NetDocuments Privacy Notice

NetDocuments General Privacy Notice

Last updated: 18 December 2023

NetDocuments Software, Inc. and its subsidiaries (collectively, “NetDocuments”) are committed to respecting and protecting your privacy. We have written this Privacy Notice to explain:

  • What personal information we collect about you when you use the NetDocuments Websites (as defined below),
  • To whom we may disclose your personal information,
  • The legal basis for using your personal information,
  • How we store your personal information and how long we retain it,
  • Your rights relating to your personal information, and
  • How we protect your personal information.

The “ND Websites” (netdocuments.com or any other of our websites that link to this General Privacy Notice) are provided to convey information to you about our services. The ND Websites contain things such as literature, demos, direct marketing activities, event registration and participation, and company information. From the ND Websites, you can choose to allow NetDocuments to communicate with you regarding your interests. This Privacy Notice applies to our ND Websites that display or reference this statement, but does not apply to any websites, apps, or services that display or reference a different privacy statement.

PLEASE NOTE THAT NETDOCUMENTS PROVIDES CONTENT HOSTING SERVICES TO ITS BUSINESS CUSTOMERS (EACH, A “CUSTOMER”) AS PART OF THE SERVICES. ALL INFORMATION PROCESSED BY NETDOCUMENTS ON BEHALF OF ITS CUSTOMER IS CONTROLLED BY THAT CUSTOMER, AND NETDOCUMENTS ONLY PROCESSES SUCH INFORMATION IN ACCORDANCE WITH ITS AGREEMENT WITH THAT CUSTOMER AND THE REQUIREMENTS OF APPLICABLE LAW. IF YOU BELIEVE THAT A NETDOCUMENTS CUSTOMER IS PROCESSING YOUR PERSONAL INFORMATION WITHIN ONE OF OUR SERVICES, PLEASE CONTACT THAT CUSTOMER REGARDING ANY REQUEST TO ACCESS, REVIEW, MODIFY, OR DELETE SUCH PERSONAL INFORMATION. NETDOCUMENTS CANNOT REMOVE OR UPDATE YOUR PERSONAL INFORMATION STORED IN THE SERVICES.

1. Personal Information We Collect.

The personal information we collect depends on how you interact with us, the ND Website you access and use, and the choices you make.

We collect information about you from different sources and in various ways when you use the ND Website, including information you provide directly, information collected automatically, information from third-party data sources, and data we infer or generate from other data:

A. Personal Information You Provide Directly to NetDocuments.

  • Name and contact information. We collect name, username or alias, and contact details such as email address, postal address, and phone number.
  • Demographic data. In some cases, (such as when you register or participate in surveys,) we request that you provide age, gender, marital status, and similar demographic details.
  • Payment information. If you make a purchase or other financial transaction, we collect credit card numbers, financial account information, and other payment details.
  • Content and files. We collect the photos, documents, or other files you upload to our services; and if you send us email messages or other communications, we collect and retain those communications.
  • Sensitive Personal Information.
    o  Government ID. We collect government-issued identifiers such as driver’s license, passport number, and social security numbers.
    o  Account access information. We collect information such as a username or account number in combination with a password, security or access code, or other credential that allows access to an account.
    o  Sensitive demographic data. We collect information about racial or ethnic origin, religious or philosophical beliefs, or union membership.
    o  Contents of communications. We collect the contents of your mail, email, and text messages.
    o  Genetic data. We collect data about your DNA or the results of genetic testing.
    o  Biometric information. We collect biometric information used for the purpose of uniquely identifying a person.
    o  Health data. We collect and analyze information concerning your health.
    o  Sexuality. We collect and analyze information about your sex life or sexual orientation.

B. Automatically-Collected Information.

  • Identifiers and device information. When you visit our websites, our web servers automatically log your Internet Protocol (IP) address and information about your device, including device identifiers (such as MAC address); device type; and your device’s operating system, browser, and other software including type, version, language, settings, and configuration. As further described in NetDocuments’ Cookie Policy here our websites and online services store and retrieve cookie identifiers, mobile IDs, and other data.
  • Geolocation data. Depending on your device and app settings, we collect geolocation data when you use our apps or online services. (This information may include precise geolocation data, meaning data derived from a device and that is used to locate you within a circle with a radius of 1,850 feet or less, which is considered a type of sensitive personal information.)
  • Usage data. We automatically log your activity on our websites, apps and connected products, including the URL of the website from which you came to our sites, pages you viewed, how long you spent on a page, access times, and other details about your use of and actions on our website.
  • Other sensor data. We automatically log surveillance video in and around our facilities.

C. Information from Tracking Technologies.

NetDocuments uses cookies and other tracking technologies to make the ND Websites function and to improve our users’ browsing experiences. You can learn more about our cookies and your cookie choices here.

D. Information we create or generate.

NetDocuments infers new information from other data we collect, including using automated means to generate information about your likely preferences or other characteristics (“inferences”). For example, we infer your general geographic location (such as city, state, and country) based on your IP address or your likely interest in one of our solutions based on the webpages you visit within our websites.

E. Information we obtain from third-party sources.

We also obtain the types of information described above from third parties. These third-party sources include, for example:

  • Data brokers. Data brokers and aggregators from which we obtain data to supplement the data we collect.
  • Third-party partners. Third-party applications and services, including social networks you choose to connect with or interact with through our services.
  • Co-branding/marketing partners. Partners with which we offer co-branded services or engage in joint marketing activities.
  • Service providers. Third parties that collect or provide data in connection with work they do on our behalf, for example companies that determine your device’s location based on its IP address.
  • Publicly available sources. Public sources of information such as open government databases.

When you are asked to provide personal information, you may decline. You may also use web browser or operating system controls to prevent certain types of automatic data collection. But if you choose not to provide or allow information that is necessary for certain services or features, those services or features may not be available or fully functional.

2. Personal Information We May Obtain from Third Parties.

A. Social Media Widgets.

The ND Websites include social media features, similar to the Facebook “like” button and widgets, such as the “share this” button or interactive mini programs that run on the ND Websites. These features may collect your IP address, which page you are visiting on the ND Website, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on the ND Websites. Your interactions with these features are governed by the privacy policy of the companies providing them.

B. Single Sign-On.

You may share information about your activities on the ND Websites using sign-in services such as Facebook Connect or an open ID provider. These services will authenticate your identity and provide you with the option to share certain personal information with us such as your name and email address to pre-populate our sign-up form.

3. To Whom We May Disclose Personal Information.

A. Disclosing your Personal Information with Other Parties.

NetDocuments may disclose personal information to the following categories of recipients for the following purposes:

  • Public information. You may select options available through our services to publicly display and disclose your name and/or username and certain other information, such as your profile, demographic data, content and files, or geolocation data.
  • Service providers. We provide personal data to vendors or agents working on our behalf for the purposes described in this statement. For example, companies we’ve hired to provide customer service support or assist in protecting and securing our systems and services may need access to personal data to provide those functions.
  • Analytical and functionality monitoring. We offer web session cookies for facilitating, improving, and monitoring interactions with our websites, and we conduct other monitoring of website usage to improve functionality. These functions may gather user identifying information and user activity history.  You may review NetDocuments’ cookie policy here
  • Financial services & payment processing. When you provide payment data, for example to make a purchase, we will disclose payment and transactional data to banks and other entities as necessary for payment processing, fraud prevention, credit risk reduction, analytics, or other related financial services.
  • Affiliates. We enable access to personal data across our subsidiaries, affiliates, and related companies, for example, where we share common data systems or where access helps us to provide our services and operate our business.
  • Corporate transactions. We may disclose personal data as part of a corporate transaction or proceeding such as a merger, financing, acquisition, bankruptcy, dissolution, or a transfer, divestiture, or sale of all or a portion of our business or assets.
  • Legal and law enforcement. We will access, disclose, and preserve personal data when we believe that doing so is necessary to comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies.
  • LiveChat and related services. When you participate in LiveChat or other similar interactive services on our websites, we access, disclose, and preserve the contact information you share and the contents of your communication sessions.
  • Security, safety, and protecting rights. We will disclose personal data if we believe it is necessary to:
    o  protect our customers and others, for example to prevent spam or attempts to commit fraud, or to help prevent the loss of life or serious injury of anyone;
    o  operate and maintain the security of our services, including to prevent or stop an attack on our computer systems or networks; or
    o  protect the rights or property of ourselves or others, including enforcing our agreements, terms, and policies.

B. Links to Other Sites.

The NetDocuments Websites contain links to other sites that are not owned or controlled by NetDocuments. Please be aware that if you click on one of these links or sites that is not controlled by NetDocuments, you may be subject to privacy policies of the owner of that site. NetDocuments is not responsible for the privacy practices of other companies or websites.

4. How NetDocuments does not use or share personal information.

It is important for you to know ways that NetDocuments does NOT use or share personal information. Specifically:

  • NetDocuments does not publicly disclose financial or payment information,
  • NetDocuments does not publicly disclose authentication information,
  • NetDocuments prohibits the collection and use of your general web browsing activity. NetDocuments only gathers information about your visits to NetDocuments’ websites for the purposes described earlier on this page.

Where NetDocuments is permitted by applicable Data Protection Legislation or applicable Data Protection Agreements to use Personal Data for its internal business purposes in an aggregated and de-identified manner, NetDocuments agrees to take reasonable measures designed to ensure that the Personal Data cannot be associated with an individual (or, household, where applicable), publicly commits to maintain and use the information in de-identified form only and make no attempt to re-identify the information except where necessary to test its de-identification processes, and contractually obligates any authorized recipients to comply with these obligations.

5. The Legal Basis for Using Your Personal Information.

The law only allows us to use your personal information in certain limited circumstances, which we have listed below:

A. Where you consent to NetDocuments using your personal information.

For example, when you submit information to us on the ND Websites (e.g., by requesting a demo of the services), we will process that information to comply with your request for further information. This may include sharing your personal information with one of our trusted partners to help facilitate responding to your request. Trusted partners may include trainers, resellers, and implementation or integration specialists.

B. To perform under the contract we have with you.

Examples of how we may use your personal information to comply with a contract that we have entered into with you are:

  • To provide the services you have requested.
  • To administer the services, process your payment, and provide you with other requested services.

C. Where it is related to NetDocuments’ legitimate interests.

We consider that we have a legitimate interest in providing you with marketing information about NetDocuments products and services similar to those that you have subscribed to or inquired about. We will give you the option to opt out of receiving further communications at the time that you give us your personal information and every time we send you a marketing email or letter.

D. Where we need to comply with a legal obligation.

Examples of how we may use your personal information to fulfill a legal obligation are:

  • To keep records for tax purposes.
  • To comply with requests from local, state, or federal governments or law enforcement officials.
  • To comply with any judicial, administrative, or similar proceeding or order, such as a subpoena.
  • To investigate suspected fraud, harassment, physical threats, or other violations of any law, rule or regulation, this Privacy Notice, or the rights of third parties or to investigate any suspected conduct which we deem improper.

6. How We Store and Protect Your Personal Information.

A. Storage of personal information.

We are committed to implementing appropriate technical, administrative, organizational, and physical safeguards designed to ensure that your personal information is protected against loss or misuse. There may be situations where you are given the option of creating your own user account to use or access certain functions or information. In those situations where you create a user account, to help us protect personal data, we request that you use a strong password and never share your password with anyone or use the same password with other sites or accounts.

B. Retention of information.

We only process your personal information for as long as necessary for the purposes for which we collected your information such as to provide you with information you have requested, comply with our legal obligations, resolve disputes, enforce our agreements, and other legitimate and lawful business purposes. Because these needs can vary for different data types in the context of different services, actual retention periods can vary significantly based on criteria such as user expectations or consent, the sensitivity of the information, the availability of automated controls that enable users to delete information, and our legal or contractual obligations.

7. Your Rights in and to Your Personal Information

A. Identifying the Controller and Processor of Personal Information.

NetDocuments Software, Inc., is the controller of your personal information that has been gathered or collected by NetDocuments. Separately, NetDocuments has different entities around the world that provide its services, including NetDocuments Ltd in the UK and NetDocuments Australia Pty Services Limited in Australia. As we described above, NetDocuments is a service provider and processor for its customers, and it may process Customer data at the direction of its customers. To the extent that you have questions about a specific Customer’s privacy practices, please review that Customer’s privacy policy.

B. Accessing Personal Information.

In certain jurisdictions and situations where NetDocuments is the controller of specific personal information, you have the right to access the specific personal information about you that we process as a controller of that data. If you wish to receive a copy of that personal information, please contact [email protected] or write to us at our postal address listed below.

C. Revoking Consent and Restricting Processing of your Personal Information.

In those circumstances where we process your personal information through your consent, you have the right to revoke that consent at any time. Additionally, in certain circumstances, you may request that we temporarily or permanently stop processing some or all of your Personal Information. To learn more about or exercise these rights, you may contact NetDocuments at [email protected].

D. Changing or Deleting your Personal Information.

You can ask NetDocuments at any time to change, amend, or delete the Personal Information that we hold about you or ask us not to contact you with any further marketing information. You can also ask us to restrict the information that we process about you. You can request that we change, amend, or delete your information or restrict our use of such information by emailing us at [email protected].

E. Opting Out of Direct Marketing.

You have the right to opt out of direct marketing communications from us. To exercise this right, you may contact NetDocuments at [email protected].You may also opt out of marketing communications using the link provided in any marketing email from NetDocuments. If you do not opt out, NetDocuments will communicate with you (generally by email or the NetDocuments support website) to provide support, request feedback, provide marketing and service information, request marketing input, and provide special offers and incentives related to NetDocuments. Please note that if you opt out of marketing communications, you may still receive Service-related communications unrelated to marketing, such as transaction confirmations and responses to requests.

F. Blogs and Forums.

The ND Websites offer publicly accessible blogs or community forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access the ND Websites. We are not responsible for any personal information you choose to submit in these forums or other community sites. We display personal testimonials of satisfied customers on the ND Websites in addition to other endorsements. With your prior consent, we may post your testimonial along with your name. If you wish to update or delete your testimonial, you can contact us at [email protected].

G. Rights of California Users.

California law provides California residents with additional rights. For more information about these rights and how to exercise them, please see our California Privacy Notice .

H. Rights related to automated decision making.

In certain cases, you have a right not to be subject to a decision based solely on automated decision making, including profiling, which produces legal (or similar) effects. We do not intentionally carry out such activities, but if you do have any questions or concerns, we would be happy to discuss them with you and you can contact us at [email protected].

I. Transferring Personal Information.

In certain circumstances, you have the right to request that your personal information, which you have provided to us, is made available to you in a structured, commonly used, and machine-readable format (this is called “data portability”).  Please contact us at [email protected] with the details of your request.

J. Australian Privacy Act.

If you are domiciled in Australia, NetDocuments complies with the Australian Privacy Act, to the extent applicable to NetDocuments. You have the right to opt out of receiving marketing communications from NetDocuments at any time.

K. Contact your Local Supervisory Authority.

At all times, you are free to contact and/or lodge a complaint with your local supervisory authority regarding the privacy concerns that you may have.

L. Binding Arbitration.  

There is the possibility, under certain conditions, for you to invoke binding arbitration for an incident involving your personal information.

M. Liability in Cases of Onward Transfers.  

NetDocuments has liability in cases of onward transfers of personal information to third parties.

8. International Transfers of Personal Information:

A. EU-U.S. Data Privacy Framework and Swiss-U.S. Data Privacy Framework

NetDocuments complies with the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (“Swiss-U.S. DPF”) as set forth by the U.S. Department of Commerce for both Human Resources (HR) data and non-HR data. NetDocuments has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (“EU-U.S. DPF Principles”) with regard to the processing of personal data, including both Human Resources (HR) data and non-HR data, received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S.DPF.  NetDocuments has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (“Swiss-U.S. DPF Principles”) with regard to the processing of personal data, including both Human Resources (HR) data and non-HR data, received from Switzerland in reliance on the Swiss-U.S. DPF.  If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (“DPF”) program, and to view our certification, please visit https://www.dataprivacyframework.gov/. If you have questions or concerns about how your Personally Identifiable Information may be used by NetDocuments, you may contact our Compliance Department by sending an email to [email protected] or by telephoning 866-NET-DOCS (866-638-3627). If you believe your PII has been inappropriately used, in addition to contacting NetDocuments directly, you may open a formal, independent DPF case at JAMS Data Privacy Dispute Resolution. You may also open a complaint with the UK ICO or the Swiss FDPIC using the links in section 43.B. below.

 

B. Addressing Complaints Regarding the Handling of Human Resources Data

NetDocuments has committed to cooperate with the EU data protection authorities (DPAs) regarding unresolved DPF complaints concerning human resources data transferred from the EU in the context of the employment relationship. If you do not receive timely acknowledgment of your complaint from NetDocuments about how NetDocuments is handling or has handled your human resources data, or if we have not addressed your complaint to your satisfaction, please contact the EUDPAs for more information or to file a complaint. The services of the EU DPAs are provided at no cost to you.  For complaints about human resources data originating in the UK or transiting between the UK and the US, you may contact the UK Information Commissioner’s Office (ICO) using this link: https://ico.org.uk/make-a-complaint/data-protection-complaints/personal-information-complaint/ . For complaints about human resources data originating in Switzerland or transiting between Switzerland and the US, you may contact the Swiss Federal Data Protection and Information Commissioner (FDPIC) using this link: https://www.edoeb.admin.ch/edoeb/en/home/deredoeb/kontakt/anzeigeformular_betroffene.html .

 

C. Resolving Complaints Regarding the Handling of Human Resources Data

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, NetDocuments commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner’s Office (ICO) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning NetDocuments’ handling of human resources data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF in the context of the employment relationship.

 

D. Limiting the Use and Disclosure of an Individual’s Personal Data

Following the requirements of the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (“Swiss-U.S. DPF”) as set forth by the U.S. Department of Commerce, NetDocuments offers individuals options for limiting the use and disclosure of their personal data as described in the following categories.  

Public Visitors. For individuals visiting NetDocuments public websites, those visitors are given the ability to control NetDocuments’ use of cookies and to accept or stop NetDocuments’ gathering or use of the visitor’s personal information through controls available on the website.  

Employees and Contractors.  NetDocuments’ employees and contractors are specifically informed during their onboarding process about what personal information the company gathers, how that information will be used, and the employees and contractors are given options to accept or stop those processes, with the understanding that some limited use of personal information is required by NetDocuments for the employment or contract engagement to proceed. During their term of service, NetDocuments employees and contractors may contact NetDocuments Human Resources Department at [email protected] and/or NetDocuments Compliance Department at [email protected] regarding questions or issues around the use of the employees’ or contractors’ personal information.  

Customer Users. NetDocuments makes very limited use of its customers’ users’ personal information to facilitate the user’s use of the NetDocuments Service. This use is governed by the contractual agreements between NetDocuments and the Customers. NetDocuments’ Customer users should contact the Customer’s service administrators regarding questions or issues around the use of the user’s personal information.

 

E. European Union Model Clauses. 

NetDocuments offers European Union Model Clauses, also known as Standard Contractual Clauses, to meet the adequacy and security requirements for our Customers that operate in the European Union, and for other international transfers of Customer data. A copy of our standard data processing addendum, incorporating Model Clauses, is available by emailing [email protected].

 

F. U.S. Government Oversight. 

NetDocuments is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC) or any other U.S. authorized statutory body.

9. Miscellaneous.

A. Changes to this Privacy Statement

We will modify this Privacy Notice at anytime when necessary to reflect changes in how we use personal information or the applicable law, so please review it frequently. When we publish changes to this Privacy Notice on the ND Websites we will revise the “Last Updated” date at the top of the statement.

 

B. Children’s Personal Information

NetDocuments does not knowingly receive, maintain, user, or transfer the Personal Information of any person under the age of 18. NetDocuments’ Services and the ND Websites are not directed to children, and if you are aware of any child who has provided NetDocuments his or her Personal Information we ask you please let us know by emailing [email protected].

10. Contact Us.

If you have a privacy concern, complaint, or a question for us or our data protection officer, we can be contacted via our email address at [email protected]

Our postal addresses and telephone number are:

NetDocuments Software, Inc.
2500 W Executive Pkwy Suite 300
Lehi, UT 84043
866-NETDOCS (866-638-3627)

NetDocuments Limited
8th Floor Reading Bridge House
George Street
Reading RG1 8LS UK

NetDocuments Australia Pty Limited
PO Box 1261
North Sydney NSA 2059
Australia

Last updated: 18 December 2023