Privacy Policy

Effective Date: March 20, 2023

Introduction

OneEthos Inc. (“we”, “us”, “our”, or “OneEthos”) is a provider of financial software and services. Our customers, prospects, registered users, business partners, applicants for employment, and others with whom we do business entrust us with their personal data and personally identifiable information (“Personal Information”) and expect us to protect that Personal Information with the same level of care we do our own. This is fundamental to the way we do business.

This OneEthos Privacy Policy (the “Policy”) describes our practices with respect to processing Personal Information including the collection, use, storage or disclosure of Personal Information, (i) on our website that links to this Policy (“Website”); (ii) when you purchase our products or services (“Services”); (iii) when you participate in our webinars, events, and demonstrations; or (iv) when you interact with us as a vendor, partner, or subcontractor, except where there are specific privacy requirements for a Service and a separate policy has been published for that particular Service.

Collection of Personal Information

While using our Services and Website, we may ask you to provide us with Personal Information that can be used to contact or identify you. Personal Information may include, but is not limited to: Your name, physical address, email address, phone, username and password, and cookies and usage data. We collect information when you register or open an account, sign in, or give us feedback. We may also get information from other companies or third parties, such as when you connect a third-party account or service with our Services.

We may also automatically collect certain usage information ("Usage Data") when you access our Services and Website, such as your computer's Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Services and Website that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data. When you access the Services and Website with a mobile device, this Usage Data may include information such as the type of mobile device you use, your mobile device unique ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browser you use, unique device identifiers and other diagnostic data.

We do not sell Personal Information to anyone and only share it with third parties who are facilitating the delivery of our Services. From time to time, we may receive Personal Information about individuals from third parties. Typically, information collected from third parties will include further details on your employer or industry. We may also collect your Personal Information from a third party website (e.g. LinkedIn).

Our Services and Website may change over time and we may introduce new features that may collect new or different types of information.

Cookies and Tracking Technologies

We use cookies and similar tracking technologies to track the activity on our Website and we hold certain information. Cookies are files with a small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Other tracking technologies, such as beacons, tags and scripts, may also be used to collect and track information and to improve and analyze our website. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our website. Examples of Cookies we may use include:

  • Session cookies. We use Session Cookies to operate our Service.

  • Preference cookies. We use Preference Cookies to remember your preferences and various settings.

  • Security cookies. We use Security Cookies for security purposes.

Use of Personal Information

Unless prohibited by law, regulation or a contractual obligation, we may use your Personal Information and Usage Data for the following purposes:

  • To provide, maintain, and notify you about changes to our Services and Website;

  • To provide customer support or gather feedback;

  • To gather analysis or valuable information so that we can improve our Services and Website, including detecting, preventing and addressing technical issues;

  • To monitor the usage of our Services and Website;

  • To allow you to participate in interactive features of our Services;

  • To contact you with newsletters, marketing or promotional materials, and other information that may be of interest to you. You may opt out of receiving any, or all, of these communications from us by following the unsubscribe link or instructions provided in any email we send or by contacting us; and

  • To share combined, non-identifying information about many users with third parties in a way that would not allow you or any other person to be identified. We or our third-party partners may publicly report the aggregated findings of the research or analysis, but only in a way that would not allow you or any other person to be identified.

Financial Data

In connection with certain Services we offer, you may authorize us to access Financial Data, which is a subset of Personal Information, such as financial transaction history, payment history and account balances, and account transactions and checking or credit card account information. We only access this Sensitive Financial Data with your permission where it is necessary to operate a specific Service you use.

Security and Data Protection

To protect your Personal Information, including Financial Data, from unauthorized access and use, we use security measures that comply with federal law. These measures includes:

  • Computer safeguards;

  • Constantly working to update our security practices to implement accepted best methods to protect your Personal Information and review our security procedures carefully;

  • Complying with applicable laws and security standards;

  • Securely transmitting your Personal Information when such transmission is necessary;

  • Requiring best-method security measures and privacy policies from all vendors and partners; and

  • Training our staff and requiring them to safeguard your data.

Please remember that no method of transmission over the Internet or method of electronic storage is 100% secure. While we use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security.

Sharing Personal Information with Third Parties

The Personal Information we collect from you is stored in one or more databases hosted by third parties located in the United States. These third parties do not use or have access to your Personal Information for any purpose other than cloud storage and retrieval. On occasion, we may engage third parties to send information to you, including information about our products, services, and events.

We do not otherwise reveal your personal data to third-party persons or businesses for their independent use unless:

  • You request or authorize it;

  • It is provided to comply with the law (for example, compelled by law enforcement to comply with a search warrant, subpoena, or court order), enforce an agreement we have with you, or to protect our rights, property or safety, or the rights, property or safety of our employees or others;

  • It is provided to our agents, vendors, or service providers who perform functions on our behalf;

  • To address emergencies or acts of God; or

  • To address disputes, claims, or to persons demonstrating legal authority to act on your behalf. We may also gather aggregated data about our services and website visitors and disclose the results of such aggregated (but not personally identifiable) information to our partners, service providers, advertisers, and/or other third parties for marketing or promotional purposes.

Our Website connects with third party services such as Facebook, LinkedIn, Twitter, and others. If you choose to share information from our Website through these services, you should review the privacy policy of that service. If you are a member of a third-party service, the aforementioned connections may allow that service to connect your visit to our Website to your Personal Information.

Transferring Personal Information to the United States

OneEthos has its headquarters in the United States. Information we collect about you will be processed in the United States. By using our Services and Website, you acknowledge that your Personal Information will be processed in the United States. The United States has not sought nor received a finding of “adequacy” from the European Union under Article 45 of the GDPR. Pursuant to Article 46 of the GDPR, we are providing for appropriate safeguards by entering binding, standard data protection clauses, enforceable by Data Subjects in the EEA and the UK. These clauses have been enhanced based on the guidance of the European Data Protection Board and will be updated when the new draft model clauses are approved.

Depending on the circumstance, we also collect and transfer to the United States Personal Information with consent; to perform a contract with you; or to fulfill a compelling legitimate interest of OneEthos in a manner that does not outweigh your rights and freedoms. We endeavor to apply suitable safeguards to protect the privacy and security of your Personal Information and to use it only consistent with your relationship with us and the practices described in this Policy. We also enter into data processing agreements and model clauses with our vendors whenever feasible and appropriate.

Data Subject Rights

The European Union’s General Data Protection Regulation (GDPR) and other countries’ privacy laws provide certain rights for Data Subjects. Data Subject rights under GDPR include the following: (1) Right to be informed; (ii) Right of access; (iii) Right to rectification; (iv) Right to erasure; (v) Right to restrict processing; (vi) Right of data portability; (vii) Right to object; and (viii) Rights related to automated decision making including profiling.

This Policy is intended to provide you with information about what Personal Information we collect about you and how it is used.

If you wish to confirm that we are processing your Personal Information, or to have access to the Personal Information we may have about you, please contact us here.

You may also request information about: The purpose of the Personal Information processing; the categories of Personal Information concerned; who else outside OneEthos might have received Personal Information from us; what the source of the Personal Information was (if you didn’t provide it directly to us); and how long Personal Information will be stored. You have a right to correct (rectify) the record of your Personal Information maintained by OneEthos if it is inaccurate. You may request that we erase that data or cease processing it, subject to certain exceptions. You may also request that we cease using your Personal Information for direct marketing purposes. In many countries, you have a right to lodge a complaint with the appropriate data protection authority if you have concerns about how we process your Personal Information. When technically feasible, we will, at your request, provide your Personal Information to you.

Reasonable access to your Personal Information will be provided at no cost. If access cannot be provided within a reasonable time frame, we will provide you with a date when the information will be provided. If for some reason access is denied, we will provide an explanation as to why access has been denied.

For questions or complaints concerning the processing of your personal data, you can contact us here. Alternatively, if you are located in the European Union, you can also have recourse to the European Data Protection Supervisor or with your nation’s data protection authority.

Data Storage and Retention

We store your Personal Information on our servers, and on the servers of the cloud-based database management services with which we engage, located in the United States. We retain Services data for the duration of the customer’s business relationship with us and for a period of time thereafter, to analyze the data for our own operations, and for historical and archiving purposes associated with our Services. We retain prospect data until such time as it no longer has business value and is purged from our systems. All Personal Information that we control may be deleted upon verified request from Data Subjects or their authorized agents. For more information on where and how long your Personal Information is stored, and for more information on your rights of erasure and portability, please contact us here.

Children’s Data

We do not knowingly attempt to solicit or receive information from children.

Contact

If you have questions, concerns, complaints, or would like to exercise your rights, please contact us here.