Privacy Policy


Thank you for choosing to be part of our community at Middesk Inc. (“Company”, “we”, “us”, or “our”). We are committed to protecting your personal information and your right to privacy. If you have any questions or concerns about our policy, or our practices with regards to your personal information, please contact us at [email protected].

This privacy policy applies to all information collected through our website (such as http://www.middesk.com), and/or any related services, sales, marketing or events (we refer to them collectively in this privacy policy as the "Sites"). The collection, sharing and use of PII by our service providers, third-party partners, and customers are governed by their respective privacy policies. Our use of PII we receive about you from our service providers, third-party partners, and customers is governed by this Privacy Policy.

Please read this privacy policy carefully as it will help you make informed decisions about sharing your personal information with us.

TABLE OF CONTENTS

  1. WHAT INFORMATION DO WE COLLECT?
  2. HOW DO WE USE YOUR INFORMATION?
  3. WHO WILL YOUR INFORMATION BE SHARED WITH?
  4. HOW LONG DO WE KEEP YOUR INFORMATION?
  5. HOW DO WE KEEP YOUR INFORMATION SAFE?
  6. DO WE COLLECT INFORMATION FROM MINORS?
  7. USE OF COOKIES
  8. LEGAL BASIS FOR PROCESSING PII
  9. INTERNATIONAL TRANSFERS OF PII
  10. CALIFORNIA PRIVACY RIGHTS
  11. CHANGES TO OUR PRIVACY POLICY
  12. HOW CAN YOU CONTACT US ABOUT THIS POLICY?

1. WHAT INFORMATION DO WE COLLECT?

We collect your PII when you or your employer provide it to us when utilizing the Services, when participating in activities on the Sites, or otherwise contacting us. We also collect your PII when we engage with our service providers, third-party partners, and when we provide Services to our customers (which may include your employer).

The categories of PII we have collected in the past 12 months, and collect today, include the following:

2. HOW DO WE USE YOUR INFORMATION?

We use the information we collect or receive to:

3. WHO WILL YOUR INFORMATION BE SHARED WITH?

We only share and disclose your information with the following third parties. We have categorized each party so that you may be easily understand the purpose of our data collection and processing practices.

4. HOW LONG DO WE KEEP YOUR INFORMATION?

We will only keep your PII for as long as it is necessary for the purposes set out in this Privacy Policy, unless a longer retention period is required or permitted by law (such as tax, accounting or other legal requirements).

When we have no ongoing legitimate business need to process PII, we will either delete or anonymize it, or, if this is not possible (for example, because the PII has been stored in backup archives), then we will securely store the PII and isolate it from any further processing until deletion is possible.

5. HOW DO WE KEEP YOUR INFORMATION SAFE?

Middesk strives to ensure that our systems are secure and that they meet industry standards. We seek to protect PII that is provided to Middesk by third parties and by you by implementing physical and electronic safeguards. Middesk endeavors to engage third-party service providers that have security and confidentiality policies, if such third-party service providers have access to our PII. Despite our efforts to protect the security of your information, no security system is always effective and we cannot guarantee that our systems will be completely secure.

6. DO WE COLLECT INFORMATION FROM MINORS?

Persons under the age of 18 are not allowed to use the Sites and we do not knowingly collect PII from persons under 18 years of age. By using the Sites, you represent that you are at least 18. If we learn that we have collected PII about a person under the age of 18 years of age, we will deactivate the account and take reasonable measures to promptly delete such data from our records. If you become aware of any information we have collected from a person under age 18, please contact us at [email protected]We do not and will not knowingly sell PII of consumers under the age of 16.

7. USE OF COOKIES

Middesk uses cookies in order to provide better service, to facilitate our customers’ use of our Sites, to track usage of the Sites, to collect data and to address certain security issues. When you access our Sites, we send the cookies to your computer or phone. Your computer or phone stores the cookie in a file located inside your web browser. The cookies help Middesk keep track of your visits to our Sites and your activity on our Sites and to understand how you interact with us.

We may link the information collected by cookies with other information we collect from you pursuant to this Privacy Policy and use the combined information as set forth herein. Similarly, the third parties who serve cookies on our Sites may link your name or email address to other information they collect, which may include past purchases made offline or online, or your online usage information.

You can generally activate or later deactivate the use of cookies through a functionality built into your web browser. If you want to learn more about cookies, or how to control, disable or delete them, please visit this site for detailed guidance. In addition, certain third-party advertising networks, including Google, permit users to opt out of or customize preferences associated with your internet browsing. To learn more about this feature from Google, click here. Middesk also uses Google Analytics. The following link explains how Google uses data when you use its partners’ websites and applications: www.google.com/policies/privacy/partners/. Your use of Middesk’s website is evidence of your consent to Middesk storing and accessing cookies and other information on your computer or phone and Middesk’s use of Google Analytics in connection with such activities. Please read the information at the link provided so you understand what you are consenting to.

8. PRIVACY RIGHTS UNDER THE GENERAL DATA PROTECTION REGULATION

Residents of the European Economic Area (“EEA”) and Switzerland (“EEA Residents”) are entitled to make requests regarding the processing and storage of their PII. Specifically, if you are an EEA Resident, you may submit a request to us to take the following actions in relation to your PII that we hold:

You may do this at any time by emailing [email protected]. Note that we may refuse to grant your requests in whole or in part as permitted by applicable law. You have the right to complain to a data protection authority about our collection and use of your PII. For more information, please contact your local data protection authority. To find contact details, click here.

9. LEGAL BASIS FOR PROCESSING PII

Our legal basis for collecting and using the PII described above will depend on the PII concerned and the specific context in which we collect it. However, we will normally collect PII from you only (i) where we need the PII to perform a contract with you or your employer; (ii) where the processing is in our legitimate interests and not overridden by your rights; or (iii) where we have your consent to do so or have entered into an agreement with your employer to provide the Services. We have a legitimate interest in operating our Services and communicating with you and your employer as necessary to provide these Services, for example when responding to your or your employer’s queries, improving our Platform, undertaking marketing, or for the purposes of detecting or preventing illegal activities.

In some cases, we may also have a legal obligation to collect PII from you or may otherwise need the PII to protect your vital interests or those of another person. If we ask you to provide PII to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your PII is mandatory or not (as well as of the possible consequences if you do not provide your PII).

10. INTERNATIONAL TRANSFERS OF PII

Your PII will be stored and processed in the United States. If you or your employer use the Services from outside the United States, you acknowledge we will transfer your PII to, and store your PII in, the United States, which may have different data protection rules than in your or your employer’s country, and PII may become accessible as permitted by law in the United States, including to law enforcement and/or national security authorities in the United States.

If our service provider, third-party partner, or customer has provided your PII to us, please note that we transfer the information, including your PII, to the United States and process it there. For transfers of PII out of the EEA, pursuant to Article 46 of the General Data Protection Regulation, we use standard data protection clauses to provide appropriate safeguards.

11. CALIFORNIA PRIVACY RIGHTS

This section provides additional details about the PII we collect about California residents as well as the rights of California consumers under the California Consumer Privacy Act (“CCPA”).

NOTICE TO CALIFORNIA RESIDENTS – YOUR CALIFORNIA PRIVACY RIGHTS (AS PROVIDED BY CALIFORNIA CIVIL CODE SECTION 1798.83)

A CALIFORNIA RESIDENT WHO HAS PROVIDED PII TO A BUSINESS WITH WHOM HE/SHE HAS ESTABLISHED A BUSINESS RELATIONSHIP FOR PERSONAL, FAMILY, OR HOUSEHOLD PURPOSES (A “CALIFORNIA CUSTOMER”) MAY REQUEST INFORMATION ABOUT WHETHER THE BUSINESS HAS DISCLOSED PII TO ANY THIRD PARTIES FOR THE THIRD PARTIES’ DIRECT MARKETING PURPOSES. IN GENERAL, IF THE BUSINESS HAS MADE SUCH A DISCLOSURE OF PII, UPON RECEIPT OF A REQUEST BY A CALIFORNIA CUSTOMER, THE BUSINESS IS REQUIRED TO PROVIDE A LIST OF ALL THIRD PARTIES TO WHOM PII WAS DISCLOSED IN THE PRECEDING CALENDAR YEAR, AS WELL AS A LIST OF THE CATEGORIES OF PII THAT WERE DISCLOSED. CALIFORNIA CUSTOMERS MAY REQUEST FURTHER INFORMATION ABOUT OUR COMPLIANCE WITH THIS LAW BY E-MAILING [email protected] PLEASE NOTE THAT WE ARE REQUIRED TO RESPOND TO ONE REQUEST PER CALIFORNIA CUSTOMER EACH YEAR AND WE ARE NOT REQUIRED TO RESPOND TO REQUESTS MADE BY MEANS OTHER THAN THROUGH THIS E-MAIL ADDRESS.

Your CCPA Rights and Choices.

As a California consumer and subject to certain limitations under the CCPA, you have choices regarding our use and disclosure of your PII:

To submit a request to exercise any of the rights described above, you may contact Middesk at [email protected]. We may need to verify your identity before responding to your request, such as verifying that the email address from which you send the request matches your email address that we have on file. Authentication based on a government-issued and valid identification document may be required.

Sources of PII

In regard to the CCPA, the sources of PII are:

Categories of CCPA PII disclosed for a business purpose

If any authorized agent submits a consumer request on your behalf, in order to confirm that person or entity’s authority to act on your behalf and verify the authorized agent’s identity, we require the below items:

To verify the identity of the California resident for whom the request is being made, provide the consumer’s name (first and last) and address.

12. CHANGES TO OUR PRIVACY POLICY

Middesk reserves the right to make changes to this Privacy Policy. If we make material changes to our Privacy Policy, our revised Privacy Policy will be posted at www.middesk.com/privacy, and it will either be noted on our Sites that material changes have been made or we will notify our users by email. The date of the most recent update to our Privacy Policy will be set forth in the header to the Privacy Policy.

13. HOW CAN YOU CONTACT US ABOUT THIS POLICY?

If you have questions or comments about this policy, you may email us at [email protected]