Privacy Notice
Last Update: November 12, 2024
This Privacy Notice for Assista Inc (‘Assista’, 'Company', 'we', 'us', or 'our'), describes how and why we might collect, store, use, and/or share ('process') your personal data when you use our Assista Platform or Website ('Services'), such as when you:
Sign up for and use our Platform or any other Assista application that links to this Privacy Notice.
Engage with us in other related ways, including any sales, marketing, or events.
Use our Website.
Questions or concerns? Reading this Privacy Notice will help you understand your privacy rights and choices. If you do not agree with our policies and practices, please do not use our Services. If you still have any questions or concerns, please contact us at paul@assista.us.
To reflect any changes to the way we process your personal data or any changes to your legal requirements, periodic updates and changes to this Privacy Policy will be posted on this page. We abide by the highest standards and we value your personal data, therefore, our Policy is established in accordance with the rules imposed by the EU Regulation 2016/679 (GDPR).
Who are we? Assista Inc is a company registered in Delaware, United States of America. For the purposes of data protection compliance, Assista Inc has appointed Digital Amorph Services SRL, a company registered in Romania, as representative in the EEA for EEA customers.
How to contact us? You can contact us by phone at (+40)729718190, email at paul@assista.us, or by mail to 651 North Broad Street, Suite 201, Middletown, DE 19709.
SUMMARY OF KEY POINTS
Do we process personal data? When you visit, use, or navigate our Services, we may process personal data depending on how you interact with Assista and the Services, the choices you make, and the products and features you use.
Why do we process your personal data? We may process your personal data to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with the law. We may also process your information for other purposes with your consent. We process your information only when we have a valid legal reason to do so.
In what situations and with which parties do we share personal information? Your personal data may be shared with other entities or persons with whom we are in contractual relations, such as suppliers, IT service providers or online payment service providers. This allows us to provide our services.
How do we keep your information safe? We have organisational and technical processes and procedures in place to protect your personal information. However, no electronic transmission over the internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorised third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information.
What are your rights? Depending on where you are located geographically, the applicable privacy law may mean you have certain rights regarding your personal information. Generally, you have the right of access, the right to rectification, the right to erasure, the right to restrict processing, the right to data portability, the right to object and the right not to be subject to a decision based solely on automated decisions.
How do you exercise your rights? By contacting us by email at paul@assista.us We will take every request seriously and act upon any request in accordance with applicable data protection laws.
YOUR PERSONAL DATA
WHAT PERSONAL DATA DO WE COLLECT?
Personal Data Collected Directly From You:
Contact Information:
When you decide to contact us using our contact form, you provide us with your name, e-mail, phone number. This information will be used to reach out to you and answer your inquiry. We also collect your email when you decide to sign up for newsletters or other forms available on our website.
Account and User Information
We collect Personal Data when you sign-up for an Assista account, create or modify user information, set preferences, or provide any other related information to access or utilize our Service.
Payment Information:
We may collect data necessary to process your payment if you make purchases, such as your credit/debit card number, and the security code associated with your payment instrument, your billing address. All payment data is stored by Stripe. You may find their Privacy Notice link(s) here: https://stripe.com/en-gb-ro/privacy.
Uploads on the Platform:
You may upload your files and documents (“Your Uploads”), on the Assista Chat Platform, subject to size and file type parameters. The personal data contained on these files may vary. Our Services allow you to upload your own documents in order to have better interactions with our chat bot. To make that possible, we store and process Your Uploads. This also includes information such as the size of the file, the time it was uploaded and usage activity. It is your choice whether you want to upload sensitive information on the platform.
Customer Testimonials
We may post customer testimonials and comments on our websites, which may contain Personal Data. We obtain each customer's consent via email or through other agreements prior to posting the customer's name and testimonial.
Personal Data Collected Indirectly:
Navigation data. We automatically collect certain information when you visit, use, or navigate the Services. This information does not reveal your specific identity (like your name or contact information) but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our Services, and other technical information. This information is primarily needed to maintain the security and operation of our Services, and for our internal analytics and reporting purposes.
Your IP address is a number that is automatically assigned to your computer, a unique string of characters that identifies each computer using the Internet Protocol to communicate over a network. An IP address is identified and logged automatically in our servers whenever a user visits our website, along with the time of the visit and the pages visited. Collecting IP addresses is standard practice and is done automatically by most online service providers. We use IP addresses for purposes such as calculating Service usage levels, diagnosing server problems, and administering the Service. We may also derive your approximate location from your IP address.
Cookies: We use cookies that enable us to operate and administer our Site and Services, and improve your experience on it. A “cookie” is a piece of information sent to your browser by a website you visit. You have the option to accept all cookies, to reject all cookies, or to select what particular type of cookies you want to enable. However, refusing a cookie may in some cases negatively affect the display or function of our website or certain areas or features of a website and you will not be able to experience all the functionalities of our Services.
Analytics: We may use cookies that help us analyze how users use the Site and Services and enhance your experience when you use the Site and Services. We currently use Google Analytics to collect information about how visitors use our Site, such as pages visited, time spent on each page, and interactions with content. Google Analytics collects this data anonymously and provides aggregated reports that help us understand overall usage patterns. Google may also use cookies or other tracking technologies to collect and process this information according to their own privacy policies. For more details on how Google Analytics collects and processes data, please refer to Google’s Privacy Policy and Google Analytics Terms of Service. You may opt out of Google Analytics tracking by installing the Google Analytics Opt-out Browser Add-on, which can be found here.
Personal Data Collected From Third-parties
When you choose to register or log in to our Services using a social media account or another platform account, we may have access to certain information about you.
Through the Service, you are enabled to establish connections or integrations with the third-party applications you utilize. The process of using the Service involves transferring information or content from one application to another. The information that gets transferred between these third-party applications is collected by us.
You may link third-party integrations with your Assista account, which may request specific permissions to access or transmit information to your Assista account. It is your duty to evaluate any third-party integrations you enable. We may gather information on the variety of integrations utilized within your Assista account.
Any permissions you provide authorize these third parties to access your information, which might include (but is not limited to) allowing third-party apps to view, store, and alter your Assista account data. We are not liable for the actions of third-party integrations, so it is important to thoroughly review the permissions you give to third-party applications.
On our Platform you can log in through the following Third-party Services and share information from the following providers. We advise you to access each of these providers Terms of Use and Privacy Policy before giving us permission: Notion, Google Calendar, Google Mail, Outlook, Slack, Hubspot, Trello.
Gmail Integration
If you use the Gmail integration, you will be asked to give us access to information from your Gmail or Google account.
By integrating Gmail with Assista, you are allowing the Service to access data associated with your account, such as contacts, emails, calendar events, distribution lists, subject lines, and URLs from tracked links in your emails, should you utilize the email tracking feature. Furthermore, the Service will have the capability to read, modify, create, and dispatch emails through your linked Gmail account. To provide the notifications feature, the Service will analyze your emails' content to determine which ones you've chosen to track. It will store information including email replies, sent mail, headers, subject lines, distribution lists, aliases, sending times, and the content of the emails themselves. Be aware that your emails may carry sensitive details, including contact names, personal conversations, or financial or medical information.
In the case of connecting your Gmail account through IMAP (or a Generic Inbox Connection), the Subscription Service's access will be limited to your email address, password, server details, email metadata, and the content of the messages.
Our use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
Google Calendar Integration
The Service will have access to your Google Calendar and will have the ability to: create or change your calendars, and update individual calendar events.
WHY DO WE PROCESS YOUR INFORMATION?
We process your personal information for a variety of reasons, depending on how you interact with our Services, including:
To facilitate account creation and authentication and otherwise manage user accounts. We may process your information so you can create and log in to your account, as well as keep your account in working order.
To provide you with our Services: We need to process your personal data in order to grant you access to our Services.
For Billing, account management, and administrative purposes: If you sign up for a trial or purchase a paid subscription, we may collect and process payment information, including your name, credit or debit card information, billing address, and details of your transaction history.
To save or protect an individual's vital interest. We may process your information when necessary to save or protect an individual’s vital interest, such as to prevent harm.
To improve our services: In order to provide you with the best online browsing experience on our website, we may collect and use certain information about your activity on the site. We rely on our legitimate interest to carry out activities for you in optimal conditions, while taking care to respect your fundamental rights and freedoms. For example, we use device information to detect abuse and identify and troubleshoot bugs.
To defend our legitimate interests: In certain situations, we will use or transmit information to protect our rights and activities. Among these we list: various measures to protect the website and its users against cyber attacks, measures to prevent and detect fraudulent attempts, including the transmission of information to the competent public authorities.
For statistics purposes: To enable us to improve the Services and better understand our users and the markets in which we operate. For example, we may conduct or facilitate research and use learnings about how people use our Services and feedback provided directly to us to troubleshoot and to identify trends, usage, activity patterns, areas for additional features and improvement of the Services and other insights.
To provide customer support: To resolve technical issues you encounter, to respond to your requests for assistance, comments and questions, to analyze crash information, to repair and improve the Services and provide other customer support.
To sort out your requests: We collect your data in order to provide you with information of interest to you as a beneficiary of our services. We will use the contact details provided by you exclusively with the purpose of processing your specific request. We always make sure that processing is carried out in accordance with your rights and freedoms and that the decisions taken on the basis of them do not affect you.
To keep you informed of our Services: We may collect your personal data that you directly and willingly provide to use for marketing purposes to keep you up to date with our Services, events, promotions or updates. You can withdraw your consent and unsubscribe at any time, without any consequences.
To fulfill our legal obligations: To comply with applicable law, legal process and regulations and protect legitimate business interests.
WHAT LEGAL BASES DO WE RELY ON TO PROCESS YOUR INFORMATION?
If you are located in the EU or UK, this section applies to you.
The General Data Protection Regulation (GDPR) and UK GDPR require us to explain the valid legal bases we rely on in order to process your personal information. As such, we may rely on the following legal bases to process your personal information:
Consent. We may process your information if you have given us permission (i.e. consent) to use your personal information for a specific purpose. You can withdraw your consent at any time (this is the case for marketing communications or when you decide to sign up for our newsletter).
Performance of a Contract. We may process your personal information when we believe it is necessary to fulfil our contractual obligations to you, including providing our Services or at your request prior to entering into a contract with you.
Legal Obligations. We may process your information where we believe it is necessary for compliance with our legal obligations, such as to cooperate with a law enforcement body or regulatory agency, exercise or defend our legal rights, or disclose your information as evidence in litigation in which we are involved.
Vital Interests. We may process your information where we believe it is necessary to protect your vital interests or the vital interests of a third party, such as situations involving potential threats to the safety of any person.
Legitimate interests. We might have a legitimate interest when we processes personal data for direct marketing purposes, to prevent fraud or to ensure the network and information security of your IT systems.
In legal terms, we are generally the 'data controller' under European data protection laws of the personal information described in this Privacy Notice, since we determine the means and/or purposes of the data processing we perform. This Privacy Notice does not apply to the personal information we process as a 'data processor' on behalf of our customers. In those situations, the customer that we provide services to and with whom we have entered into a data processing agreement is the 'data controller' responsible for your personal information, and we merely process your information on their behalf in accordance with your instructions. If you want to know more about our customers' privacy practices, you should read their privacy policies and direct any questions you have to them.
WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?
WE DO NOT SELL YOUR PERSONAL DATA.
Where applicable, we may transmit or provide access to certain personal data of yours to various categories of suppliers, personnel, or other companies with which we may develop partnerships necessary for the conduct of our business, but only if there is a good reason and sufficient technical and organizational measures have been taken to secure the same level of protection by such third parties.
We may also disclose certain personal data to public authorities, if we have a legal obligation or if it is necessary to defend a legitimate interest.
We ensure that access to your data by third parties under private law is made in accordance with the legal provisions on data protection and confidentiality of information, based on contracts concluded with them. Therefore, all data is transmitted with appropriate safeguards, by encrypting the transmitted files.
We may need to share your personal information in the following situations and with the following categories of suppliers:
Business Transfers. We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
Suppliers needed to perform our Services: We may share your personal data with service providers provide us support for our Services, including but not limiting to website and application development, hosting, maintenance, backup, storage, payment processing, analysis, identity verification, banking services, accounting services, and other services for us, which may require them to access or use personal data about you.
Law or Public Interest: We may disclose your information to third parties if we determine that such disclosure is reasonably necessary to: (a) comply with any applicable law, regulation, legal process, or appropriate government request; (b) protect any person from death or serious bodily injury; (c) prevent fraud or abuse of the Company or our users; (d) protect our rights, property, safety, or interest; or (e) perform a task carried out in the public interest.
Consultants and auditors: Your personal information might be examined by our lawyers, accountants, financial professionals, auditors, and insurance providers. This is essential for delivering services related to consultation, regulatory compliance, financial transactions, legal matters, insurance coverage, accounting, and similar areas.
Advertisers: We may also allow third-parties, including ad servers or ad networks, to serve advertisements on our Services and such third parties may be provided with access to your personal data to provide advertising tailored to your interests.
FOR HOW LONG DO WE KEEP YOUR INFORMATION?
We may retain your personal data for as long as it is reasonably needed to maintain and expand our relationship and provide you with our Services and offerings; in order to comply with our legal and contractual obligations; or to protect ourselves from any potential disputes (e.g. as required by laws applicable to log-keeping, records and bookkeeping, and in order to have proof and evidence concerning our relationship, should any legal issues arise following your discontinuance of use). We will generally keep your personal data for as long as you have an account with us. We might hold onto your login details or contact information for a certain amount of time, typically no more than two years, if you decide not to delete your account permanently.
When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymise such information, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
HOW DO WE KEEP YOUR INFORMATION SAFE?
We have implemented appropriate and reasonable technical and organisational security measures designed to protect the security of any personal information we process. However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorised third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information. Although we will do our best to protect your personal information, transmission of personal information to and from our Services is at your own risk. You should only access the Services within a secure environment.
IN WHAT COUNTRIES DO WE TRANSFER YOUR PERSONAL DATA?
We currently store and process your personal data in the United States. However, given the geographic scope of our business, we may transfer certain of your personal data to partners or suppliers in other countries,
We take all measures to ensure that any international transfer of personal data is carefully managed in order to protect your rights and interests, and we allow such transfers only when absolutely necessary, applying the principle of minimization. Data transfers will always be protected by contractual commitments and, where appropriate, by other guarantees of a technical or organizational nature. To find out more about the countries where we transfer your data, you can contact us at any time.
Despite the measures taken to protect your personal data, we do not take responsibility for vulnerabilities in systems that are not under our control. We remind you that the transmission of information via the Internet is not completely secure, there is a risk that the data will be viewed and used by unauthorized third parties regardless of our intervention.
WHAT ARE YOUR PRIVACY RIGHTS?
You have the following rights as a data subject:
Access
You can ask us to confirm whether we process your personal data, as well as to provide you with a copy of it and to present to you the data we have, what we use it for, to whom we disclose it, if we transfer it abroad, how we protect it, how long we keep it, what rights you have, how you can file a complaint, where we got your data from, to the extent that the information has not already been provided to you in this page.
Rectification
You may ask us to rectify or complete your inaccurate or incomplete personal data. It is possible to check the accuracy of the data before rectifying it.
Data deletion
You can ask us to delete your personal data, but only if:
• they are no longer necessary for the purposes for which they were collected;
• you have withdrawn your consent (if the data processing was based solely on your consent);
• they were processed illegally;
• exercise a legal right to oppose;
• we have a legal obligation in this regard. We are not required to comply with your request to delete personal data in any circumstance. The most likely situations in which we could deny your request are:
• for compliance with a legal obligation;
• for establishment, exercising or the defense of a right in court.
Restricting data processing
You can request that we restrict the processing of personal data only if:
• their accuracy is challenge and we need to verify their accuracy;
• they are no longer needed for the purposes for which they were collected, but you need them to establish, exercise or defense of a right in court;
• processing is illegal, but you do not want the data to be deleted;
• you have exercised your right to object, and the verification of our rights prevails is ongoing. We may continue to use your personal data following a request for restriction if we have your consent, or to ascertain, exercise or ensure the defense of a right in court or to protect the rights of Assista or another natural or legal person.
Data portability
You can ask us to provide you with personal data in a structured, commonly used and automatically readable format, or you can request that it be ported directly to another data controller, provided that the processing is based on your consent or on the conclusion or execution of a contract with you and to be done by automatic means, as well as to make the porting technically possible.
Right to oppose data processing
You may object to the processing of your data at any time if you believe that your fundamental rights and freedoms prevail over our legitimate commercial interest.
Automated decisions
You may request that you not be subject to a decision based solely on automatic processing when that decision:
• produces legal effects on you;
• it affects you in a similar way and to a significant extent. This right will not apply where the decision was reached by following automated decision-making:
• we are required to enter into or enter into a contract with you;
• is authorized by law and there are adequate guarantees for your rights and freedoms;
• is based on your explicit consent.
Claims
You have the right to submit a complaint regarding the processing of your personal data and we assure you that we will make every effort to resolve any issues in a reasonable and peaceful way. You may contact us by email at paul@assista.us. We promise to respond to any valid requests within a maximum of 30 days, unless this is particularly complicated or if you have made multiple requests, in which case we will respond within a maximum of 60 days, with the information your properly.
To request to review, update, or delete your personal information, please contact us at paul@assista.us.
Additionally, you can also submit your request by post.
However, please note that given the global reach of our app, we strongly recommend that you contact us by email. We cannot guarantee the arrival on time by post. If you, however, choose to submit a request through the mail, we recommend that you mail your request with confirmation of receipt.
We will consider and act upon any request in accordance with applicable data protection laws. If you are located in the EEA or UK and you believe we are unlawfully processing your personal information, you also have the right to complain to your local data protection supervisory authority. You can find their contact details here: https://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.
If you are located in Switzerland, the contact details for the data protection authorities are available here: https://www.edoeb.admin.ch/edoeb/en/home.html.
If you have questions or comments about your privacy rights, you may email us at paul@assista.us.
OPTING OUT OF PROMOTIONAL COMMUNICATIONS
You can unsubscribe from our marketing and promotional communications at any time by clicking on the unsubscribe link in the emails that we send, or by contacting us at paul@assista.us. You will then be removed from the marketing lists. However, we may still communicate with you — for example, to send you service-related messages that are necessary for the administration and use of your account, to respond to service requests, or for other non-marketing purposes.
AFFILIATE DATA
Our platform utilizes Rewardful to manage affiliate relationships, track referrals, and calculate affiliate commissions. When users interact with our affiliate links, Rewardful may collect certain data to attribute referrals accurately. This data can include user identifiers, transaction details, IP addresses, and browsing activity. The information gathered by Rewardful is essential for tracking referral sources, ensuring accurate commission payments to affiliates, and enhancing the functionality of our affiliate program. We do not sell or share this data outside of our use of Rewardful, and we implement stringent data protection measures in line with GDPR and other data protection laws.
Affiliates and users referred through our affiliate program have rights over their data, including the right to access, correct, or request deletion of personal information. Additionally, individuals can request to limit or opt out of tracking technologies used by Rewardful by contacting us. For more details on data processing practices, affiliates and users may refer to Rewardful’s privacy policy or reach out directly to us with any specific questions.
MINORS PERSONAL DATA
We do not knowingly solicit data from or market to children under 18 years of age. By using the Services, you represent that you are at least 18 or that you are the parent or guardian of such a minor and consent to such minor dependent’s use of the Services. If we learn that personal information from users less than 18 years of age has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records. If you become aware of any data we may have collected from children under age 18, please contact us at paul@assista.us.
USE OF COOKIES AND OTHER TRACKING TECHNOLOGIES
We use cookies and similar tracking technologies (like web beacons and pixels) to access or store information, to enhance your browsing experience, and analyze our traffic. Specific information about how we use such technologies and how you can refuse certain cookies is set out in our Cookie Notice.
Most Web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. If you choose to decline cookies, you may not be able to sign in or use other interactive features of our website and services that depend on cookies.
CONTROLS FOR DO-NOT-TRACK FEATURES
Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track ('DNT') feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. At this stage no uniform technology standard for recognising and implementing DNT signals has been finalised. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this Privacy Notice.
LINKS TO OTHER WEBSITES
Our Service might include links to other websites, mobile applications, or social media platforms. We are not responsible for examining or evaluating the content or accuracy of any other website and do not warrant and will not have any liability or responsibility for any other party’s materials or websites or for any other materials, products, or services of other websites. Please review carefully other party’s website’s policies and practices and make sure you understand them before you engage in any transaction. Claims, complaints, questions, or concerns regarding other parties should be directed to that party. We disclaim all responsibility for your access to other websites. If you cannot find the Privacy Policy on any of these sites once you have arrived at their site via a link from our site, you should contact that site directly for more information or you can e-mail at us paul@assista.us. We are not responsible for the contents of those sites and they will process your personal data in accordance with their Privacy Policy.
APPLICABLE LAW
By visiting the Website and thus expressly accepting this Privacy Statement and the conditions therein, you agree that any dispute or claim relating to this Privacy Statement and the processing of Personal Data shall be governed by the laws of the state Delaware and of the United States of America. Any legal action or procedure relating to this website must be filed only in a federal or state court with jurisdiction over the matter, located in Delaware.
UPDATES TO THIS NOTICE
We reserve the right to update this Privacy Notice from time to time. The updated version will be indicated by an updated 'Revised' date and the updated version will be effective as soon as it is accessible. If we make material changes to this Privacy Notice, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this Privacy Notice frequently to be informed of how we are protecting your information.
CONTACT
We are always open to find out your thoughts and views and to provide you with any additional information you may need regarding the processing of your data. If you have any questions about the content of this document or wish to exercise your rights, please do not hesitate to contact us by email at paul@assista.us or by post at 651 North Broad Street, Suite 201, Middletown, DE 19709.