ABEO SOLUTIONS, INC. PRIVACY POLICY

Updated March 1, 2020

  1. ABOUT US AND THIS POLICY

    Welcome, and thank you for visiting our website or using our services! When you visit our website or use our services, you provide and entrust us with personal information that can be used to identify you (which we refer to herein as “your information”).

    We understand that your information is important to you, and we take your privacy and data protection concerns seriously. As such, we have created policies that govern and guide our use and protection of your information. Such policies are summarized in this Privacy Policy (this “Policy”).

    This Policy describes, among other things, what information we collect from you, how we use and disclose your information, and your rights regarding your information. We update this Policy from time to time. We will indicate the date the last changes were made above.

    When this Policy mentions “Abeo,” “we,” “us,” or “our” it refers to Abeo Solutions, Inc.

    We hope this Policy answers all of your questions about our treatment and protection of your information, but to the extent you have further questions regarding this Policy, we invite you to email us anytime at info@crystalpm.com.

  2. INFORMATION WE COLLECT

    We create and sell industry-specific, practice management software. As such, we collect several different types of information in connection with your use of our website or services including the following:

    1. Information You Provide Us
      • Information for use of Our Software or Services.

        When you use our website or services you may provide personal identifiers, such as your first name, last name, email address phone number, job title and function, address or geographical location, and other similar personal information.

      • Information for Identity Verification.

        In connection with (a) creating and maintaining the security of our services, (b) providing background and screening services, (c) fulfilling “know your customer” processes, required for certain payment services, (d) enabling you to make payments, and (e) complying with other various regulatory requirements, you may be required to provide us with information that can be used to verify your identity, such as your social security number, tax identification number, and other authentication information.

      • Information for Purposes of Payment Services.

        To make payments to us, you may be required to provide us with financial information, such as your bank account number, online bank account login, and credit card information. We may also capture additional information when you make payments, such as card type, transaction type, and payee information.

      • Information Revealed in Our Communities.

        When you participate in our communities (help centers, blogs, forums, etc.), you may choose to disclose and provide many different types of personal information that can be used to identify you, your location, your job function, and more.

      • Information Provided when You Otherwise Interact with Us.

        You may provide us with personal information when you fill in forms, respond to surveys, participate in promotions or research opportunities, communicate with our customer service teams, or use other features of our services.

      • Your Business Data.

        While it may not constitute personal information, if you use our services, we likely host data you provide us related to your business (“Business Data”). We understand your Business Data is sensitive (and in some instances confidential). As such, we do not access, use or disclose your Business Data except as set forth in Sections 3 and 4 of this Policy.

    2. Information Collected When Using Our Website and Services
      • Device Information.

        When you access our websites or services we collect device information that can be used to identify you or your device. These identifiers may include IP address, hardware and software information, browser type, and device event information.

      • Activity Information.

        We may collect details about how you use our website or services, such as content accessed, time viewed, and links clicked.

      • Cookies and Similar Technologies.

        When you visit our website, we use common technology tools to collect and store information, such as server logs.

    3. Information Collected from Third Parties
      • Background Information.

        We may receive information about you, such as demographic data and criminal and credit history, from our trusted background screening and fraud prevention partners. We collect this information only in accordance with applicable law and, when required, with your consent.

      • Public Information.

        We may collect information about you from publicly accessible sources, such as information posted about you on the internet, news stories, and information available from governmental entities.

      • Marketing Information.

        We may collect information about you from our trusted marketing partners who provide us with information about potential customers and partners.

      Information we receive from third parties is often combined with information we collect ourselves for the purposes set forth in Section 3 of this Policy.

    4. Anonymous Usage Information.

      We collect certain information provided by different constituencies (you, your customers, your vendors) that interact with our services on an anonymous and aggregated basis. We use industry best practices and state-of-the-art techniques to anonymize and aggregate data.

    5. Information of Children.

      Individuals under the age of 18 are not permitted to use our services and we do not intentionally collect information on individuals under 18 years of age, regardless of their residency. Incidental exposure to this information may be possible if, for example, our customers upload this information to one of our services or it is inadvertently captured by our marketing organization.

  3. HOW WE USE YOUR INFORMATION

    We do not use or reference your information or Business Data except to provide, improve, develop, and market our services. Some specific examples of how we use your information follow

    1. Providing Our Services.

      Our services perform many functions and provide our customers with many tools. Use of your information and Business Data is essential for these functions. For example, we require the use of your information to validate login credentials, process payments, and conduct checks against databases. We may also use your information to provide customer service. For example, we may send you service or support messages, updates, and account notifications or we may let you know about upcoming changes or improvements to our services. To protect you and comply with our legal obligations, we use your information to detect and prevent fraud, abuse, security incidents, and other harmful activity, resolve disputes, enforce our terms of service and agreements with third parties, and conduct security investigations and risk assessments.

    2. Improving Our Services.

      We are constantly improving our services to better serve you. Your information and Business Data is used in connection with such efforts. For example, we may use your information for data analytics and measurement to determine how individuals interact with our services and where we can provide improved or better functionality. We may use your information to assess the capabilities of third-party partners. We may also use your information to engage in research either directly with you or with your customers or other business partners.

    3. Developing New Services.

      We are always looking for new ways to serve you by offering new products and services. Your information and Business Data helps us identify and build these products and services in various ways.

    4. Marketing Our Services.

      We may also use your information and Business Data to inform you, your users and your clients of available services we offer, to send you marketing, advertising and other information that we think may be of interest to you.

  4. WHO WE SHARE YOUR INFORMATION WITH

    We do not share your information or Business Data with anyone except as is necessary to provide our services. We do not and will not sell your information or Business Data. Some examples of when and why we share your information or Business Data follow.

    1. Service Providers.

      We use a variety of third-party service providers to help us provide ourservices, and these third parties may require your information or Business Data for such purposes. For example, service providers may help us: (a) verify your identity or authenticate your identification documents, (b) check information against public databases, (c) conduct background checks, fraud prevention, and risk assessment, (d) perform product development, maintenance and debugging, or (e) provide customer service, payments, or insurance services. For clarity, we do not and will not share any personally identifiable or sensitive business information with third parties for unknown reasons.

    2. Legal and Regulatory Disclosures.

      We may disclose your information or Business Data to courts, law enforcement, governmental authorities, tax authorities, or third parties, if and to the extent we are required or permitted to do so by law or if such disclosure is reasonably necessary: (a) to comply with our legal obligations, (b) to comply with a valid legal request or to respond to claims asserted against us, (c) to respond to a valid legal request relating to a criminal investigation or alleged or suspected illegal activity or any other activity that may expose us, you, or any other of our users to legal liability, or (d) to enforce and administer our Terms of Service or other agreements with users. Such disclosures may be necessary to comply with our legal obligations, for the protection of your or another person’s interests or for the purposes of keeping our services secure, preventing harm or crime, enforcing or defending legal rights, or facilitating the collection of taxes.

    3. Sharing With Your Consent.

      Where you expressly consent or request, we share your information and Business Data when you authorize a third-party service or website to access your account with us.

    4. Sharing between Users.

      To help facilitate the use of our services among your users, we may need to share certain information with other users that you authorize to access and use your account. For example, account login information and other certain personal information may be visible by all members for purposes of confirming account permissions and users.

    5. Public Information.

      Some of our services let you publish information that is visible or available to the public. For example, if you use our website services, you may elect to include certain of your information or Business Data on websites available to the public at large.

    6. Corporate Affiliates.

      To enable or support us in providing you services, we may share your information and Business Data within our corporate family of companies, which includes Abeo Billing, LLC and Schedule Your Exam, LLC.

    7. Business Transfers.

      If we are involved in any merger, acquisition, reorganization, sale of assets, bankruptcy, or insolvency event, then we may sell, transfer or share some or all of our assets, including your information and Business Data in connection with such transaction or in contemplation of such transaction.

  5. SECURITY

    We are continuously implementing and updating administrative, technical, and physical security measures to help protect your information against unauthorized access, loss, destruction, or alteration. Website connections are protected using strong transport layer security. Our websites are hosted in a secure server environment that uses multi-layer perimeter security, including firewalls and other advanced technology to prevent interference or access from outside intruders.

  6. COMMUNICATION MATTERS
    1. Special Offers, Updates and Research.

      We may occasionally send you information regarding our services, including educational offers and our newsletter. We also may occasionally contact you, your customers or other third parties related to you to inquire how you or such individuals use our services and how we might improve our services. We typically use names, email addresses and telephone numbers to send these communications and make these contacts.

      Out of respect for your privacy, if you no longer wish to receive our newsletter and promotional communications, or if you do not wish for us to contact you, your customers or related third parties for our own internal research purposes, you may opt-out by following the instructions included in each newsletter or communication, or by emailing us at info@crystalpm.com. You may also contact us by postal mail at: Abeo Solutions, Inc., 12112 Anderson Mill Road, Bldg. 12A, Austin, Texas 78726. Note that there are certain email communications that you cannot opt-out of as a user of our services, as these notices are required for the continued optimal functionality of our services.

    2. Public Forums.

      We may provide public forums such as bulletin boards, blogs, or chat rooms on our websites or within our services subject to certain terms of use. These forums are provided as a service to you and other users to help exchange ideas, tips, information and techniques related to our services. As discussed above, we may collect your information revealed in these forums; however, any information you choose to submit may also be read, collected, or used by others and may be used to send you unsolicited messages. We are not responsible for the personal information you choose to submit in these forums.

  7. EXTERNAL LINKS

    Our websites and services may contain links to third party websites. These third-party websites maintain their own policies regarding the collection and use of your information. We assume no responsibility or liability for the actions of such third parties with respect to their collection or use of your information. We encourage you to read the privacy policies of every website that you visit, including those you may reach through a link on our website or in our services. We encourage you to be aware when you leave our website or services and to read the privacy statements of each and every website you visit that collects your information.

  8. JURISDICTIONAL SPECIFIC PRIVACY REGULATIONS
    1. California Consumer Privacy Act.

      In compliance with the California Consumer Privacy Act, California residents may request that (a) we inform them of what information we collect, use, and disclose about them, and (b) we delete the information we have collected about them (subject to certain statutory exemptions).

      If California residents would like to know more or submit a request, please email us at info@crystalpm.com. Be aware that we must verify your identity before responding to certain of your requests. In connection with such verification efforts, you may be required to provide us with certain pieces of your information (which we will match against what we have in our records) and/or provide us a form of government issued identification.

      California residents may designate an authorized agent to make a request on their behalf under this Section. To designate an authorized agent to make a request on your behalf, you must provide a valid power of attorney and a form of government issued identification for both the requester and authorized agent.

      California residents will not be charged or otherwise discriminated against for exercising their rights under this Section.

      As discussed above, we do not and will not sell your information. As such, we do not provide a process to opt-out of the sale of your information.

    2. European Union General Data Protection Regulation.

      Even though we do not intentionally collect information about residents of the European Union (“EU”), some EU residents’ data may be inadvertently collected through marketing channels or by virtue of our customers’ legitimate use of our services. Collection and storage of any EU resident’s data by us is minimal and incidental. No such data is used for marketing or any other purpose.

      Notwithstanding the foregoing, if you are an EU resident and would like to request that your data be securely removed from our systems, however collected, please send an email with proof of EU residency to info@crystalpm.com. We will remove all relevant data, so long as that removal is technically feasible, does not impact the legitimate accounting or business practices of our customers, and does not violate other regulatory or legal standards with which we must comply.

      We will also cooperate with our customers in good faith to address any requests they receive or that may impact them directly.

  9. MISCELLANEOUS ITEMS
    1. Information We Host on Behalf of Our Users.

      We host on behalf of our customers and enable our customers to store various types of data. Such data may include personal information that is collected by our customers. We generally do not control or actively monitor how our customers store or use the data they upload to our services. Any requests or questions related to data collected by our customers should be directed to the applicable party.

  10. CONTACT US

    If you have any questions regarding your information, or you’d like to correct and/or update any such information, please contact us at info@crystalpm.com.