Version Date: June 1, 2020
The security of your Personal Information is important to us. The Company uses a variety of industry-standard and commercially reasonable physical, electronic, and procedural safeguards to protect Personal Information in the Company’s possession or control from loss, theft, misuse, and unauthorized access, disclosure, alteration, and destruction in accordance with applicable law. However, please be advised that even the best security measures cannot fully eliminate all risks and we cannot guarantee that any safeguards or security measures will be sufficient to prevent a security problem. We recommend that our users take steps to protect against unauthorized access to any devices, networks and applications connected to the Website and/or the Services. You are responsible for maintaining the confidentiality of your Personal Information by keeping your password confidential. You should change your password immediately if you believe someone has gained unauthorized access to it or your account. If you lose control of your account, you should notify us immediately.
Our Website and Services are not directed to or intended for use by children under sixteen (16) years of age and children under age 16 are prohibited from using the Services. We do not knowingly collect any information from children under 16. By accessing, using, and/or submitting information to or through the Website and/or the Services, you represent that you are at least 16 years of age. If a parent or guardian becomes aware that his or her child has provided us with information without their consent, please contact us immediately. If we learn that we have received or inadvertently gathered any information from a child under age 16, we will delete such information from our records as soon as reasonably practicable.
Our customers are the data controllers/businesses of end users’ personal information or personal data. As the data controllers/businesses, our customers are responsible for receiving and responding to requests from end users and other individuals to exercise any rights afforded to them under applicable data protection law. We will use commercially reasonable efforts to assist customers in responding to such requests as related to the Services to the extent the customer is unable to respond to such requests.
Most web browsers and some mobile operating systems include a Do-Not-Track (“DNT”) feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. Because there is not yet a common understanding of how to interpret the DNT signal, the Website currently does not respond to DNT browser signals or mechanisms.
Please email your policy question or complaint to us at the address below:
Computer Programs and Systems, Inc.
Compliance Point of Contact
Attn: Kevin Plessner
6600 Wall Street
Mobile, Alabama 36695
If you believe there may have been a violation of TruCode / CPSI policy, law or other illegal or unethical business conduct relating to our business, you may report such violations anonymously by using this complaint form. We will document and evaluate your complaint, investigate it as appropriate and take action as necessary to address the situation.
Legal basis for processing. We only use your personal data as permitted by law. We are required to inform you of the legal basis of our processing of your personal data, which are based on one or more of the following:
If you have questions about the legal basis of how we process your personal data, contact us using the contact information provided above.
Retention. We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. We keep basic information about our users for the duration of the agreement. In some circumstances we may anonymize your personal data (so that it can no longer be associated with you) in which case we may use this information indefinitely without further notice to you.
Your Rights. European data protection laws give you certain rights regarding your personal data. You may ask us to take the following actions in relation to your personal data that we hold:
You can submit these requests by email or our postal address provided above. We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to legal restrictions. If you would like to submit a complaint about our use of your personal data or response to your requests regarding your personal, you may contact us as described above or submit a complaint to the data protection regulator in your jurisdiction. You can find your data protection regulator here: http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm.
Subprocessors. We may engage certain third parties (“Subprocessors”) in order to assist us in connection with the Services, some of whom may have access to your personal data in conjunction with such processing. Please contact us for a list of our current Subprocessors.
Cross-Border Data Transfer. Whenever we transfer your personal data out of the EEA to countries not deemed by the European Commission to provide an adequate level of protection, the transfer will be based on one of the safeguards recognized by the European Commission as providing adequate protection for personal data, where required by EU data protection legislation. Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
Shine the Light Law
California Civil Code Section 1798.83, also known as the "Shine The Light" law, permits our users who are California residents to request and obtain from us, once a year and free of charge, information about the Personal Information (if any) we disclosed to third parties for direct marketing purposes in the preceding calendar year. If applicable, this information would include a list of the categories of the Personal Information that was shared and the names and addresses of all third parties with which we shared Personal Information in the immediately preceding calendar year. If you are a California resident and would like to make such a request, please submit your request in writing to our privacy officer as listed above.
California Consumer Privacy Act
WE DO NOT SELL, DISCLOSE, SHARE OR TRANSFER PERSONAL INFORMATION FOR THE COMMERCIAL BENEFIT OF ANY PARTY. WE MAY PAY MONETARY COMPENSATION TO THOSE PROVIDING OR ASSISTING US IN PROVIDING THE SERVICES THAT YOU HAVE REQUESTED WHEN YOU ENGAGED OUR SERVICES AND SOME OF THOSE SERVICES MAY REQUIRE ACCESS OR PROCESSING OF YOUR PERSONAL INFORMATION.
PERSONAL INFORMATION OR THE BENEFIT OF ITS USE IS NEVER PROVIDED IN COMPENSATION FOR SERVICES. That does not mean that we do not share your data with other parties, but any disclosure of personal information is solely performed for the operation of the Website and provision of Services. These may perform administrative functions, provide security or perform any of a number of operational and necessary services without which we cannot operate our business or provide services to you.
What is Personal Information under CCPA
“Personal information” is anything that identifies, relates to, describes, or is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular Californian consumer or household.
How We Obtain Your Data (Please see the following sections):
Note on Children: The CCPA requires opt-in consent to information use for minors under the age of 16 and verified parental consent for children under the age of 13. We do not knowingly collect or process the information of children. For more information, please refer to the Children section.
Your Rights under CCPA with regard to Your Personal Information
You have the right as a Californian consumer to expect disclosures as to how we collect, use and care for your personal information, our purposes for collection and what we do with the information we collect, and in specific, if your information is sold to other parties.
California law provides you as a consumer specific rights with regard to the management and sale of your personal information. You have the right as a Californian consumer to expect disclosures as to whether we for our benefit or on behalf of another company, share or sell the personal information we collect or process for commercial gain. The law imposes on certain businesses an obligation to provide the means by which these rights can be exercised.
You may ask that we or partners for whom we process or those working on our behalf take specific actions with regard to the information about you.
You may exercise these rights without concern. You cannot be charged for these requests, penalized in any way, denied benefits, products or services or charged differently for benefits, products or services for doing so.
You can do this by contacting us as described above.
You, or your authorized agent, may request the following actions in relation to your personal information:
Verifying Your Identity
Please note that after submitting your initial request we may require additional information about your identity if we cannot verify it with the information you submitted and the information we already have. We are restricted from using that additional information for any purpose other than verifying your request or for security or fraud prevention. Except as required under CCPA, we must delete any additional information collected for the purpose of verifying your identity as soon as practical after processing your request. We will confirm receipt of your request within ten (10) days from receiving it and will respond within the timelines established under CCPA.
We, or our partners, on verification of your identity and legitimate standing to make the request, and if not an undue or unreasonable hardship for us, must act on your request, or at a very minimum, advise you as to why we cannot. There are specific reasons under the law which prevent accommodation of some requests, but if denied, we will advise as to why, to whom you may submit a complaint, and your options for challenge, redress or escalation.
Exercising your rights
You may exercise these rights twice in a 12-month period. If an option is available to compensate you for the use of your information, you must be advised of this. We will make best efforts to address your requests within 45 days, but where that is not possible will advise you of the need for an extension of an additional 45 days.
Inquiries, data or information requests, complaints
If you have questions, would like to submit an inquiry, data or information request(s), or have a complaint about our use of your personal information or our response or handling of your requests regarding your personal information, you may contact us as described here.
You can also submit a complaint to the California Office of the Attorney General here. For more information on the California Consumer Privacy Act please visit https://www.oag.ca.gov/privacy/ccpa.
* * *