Privacy
Last Updated: October 24, 2024
This Privacy Policy outlines the policies and procedures of Sundown Technologies Inc., operating under the trade name Rondah AI, regarding the collection, use, and disclosure of information from business clients (the "Client") when using our services (the "Services"). The Privacy Policy also informs Clients about their privacy rights and the applicable laws that protect those rights.
By using the Services, the Client agrees to the collection and use of information as outlined in this Privacy Policy.
Definitions
- Client refers to the business entity subscribing to and using the Services provided by the Company.
- Account refers to a unique account created by the Client to access our Services.
- Service Providers refer to third-party companies or individuals employed by the Company to facilitate the Service, perform related services, or help analyze how the Service is used.
- Personal Data refers to any information that can be linked to an identified or identifiable individual but within this context applies solely to individuals acting as employees or representatives of the Client.
- Usage Data refers to data collected automatically when using the Services, such as details about how the Client’s employees or representatives interact with the platform.
- Cookies refer to small files placed on a device (computer, mobile, etc.) to collect usage data and enhance service experience.
Collection of Information
Types of Data Collected
Personal Data
In the context of B2B relationships, the Company collects personal data of the Client’s employees or representatives to facilitate the Service. This may include:
- Names, contact details (email addresses, phone numbers, etc.), and job titles.
- Billing and transactional information related to the Client.
Usage Data
The Company automatically collects certain usage data when the Client’s employees or representatives access the Service. This may include:
- IP addresses, browser type, device information, and other technical identifiers.
- Activity on the platform, such as pages viewed, clicks, and time spent.
Cookies and Tracking Technologies
The Company uses cookies and similar tracking technologies to monitor activity on the Service and store certain information. The Client can configure its browser to refuse cookies, but this may impact the usability of the Service.
Use of Collected Data
The Company uses the data it collects for the following purposes:
- To Provide and Maintain the Service: This includes user authentication, integration with third-party systems (such as CRM and practice management software), and improving the Service.
- To Manage Client Accounts: Including facilitating login credentials, managing subscription plans, and handling billing.
- To Ensure Regulatory Compliance: As many clients may operate in regulated industries (e.g., healthcare), the Company adheres to privacy laws such as HIPAA. Business Associate Agreements (BAAs) are executed when necessary.
- To Communicate with Clients: Using the contact information provided, the Company may send important notices regarding service updates, billing, and changes to policies or features.
- For Analytics and Service Improvement: The Company uses aggregated data to analyze trends and improve the overall performance of the platform.
Data Retention and Ownership
The Client retains ownership of all data provided through the Service. The Company will store this data securely for the duration of the subscription. Upon termination of the Service, the Company will retain data for a limited period as required for regulatory or business purposes, after which it will be securely deleted.
Disclosure of Data
The Company may disclose collected data in the following situations:
- To Service Providers: To enable necessary operations such as cloud hosting, customer support, or payment processing.
- For Legal Compliance: If required by law or in response to legal requests from authorities.
- Business Transfers: If the Company undergoes a merger, acquisition, or asset sale, the Client’s data may be transferred as part of that process, subject to the terms of this Privacy Policy.
Data Security
The Company takes the security of data seriously and employs industry-standard encryption, firewalls, and monitoring tools to protect personal and usage data. The Company complies with HIPAA requirements where applicable and signs BAAs with relevant third-party providers to ensure security measures are followed throughout the data chain.
Client Rights and Choices
As a B2B client, the Client may:
- Access and Update Information: The Client has the right to access and update any personal data about its representatives that is stored by the Company.
- Delete Data: The Client may request deletion of its data following the termination of the Service, subject to any legal obligations that may require the Company to retain it.
- Opt-Out of Communications: The Client can choose to opt out of marketing or informational communications at any time.
Cross-Border Data Transfers
Data processed by the Company may be transferred across borders, depending on the location of the Client’s representatives and the Company’s service providers. The Company ensures that adequate safeguards are in place for any international transfers, adhering to the highest applicable standards.
Changes to the Privacy Policy
The Company reserves the right to modify this Privacy Policy at any time. Clients will be notified of significant changes through the Service or via email at least 30 days before the changes take effect.
Contact Information
If the Client has any questions regarding this Privacy Policy or wishes to exercise any of the rights outlined above, please contact the Company at:
Email: legal@rondah.ai