with the information your third-party social networking services may make available by reviewing privacy policies of those providers and/or modifying your privacy settings directly with those networking Site/services.
2. Use of Data and Information
For Legitimate Interests. We use Non-Personal Data collected by clickstream information collection, web pixels, and cookies to store your preferences, improve website navigation, make personalized features and other services available to you, to generate statistical information, monitor and analyze user traffic and usage patterns, monitor and prevent fraud, investigate complaints and potential violations of our policies, to improve the our content and the products, services, materials, and other content that we describe or make available through the Site, and otherwise help administer and improve the Site.
We may identify you from your Personal Data, and we may merge or co-mingle Personal Data and Non-Personal Data. Except as otherwise stated, we may use information we collect from you for the legitimate business purpose of providing our services to you, including, but not limited to:
1. operating, maintaining, and providing to you the features and functionality of our Site;
2. send you Site-related notices, including notifications about our Site, newsletters, changes to the Site, or other information;
3. establishing Accounts for users to use the Site;
4. validate your username, e-mail, password, and/or other login credentials;
5. customizing the Site-related content to your preferences;
6. responding to your requests and provide user support;
7. sending via e-mail information relevant to your upcoming appointment and any related follow ups;
8. processing your purchases;
9. providing you with merchandise or services you have requested or purchased from us;
10. evaluating and improving the content of our Services;
11. checking on your Account status and maintaining record of activities in connection with your use of the Site;
12. enforcing our agreements, terms, conditions, and policies;
13. working with our service providers who perform certain business functions or services on our behalf;
14. preventing or investigating fraud (or for risk management purposes);
15. complying with a legal obligations, court order, or in order to exercise our legal claims or to defend against legal claims;
16. conducting aggregate or research analysis and developing business intelligence that helps us to enhance, operate, protect, make informed decisions and report on the performances of our Site;
17. notifying of contest or sweepstakes results;
18. sending e-mail and postal mail supplying the most recent service information or sending you information about an order (e.g., order confirmations, shipment notifications, etc.); and
19. notifying you of any changes to relevant agreements or policies (including, but not limited to, this Privacy Policy, our Terms of Use, or our Website Cookie Policy).
If you are a user accessing our Site from within the EEA and we have collected your Personal Data (such user herein referred to as a "Data Subject") and we have obtained your consent, we may also use your Data in the following ways; and, if you are a citizen of any other jurisdiction, you acknowledge that we may use your information in the following ways:
1. to share your information with our corporate parents, subsidiaries, other affiliated entities, and associated entities;
2. to send e-mail and postal mail to provide you with updates and news;
3. to process any request you make; and
4. to process the commercial transaction for which you provided Information.
In addition, we use third‐party e‐mail providers to deliver communications to you. This is an opt-in e-mail program. If you no longer want to receive these e-mail communications, you may opt-out of receiving e-mail communications through the "unsubscribe" link, featured in the footer our emails.
We may, from time to time, invite you to participate in online surveys.
The information requested in these surveys may include, but is not limited to, your opinions, beliefs, insights, ideas, activities, experience, purchase history, and purchase intent regarding products, events, and the Site. The information collected by these surveys is used to research market trends, company growth, community needs, etc. Your input will help us to improve customer experience and shape development of our products and Services.
3. How We Share Information
We share your Data in the following ways:
1. We may, sell, rent, or barter your Personal Data with certain third parties. 2. We may store portions of your Data in locations outside of the direct control of NESS Behavior Consulting (e.g., on servers or databases co-located with service providers).
We may share your Data with the following parties:
1. Corporate affiliates, including corporate parents, subsidiaries, other affiliated entities, and associated entities for the purposes described in this Policy which are required to treat the information in accordance with this Privacy Policy;
2. Service providers that help us administer and provide the Site (for example, a web hosting company whose services we use to host our platform). These third-party services providers have access to your Personal Data only for the purpose of performing services on our behalf. We have entered into contractual relationships with these service providers and require them to comply with all applicable information privacy laws and regulations and to use the Data only for the purposes for which it was disclosed;
3. Any Data that you voluntarily disclose for posting to the Site becomes available to the public. This Data may be controlled by privacy or website customization settings. If you remove Data that you posted to the Site, copies may remain viewable, for example, in cached or archived pages or if other Users have copied or saved that Data;
4. Authorized third parties, who are parties directly authorized by you to receive the applicable Data, such as when you authorize a third-party application provider to access your Account. The use of your Data by an authorized third party is subject to the third party’s privacy policy;
5. Third parties in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings), in which case we will require the recipient to use such information in accordance with this Privacy Policy;
6. As we believe necessary: (i) under applicable law; (ii) to enforce applicable terms and conditions; (iii) to protect our rights, privacy, safety or property, and/or that of our affiliates, you, or others; (iv) to detect, prevent, or otherwise address fraud, security or technical issues; (v) to respond to claims that contact information (e.g., name, e-mail address, etc.) of a third-party has been posted or transmitted without their consent or as a form of harassment and (vi) to respond to requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities, which may include authorities outside your country of residence; and
7. Pursuant to your express consent.
4. Third-Party Service Providers
We use third-party service providers to help us operate our Site, who may collect, store, and/or process the information detailed herein. We allow access to our Site and databases by third parties that provide us with services, such as technical maintenance, market research, community and forums management, auction services, and other functionality, but only for the purpose of and to the extent necessary to provide those services.
If you choose to make a purchase from our online store, sign up for an appointment, request to be on our mailing list on the Site, or take similar actions, we may forward your information to third parties for services such as credit card or other payment processing, order fulfillment, credit pre-authorization, and address verification.
There are also times when you provide information about yourself to us in areas of the Site that may be managed or participated in by third parties. In such cases, the information may be used by us and by such third party, each pursuant to its own policies.
We use commercially reasonable efforts to engage with third parties that post a privacy policy governing their collection, processing, and use of Non-Personal Data and Personal Data.
5. Information Security
We take reasonable steps online and offline to safeguard the Personal Data that you provide to us, including:
1. hosting your Personal Data with enterprise-grade service providers that use Secure Sockets Layer (SSL) encrypted connections (HTTPS), secure multi-tiered firewalls, encryption, secure cloud-based environments, server authentication, and industry-standard firewalls;
2. using password managing software to manage our passwords; and
3. using two-factor authentication to access backend systems.
It is common knowledge that transmission of information via the Internet is not wholly secure, and we cannot guarantee the security of your Personal Data, or any other information, transmitted to or through any of our Site. Any transmission of Personal Data, or other information, is at your own risk. By using our Site, you acknowledge and accept these risks.
As a result, we cannot guarantee or warrant the security of any information you disclose or transmit to us or that are otherwise provided to us and we cannot be responsible for the theft, destruction, or inadvertent disclosure of information. It is your responsibility to safeguard any passwords, ID numbers, or other special access features associated with your use of the Site. Any transmission of information is at your own risk.
If you have any questions about security on our Site, or if you become aware of any unauthorized use of an Account, loss of your Account credentials, or suspect a security breach, notify us immediately via info@nessbehaviorconsulting.com.
6. Rights to Your Personal Data
You may change, edit, update, or delete the information that you provided when you set up your Account, when you purchased a product, set up an appointment, or joined our mailing list by sending a request to info@nessbehaviorconsulting.com. You may also request the deletion of this information by sending an e-mail to info@nessbehaviorconsulting.com.
If you access our Site from certain jurisdictions, such as the EEA, you may have additional rights and options with regard to accessing, reviewing, correcting, and updating your Personal Data, as well as how we use and disclose your Personal Data.
As a Data Subject, you have the right to request access to your Personal Data as it exists in our records by e-mailing us at info@nessbehaviorconsulting.com.You also have the right to rectification, correction, or amendment of your Personal Data if it is inaccurate or incomplete. You may also have the right to erasure of your Personal Data; however, this is not always possible due to legal requirements and exceptions may apply. Please note that if you request erasure of your Account, we, in complying with your request, shall also delete any and all information that has been submitted to us through our Site.
A Data Subject may have the right to object to the processing of his or her Personal Data, for example, due to his or her particular situation, for direct marketing uses, or for scientific or historical research. In certain circumstances, Data Subjects may have the right to obtain a restriction on our processing of their Personal Data, in which case such Personal Data will, with the exception of storage, only be processed with the Data Subject’s consent or in circumstances such as our exercise or defense of legal claims or the protection of another person.
Data Subjects may also have the right to request that we provide data portability for their Personal Data via a copy of the data in a commonly-used format and/or transfer their Personal Data directly to another data controller (where technically feasible). Exceptions to these rights may apply, for example, if the processing is necessary for a task carried out in the public interest. Finally, if a Data Subject has given his or her consent to our processing of his or her Personal Data for certain purposes, he or she has the right to withdraw consent to such use at any time by contacting us via the contact information below.
If you are not satisfied with how we manage your Personal Data, you have the right to make a complaint to a data protection regulator. A list of National Data Protection Authorities can be found here.
7. Information Retention
We retain the Personal Data we receive as described in this Privacy Policy for as long as you use our Site or as necessary to fulfill the purpose(s) for which it was collected, provide our products and services, resolve disputes, establish legal defenses, conduct audits, pursue legitimate business purposes, enforce our agreements, and comply with applicable laws.
Following termination or deactivation of your Account, we may retain your Data for a reasonable amount of time for archival purposes. Furthermore, we may retain and continue to indefinitely use your Data contained in your communications to other users or posted in public or semi-public areas of the Site.
8. Geographic Data Transfers
In some instances we may need to transfer your Personal Data outside the EEA. In all cases, we take steps to ensure that transfers of such Personal Data are performed in accordance with applicable law and carefully managed to protect your privacy rights and interests. Transfers are limited to countries that are recognized as providing an adequate level of legal protection or where we can be satisfied that alternative arrangement are in place to protect your privacy rights.
Therefore, where we transfer your Personal Data outside our corporate affiliates or to third parties who help provide our products and services, we obtain contractual commitments to protect your Personal Data under Data Protection Agreements and pursuant to Standard Contractual Clauses. Some of these assurances are well recognized certification schemes such as the EU - US Privacy Shield for the protection of Personal Data transferred from within the EU to the United States.
Where we receive requests for information from law enforcement or regulators, we carefully validate these requests before disclosing any Personal Data.
9. Data Protection Officer
We have appointed a Data Protection Officer to receive any data inquiry. If you have an inquiry regarding your Personal Data, pursuant to the rights listed in the preceding section (above), please send your message to info@nessbehaviorconsulting.com.
10. Links to Third Party Site
The Site may contain links to other Site that are not operated by us. If you click on a third-party link, you will be directed to that third party’s site. Such links do not constitute an endorsement by us of those other websites, their content or services, or the persons or entities associated with those websites.
This Privacy Policy does not apply to third-party websites. We have no control over, and assume no responsibility for, the content, privacy policies, or practices of any third-party Site or services. We encourage you to review the privacy policies and terms of all third-party websites or services that you may visit.
11. Children’s Privacy
We do not sell products or services for purchase by anyone under the age of thirteen (13). In accordance with the Children’s Online Privacy Protection Act ("COPPA"), we will never knowingly request or solicit Personal Data from anyone under the age of thirteen (13) without verifiable parental consent.
In the event that we receive actual knowledge that we have collected such Personal Data without the requisite and verifiable parental consent, we will delete that information from our database as quickly as is practical. We reserve the right to request proof of age at any stage so that we can verify that minors are not using the Site.
12. Your California Privacy Rights
California Civil Code Section 1798.83 permits California residents to request and obtain a list of what Personal Data (if any) we disclosed to third parties for direct marketing purposes in the preceding calendar year and the names and addresses of those third parties. Requests may be made only once a year and are free of charge. Under Section 1798.83, California residents are entitled to request and obtain such information, by e-mailing a request to info@nessbehaviorconsulting.com.
13. Changes in the Privacy Policy
We reserve the right to modify and update this Privacy Policy at any time by posting an amended version of the statement on our Site. Please refer to this policy regularly. If at any time we decide to use Personal Data in a manner different from that stated at the time it was collected, we will notify you either on the panel home page of our Site or via e-mail.
14. How to Contact Us
By e-mail: hello@nessbehaviorconsulting.com.