Privacy Policy

Overview.

 LAST UPDATE: February 2024 

This Privacy Policy aims to explain how, why, and what personal data Engage processes and the rights you have, as a data subject, related to the processing of your personal data. 

This Privacy Policy does not consider the processing that our partners perform. For the way that your personal data is processed by our trading partners, as controllers, please refer to their policies on the processing of personal data.


 1. WHO ARE WE? 

Engage is owned by Engage Technologies Group Inc, a company incorporated by United States laws, headquartered at 3540 E Longwing Lane, Suite 300, Meridian, Idaho, 83646, United States. 

Engage helps medical providers to strengthen their relationships with patients by empowering them with expert-curated knowledge through mobile-guided Journeys that anticipate and answer their questions at their time of interest and time of need.


2. DEFINITIONS 

“Website” means www.engagetg.com

“Platform” means platform.engagetg.com

“You”, “your” or “user” means any natural person using the Website, for private or business purposes, without necessarily having subscribed to our service. 

“Personal data” or “personal information” means any information regarding a physical identified or identifiable natural person. 

“Controller” means the natural or legal person that determines the purposes and means of the processing of personal data processing. 

“Processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, storage, adaptation, consultation, use, disclosure or deletion. 

“Communication” means any information exchanged or conveyed between you and us. 

“Consent” by a user means any freely given, specific, informed, and unambiguous indication of the user’s wishes by which he or she, by a statement or by clear affirmative action, signifies agreement to the processing of personal data relating to him or her. 

“Data Protection Law” refers to the California Privacy Rights Act of 2020 (CPRA), Connecticut Data Privacy Act (CTDPA), Colorado Privacy Act (CPA), Utah Consumer Privacy Act (UCPA), Virginia Consumer Data Protection Act (VCDPA), Act on the Protection of Personal Information (APPI), Personal Information Protection and Electronic Documents Act (PIPEDA), Brazilian General Data Protection Law (LGPD), General Data Protection Regulation (GDPR). 

“EU Representative” means the designated Engage representative in European Union. 

“Services” means collectively, (i) the Subscription Services, (ii) White Labelling, to the extent specified in an order form to the contract, and (iii) the API Kit or FTP Server, as applicable.


3. HOW DO WE COLLECT DATA? 

In general, we will collect your personal data directly from you. However, there may be situations where data will be collected indirectly from social networks such as LinkedIn, from the website of the company you represent, from your employer as a contact person, from a third party who recommended you or from various public platforms (for trade association websites). When we do not receive personal data directly from you, we will inform you within the legal term on their processing.


4. CHILDREN AND SENSITIVE DATA 

Our Website and services are not intended for individuals below the age of 13. We do not want nor is our intention to solicit and collect personal information for this type of audience. 

We do not intentionally collect Personal Information from children below the age of 13. If you are the parent or guardian of a child below the age of 13 and you believe your child has provided us with personal information, please contact us to request the deletion of their personal data. If we confirm that we have collected this kind of personal information, we will delete that information as soon as possible. 

We do not collect nor is our intention to collect personal data regarding racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation, or personal data relating to criminal convictions and offences.


5. PERSONAL DATA THAT WE PROCESS, OUR PURPOSES FOR PROCESSING PERSONAL DATA, LEGAL GROUNDS AND RETENTION PERIODS 

 

5.1. Purpose: Initiate or carry out the B2B contractual relationship with your employer or with the company that you represent. 

Personal data categories: First name, last name, e-mail address, phone number, role, name of the company that you represent, billing information, billing address. 

Legal ground: Processing of your personal data is based on our legitimate interest to conclude the contract and provide services to the company that you represent. 

Retention period: Personal data will be stored for as long as there is a contract in place with the company that you represent. At the end of the storage period, personal data will be deleted. 


5.2. Purpose: Authenticating users to provide our Services 

Personal data categories: E-mail address and phone number. 

Legal ground: Processing of your personal data is necessary for the performance of the contract and provision of our Services through the Website. 

Retention period: Personal data will be stored for the duration of the contract. At the end of the storage period, personal data will be deleted. 


5.3. Purpose: Provide support and answer your questions 

Personal data categories: First name, last name, e-mail, phone number, name of the company that you represent, and any other personal data that you choose to include in the subject and/or description of the request. 

Legal ground: Processing of your personal data is based on our legitimate interest to communicate with you and provide our support in solving your requests that arise from using our services. 

Retention period: Personal data will be stored for 1 year from the date of your request. At the end of the storage period, personal data will be deleted. 

Your enquiry may be stored and processed through a third-party Customer Relationship Management (CRM) software provider that ensures that we do not miss any messages from you and that we follow through on your enquiries until they are resolved. 


5.4. Purpose: Comply with legal obligations such as invoicing, accounting records, archiving, etc. 

Personal data categories: first name, last name, name of the company that you represent, role or representation powers, bank account information and any other personal information required by law. 

Legal ground: Processing of your personal data is necessary for compliance with a legal obligation. 

Retention period: Personal data will be stored according to the applicable legislation in force. At the end of the storage period, personal data will be deleted. 


5.5. Purpose: Answer your Demo request via a contact form, e-mail, or phone 

Personal data categories: first name, last name, company, telephone, e-mail, country, industry, and any other information that you willingly provide to us when you book a demo. 

Legal ground: Processing of your personal data is based on our business’s legitimate interest to communicate with you and give you access to a demo account. 

Retention period: Personal data will be stored for 3 years from the date of your request. At the end of the storage period, personal data will be deleted. 


5.6. Purpose: Market prospecting, directly or through partners 

Personal data categories: First name, last name, phone number, e-mail address, name of the company that you represent and company’s address, role, or any other public details. 

Legal ground: Processing of your personal data is based on our business’s legitimate interest to promote our services and extend our client portfolio. 

Retention period: Personal data will be stored for up to 2 years after you have not received a communication from Engage, or have been unengaged from communications. If you opt-out or request erasure of your data, we will delete the data accordingly. 

There may be situations when your personal data will be collected again after this period, when, for example, we find your public data again when we prospect the market or if you were referred by an individual. In this case, we will inform you again regarding the processing of your personal data. 

 

5.7. Purpose: Selecting and recruiting for filling vacant roles 

Personal data categories: First name, last name, phone number, e-mail address, name of the company that you represent and company’s address, role, or any other public details. 

Legal ground: Processing of your personal data is based on our business’s legitimate interest to promote our services and extend our client portfolio. 

Retention period: Personal data will be stored for up to 2 years after you have not received a communication from Engage, or have been unengaged from communications. If you opt-out or request erasure of your data, we will delete the data accordingly. 

There may be situations when your personal data will be collected again after this period, when, for example, we find your public data again when we prospect the market or if you were referred by an individual. In this case, we will inform you again regarding the processing of your personal data. 

Personal data categories: first name, last name, phone number, e-mail, education, professional experience, targeted role, profession or qualification, professional and social skills, address and any other relevant information provided by you, as a candidate. 

Legal ground: Processing of your personal data is necessary in order to take steps at the request of the data subject prior to entering into a contract.


5.8. Purpose: Contacting the candidate (i.e. you) in case of new opportunities and proposing job offers 

Retention period: Personal data will be stored for the duration of the recruitment and selection process and subsequently for a period of 6 months to handle possible complaints. At the end of the storage period, personal data will be deleted. 

Personal data categories: Name, phone number, e-mail, education, professional experience, targeted role, profession or qualification, professional and social skills and any other relevant information provided by you, as candidate 

Legal ground: Processing of your personal data is based on your consent. You can withdraw your consent at any time, without affecting the legality of the processing based on consent before its withdrawal. 

Retention period: Your personal data will be stored for up to 1 (one) year from the termination of the selection and recruitment process you have previously applied for, or from the date you have voluntary provided your CV to us, as long as we have your consent. At the end of the retention period, personal data will be deleted. If you decide to withdraw your consent, we will proceed to the deletion of your personal data. 


5.9. Purpose: Ensure functionality and security of our Website and Platform, perform checks and technical support to prevent and identify frauds, and improve our Website and Platform 

Personal data categories: First name, last name, email address, IP address and log files. 

When using the Website, we also collect and process data such as: browser details i.e. name and browser version, the name of the operating system version of the device on which the browser is installed, device identification, system language, your device’s network location data when you sign in (such as country and state), as well as the version of the Website you are using. Furthermore, when you login and/or register within the Platform, we store and process certain data in so-called log files. A log file provides information about the date and time the registration/authentication attempt was made, if it was successful, the e-mail address provided and the IP address. 

In addition, we collect and process data related to your interaction with the Website, such as the sections visited, time spent the number of clicks and scrolls. Your login details are encrypted, stored and used to log in and to avoid having to sign in again every time you open the Website until you sign out of your account. 

Legal ground: Processing of your personal data is based on our legitimate interest to protect your personal data and to monitor and improve the information security of our services. 


5.10. Purpose: Communicate the latest updates 

Retention period: your personal information will be stored for 2 years. At the end of the retention period, personal data will be deleted. 

Personal data categories: First name, email. 

Legal ground: Processing of your personal data is performed considering our legitimate interest to inform you about the latest updates regarding our services. 

Retention period: We generally store your personal data for as long as you are a registered user of our App. You can opt-out from these communications at any time either through your user account or by clicking the unsubscribe link from the email communication, and we will stop using your personal data for this purpose. If you request the deletion of the account, we will delete your data within 48 hours from the receipt of the request. 


5.11. Purpose: Establishing, exercising, or defending a right in proceedings before a court, administrative procedure or other formal proceedings in which we are involved 

Personal data categories: First name, last name, name of the company that you represent, role or representation powers and any other personal information necessary to fulfil the purpose. 

Legal ground: Processing of your personal data is performed considering our legitimate interest in defending or exercising our rights and interests and also to comply with a legal obligation to which we are subject. 

Retention period: Personal data will be stored according to the applicable legislation in force or until the final settlement of the case. 

Your refusal to provide the personal data related to the essence of the contract may lead to the impossibility of performing the contract. Also, the refusal to provide certain personal data may lead to the impossibility of providing you the needed assistance and support. 


6. COOKIES 

Engage uses cookies, plug-ins, and other online identifiers in order to ensure functional browsing or to provide a better browsing experience, to perform statistical analysis on accessing information on the Website, or to provide you with content and advertising appropriate to your interests. 

Online identifiers may be placed by Engage or by third parties. If you consented so, these third-party sites would place cookies that will allow you to view content from these third-party websites on our Website and to share the content from our Website. Third-parties may collect and use your personal data through their cookies for the purposes they have determined in accordance with their privacy policy. Engage provides you with the identity information and links to these third-parties, as well as the option to accept or reject their online identifiers. 

Personal data may be processed through cookies on the basis of the users’ prior consent, excepting those situations when the cookies and other online identifiers are used for the purpose of transmitting a communication via an electronic communications network or they are necessary in order to provide an information society service, expressly requested by the user. In such cases, the processing of personal data is carried out in accordance with the legislation in force on personal data processing and privacy protection in the electronic communications sector on the basis of our legitimate interest of ensuring safe browsing of our Website, both for us and for our users, by implementing appropriate technical and organizational measures. 

Depending on the cookie type, the categories of personal data processed by cookies may be information about the used device, journal information like IP, searches, browser, browser’s language, hardware settings, date and time of the request, the method used to send requests to the server, file capacity obtained in response, and other parameters regarding the user’s operating system. 

Detailed information on the cookies our Website uses may be found in our Cookie Policy at https://www.engagetg.com/cookie-policy


7. AUTOMATED DECISION MAKING 

We do not make decisions based solely on automatic data processing of your data (including profiling) that will have legal effects on you or that will affect you in a similar way to a significant extent. 


8. DISCLOSURE AND TRANSFER OF PERSONAL DATA 

We may transfer your personal information, to the extent that this is necessary to the following categories of recipients: service partners, subcontractors, payment providers, archiving companies, IT service providers, software or hardware vendors, market research companies, marketing companies, public authorities, court, or arbitral tribunals, as well as competent authorities to investigate criminal offences. 

Personal data may be disclosed or transferred to the categories of recipients mentioned above in order to provide our services at the highest quality level, ensuring the intervention of specialists by outsourcing parts of our business or to provide access to services and benefits according to our business partnerships or to ensure compliance with the specific legal obligations to which we are subject according to the activity carried out. 

In the event that Personal data is transferred to third countries we will apply the technical and organisational measures required by law and you will be informed about the transfer in accordance with the legal requirements. As a rule, the transmission of your personal data to the above recipients will be done in accordance with applicable law and only based on a commitment of confidentiality and ensuring an adequate level of security on their part, which guarantees that personal data is kept secure. 


9. SECURITY OF PERSONAL DATA 

The security of your Personal Data is important to us. Therefore, we maintain a variety of appropriate technical and organizational measures to protect your Personal Data from loss, misuse, and unauthorized access or disclosure. We limit access to Personal Data to staff whom we believe reasonably need to retrieve that information to provide our services. Considering the current state of technology, we have implemented reasonable physical, electronic, and procedural safeguards designed to protect your Personal Data, such as limiting access, encrypting, anonymizing, or storing it on secure media. 

No method of transmission over the Internet, method of electronic storage or other security methods is one hundred percent secure. Despite our best efforts to protect your Personal Data, no safeguards can guarantee a perfect level of security and we cannot guarantee their absolute security. 


10. YOUR RIGHTS AND HOW TO EXERCISE THEM 

Each data protection legislation recognizes specific rights for the data subjects in relation to the processing of their personal data. Depending on the legislation applicable in your country, you may have all or part of the right mentioned below: 

Right to be informed: You have the right to be informed regarding the processing of your personal data, as we are doing through this Privacy Policy. This right may also concern the right to be informed about public and private entities with which Engage has shared your data and the right to be informed about your possibility of denying consent and the consequences of such denial. 

Right of access: You have the right to obtain confirmation from us that we process your Personal Data, as well as information on the specifics of processing, such as: purpose of processing, categories of data processed, recipients of personal data, period for which the data is kept, if it is transferred abroad and how we protect it, the source of your personal data. 

Right to rectification: At any time, you have the right to request the rectification of your Personal Data. In the event of errors, after notification, we will immediately rectify your personal data. 

Right to erasure: You have the right to request the deletion of personal data, provided that your request comply with applicable legal requirements. Personal data will be erased when the legal requirements are met. This right may also concern the right to anonymize, block or delete personal data when it is unnecessary or excessive data or data processed in noncompliance with the provisions Data Protection Law and the right to delete the personal data processed with the consent of the data subject, except in the situations provided by the Data Protection Law. 

Right to restriction of processing: If the applicable legal provisions are met, you can request that we restrict the processing of your personal data. 

Right to data portability: If the applicable legal provisions are met, you have the right to receive your Personal Data in a structured, commonly used and automatically readable format and the right to transmit it to another data controller. 

Right to object: In certain situations, such as when we process Personal Data based on legitimate interest, you have the right to object to our processing of your Personal Data. 

Right not to be subject to decisions based solely on automated processing: If the applicable legal provisions are met, you have the right not to be subject to a decision based solely on automatic processing, including profiling, which has legal effects on you or affects you similar to a significant extent. 

Right to Opt-Out of Sale or Sharing of Personal Information: You have the right, at any time, to direct a business that sells personal information about the consumer to third parties not to sell the consumer’s personal information. 

Right to address to the Supervisory Authority: You have the right to file a complaint with the Personal Data Authority regarding any violation of your rights regarding the processing of your Personal Data. 

If you want to contact the Data Protection Authority from your place of residence, for the EU you may find the contact details at https://edpb.europa.eu/about-edpb/about-edpb/members_en#member-ie

Consent withdrawal: To the extent that we process your personal data based on your given consent, you can withdraw your consent at any time, without affecting the legality of the processing based on the consent before its withdrawal. You have the right, at any time, to revoke your consent through a facilitated and free of charge procedure. 

You may exercise anytime your rights in relation to Engage by e-mailing us at dpo@engagetg.com. 


11. EUROPEAN UNION REPRESENTATIVE 

In accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons regarding the processing of personal data and on the free movement of such data (GDPR), Engage’s designated representative in the European Union is Mr. Alexandru Ganea. If you are based in European Union, you may contact our representative by e-mail at eurep@engagetg.com. 


12. DATA PRIVACY FRAMEWORK 

Engage Technologies Group Inc complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF as set forth by the U.S. Department of Commerce. Engage Technologies Group Inc has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/. 

Engage Technologies Group Inc commits to process only the types of personal data which are adequate and limited to what is necessary for the purposes for which the personal data are to be processed, as mentioned in Section 5 above, and to ensure the strict application of the DPF Principles to processing involving the respective types of personal data. Any disclosure, passing on or making available of personal data by Engage Technologies Group Inc is subject to the terms mentioned in Section 8 above. Engage Technologies Group Inc shall remain liable under the DPF Principles if its agent processes personal data in a manner inconsistent with the DPF Principles, unless Engage Technologies Group Inc proves that it is not responsible for the event giving rise to the damage. Engage Technologies Group Inc grants individuals the right to access their personal data by contacting Engage Technologies Group Inc at: dpo@engagetg.com. 

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, Engage Technologies Group Inc commits to resolve DPF Principles-related complaints about our collection and use of your personal information. EU individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF should first contact Engage Technologies Group Inc through the designated representative in the European Union, as mentioned in Section 11 above, at: eurep@engagetg.com. UK individuals with inquiries or complaints regarding our handling of personal data received in reliance on the UK Extension to the EU-U.S. DPF should first contact Engage Technologies Group Inc at: dpo@engagetg.com. 

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, Engage Technologies Group Inc commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner’s Office (ICO) and the Gibraltar Regulatory Authority (GRA) with regard to 

unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. 

The Federal Trade Commission (FTC) has jurisdiction over Engage Technologies Group Inc’s compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF. 

If you consider that your complaint was not resolved under the DPF mechanism, you may have the possibility, under certain conditions, to invoke binding arbitration through the Data Privacy Framework Panel. For additional information related to binding arbitration, please visit https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf?tabset-35584=2

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, Engage Technologies Group Inc may be required to disclose personal information covered by this Policy in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. In such case, we will try to provide you with prior notice, unless we are prohibited from doing so under the law. 


13. UPDATES 

We have the right to change and update this Privacy Policy from time to time, and when we will have substantive or material additions or changes, we will bring them to your attention. Accordingly, we urge you to review this page periodically to stay updated with how we use your Personal Data. If we are to change this Privacy Policy, we will make available the last updated version on the Website. Any changes to this Privacy Policy will be effective upon posting on this page, except those situations where your consent is expressly needed, in which case the changes will apply from the date of your consent. 


14. CONTACT 

If you have any questions or concerns regarding the processing of your personal data, this Privacy Policy or how it applies, or you wish to exercise any of your rights, you can contact our Data Protection Officer directly at: 

● Email: dpo@engagetg.com 

● Address: 3540 E Longwing Lane, Suite 300, Meridian, Idaho, 83646, United States 

Scroll to Top