PRIVACY POLICY

Last Updated: January 1, 2023

Your privacy is very important to us and we take your privacy very seriously. This Privacy Policy describes how CerteDrive Corp. (“Company”, “we”, “us”, or “our”) collects and uses the personal information you provide to us on our website and all other websites, mobile sites, applications, software, platforms and tools where this Privacy Policy appears or is linked, and through the use of our services, (collectively the “Site”). It also describes the choices available to you regarding our use of your personal information and how you can access and update this information.

By creating an account, providing information to us (by any means, whether in correspondence, via our Site, or otherwise), or continuing to use our services, you acknowledge that you have read, understood, and consent to be bound by this Privacy Policy.

IF YOU DO NOT AGREE WITH THIS PRIVACY POLICY OR OUR PRACTICES, YOU MAY NOT USE OUR SITE. THIS PRIVACY POLICY MAY CHANGE FROM TIME TO TIME AND YOUR CONTINUED USE OF OUR SITE CONSTITUTES YOUR ACCEPTANCE OF THOSE CHANGES. WE ENCOURAGE YOU TO REVIEW THIS PRIVACY POLICY PERIODICALLY.

1. What this Policy Covers.

This Privacy Policy covers important information on who we are, how and why we collect, store, use, and share information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household (“personal information”) and other information that is collected from users of the Site. It also explains your rights in relation to your personal information and how to contact us in the event you have a question or complaint.

The Site is intended for use by legal entities looking to employ drivers, nationally registered and certified medical examiners, and other employee applicants (“Customers”) for managing fleet certifications, drug and alcohol testing, pre-placement testing, upcoming expiration dates, and other digital documents. Personal information may be collected about our Customers, prospective customers, visitors to the Site, and end users of our software. Customers looking to employ a driver can quickly review the status of it drivers, authorize medical visits for physicals and drug testing electronically, and easily access reporting for more information on what limitations are affecting Customer’s fleet. If you are accessing or using the site on behalf of a Customer or other legal entity, you represent and warrant that you have the authority to bind such entity to this agreement, in which case references to “You” or “Your” in this Privacy Policy will refer to both the individual and any such Customer or legal entity using any of the Site. Our Customers are responsible for maintaining their own privacy policies governing the collection, use and disclosure of personal information and for obtaining the necessary authorizations and consents from the driver or employee applicant before any personal information is made available to us for use in accordance with this Privacy Policy.

You understand and agree that Company and its authorized business partners, affiliates, subsidiaries or agents may collect, maintain, and process information provided by you, on and through the Site. You represent and warrant that you have permission to share any information you elect to provide to Company, you consent to such information being shared with third parties as described in this Privacy Policy, and that such information is accurate, current, non-misleading, and consistent and relevant for the purpose for which you are providing information.

2. Personal Information We Collect About You. We may collect and use the following personal information:

Categories of Personal Information

Specific Types of Personal Information Collected

Identifiers (e.g., a real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers)

Real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, social security number, and driver’s license number.

Information that identifies, relates to, describes, or is capable of being associated with, a particular individual, including, but not limited to, his or her name, signature, social security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.

Real name, signature, physical characteristics or description, address, telephone number, driver’s license number, social security number, employment, employment history, and medical information.

Characteristics of protected classifications under California or federal law (Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information)).

Age (40 years or older), race, color, citizenship, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), and veteran or military status.

Commercial information (e.g., records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies)

None.

Biometric information (e.g. a retina or iris scan, fingerprint, voiceprint, or scan of hand or face geometry)

None.

Internet or other electronic network activity information (e.g., browsing history, search history, and information regarding a consumer’s interaction with an Internet Web site, application, or advertisement)

Browser type used, Internet Protocol address, last URL visited, and the date and time of day of login.

Geolocation data (e.g. physical location or movements)

The physical location of where an individual logs in to our Site from.

Sensory data (e.g. audio, electronic, visual, thermal, olfactory, or similar information)

None.

Professional or employment-related information

Professional or employment-related information.

Education information, defined as information that is not publicly available personally identifiable information as defined in the Family Educational Rights and Privacy Act (FERPA) (i.e. education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records)

None.

Sensitive personal information (e.g. (1) Personal information that reveals: (A) A person’s social security, driver’s license, state identification card, or passport number; (B) A person’s account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account; (C) A person’s precise geolocation; (D) A person’s racial or ethnic origin, religious or philosophical beliefs, or union membership; (E) The contents of a person’s mail, email, and text messages unless the business is the intended recipient of the communication; (F) A person’s genetic data; (2) the processing of biometric information for the purpose of uniquely identifying a consumer; (3) personal information collected and analyzed concerning a consumer’s health, or personal information collected and analyzed concerning a consumer’s sex life or sexual orientation.)

(1) Personal information that reveals:

  • A person’s social security, driver’s license, state identification card, or passport number;
  • A person’s account log-in in combination with any required security or access code, password, or credentials allowing access to an account;
  • A person’s racial or ethnic origin;

(2) Personal information collected and analyzed concerning a consumer’s health.

Inferences drawn from any of the information identified above to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes

None.

This personal information is required to provide our services to you. If you do not provide personal information we ask for, it may delay or prevent us from providing our services to you.

3. Cookies and Other Tracking Technologies.

Cookies

Cookies are small text files of information stored by the Internet browser on your computer’s hard drive. We may use these cookies to collect browsing data to keep track of your preferences and profile information and to collect general usage and volume statistical information. Our cookies do not collect personal or confidential information and are not spyware.

There are a number of different types of cookies, however, our Site uses:

  • Essential – These cookies are necessary to the core functionality of our Site and some of its features, such as access to secure areas.
  • Performance and Functionality – These cookies are used to enhance the performance and functionality of our Site. For example, we may use these cookies so that we recognize you on our Site and remember your previously selected preferences. These could include what language you prefer and your geographic location. These cookies are nonessential to the use of our Site, however, without these cookies, certain functionality may become unavailable. A mix of first-party and third-party cookies are used.
  • Analytics and Customization –Our Company uses these cookies and technologies to analyze how the Site is accessed, used, or performing in order to improve your user experience and to maintain, operate and continually improve the Site. For example, we use Google Analytics on the Site to collect: page url/page title and user browser/system information, which includes browser type, referrer, language, java/flash support, IP address, and ad-serving data. For information on how Google Analytics collects and processes data, visit www.google.com/policies/privacy/partners/. To opt-out of Google Analytics, visit Google’s “How you can control the information collected by Google on these sites and apps” article available here.
  • Unclassified – These are cookies that have not yet been categorized. We are in the process of classifying these cookies with the help of their providers.

Web Beacons

Our Site contains electronic images known as web beacons (sometimes called single-pixel gifs) and are used along with cookies to compile aggregated statistics to analyze how our Site is used and may be used in some of our emails to let us know which emails and links have been opened by recipients. This allows us to gauge the effectiveness of our customer communications and marketing campaigns. We use a third party to gather information about how you and others use our Site. For example, we will know how many users access a specific page and which links they clicked on. We use this aggregated information to understand and optimize how our Site is used.

How to Manage Cookies.

You have the right to decide whether to accept or reject certain cookies. You can set your browser not to accept cookies. You can also visit http://www.aboutads.info/choices/, http://www.youronlinechoices.com/, or http://www.networkadvertising.org/ to find out how remove cookies from your browser. However, in a few cases, some of our Site features may not function as a result. Essential cookies cannot be rejected, as they are strictly necessary to provide you with our Site.

4. Do Not Track

Some web browsers transmit “do-not-track” (DNT) signals. We do not currently respond to these web browsers’ “do not track” signals.

Our third party partners, such as web analytics companies and third party ad networks, may collect information about you and your online activities over time and access our Site or other online properties. These third parties may not change their tracking practices in response to DNT settings in your web browser and we do not obligate these parties to honor DNT settings.

5. Promotional Communications. We may use your personal information to send you updates (by email, text message, telephone or post) about our services, including as needed for you to complete certain information on our Site or about a clinic visit in connection with an application for employment.

We have a legitimate interest in processing your personal information for these purposes (see below “How and why we use your personal information”). We will always treat your personal information with the utmost respect and never sell or share it with other organizations for marketing purposes.

You have the right to opt out of receiving certain promotional communications at any time by:

  • Contacting us by using one of the methods listed in the “How to Contact Us” Section below; or
  • Using the “unsubscribe” link in emails or “STOP” number in texts.

We may ask you to confirm or update your marketing preferences if you instruct us to provide further services in the future, or if there are changes in the law, regulation, or the structure of our business.

6. How Your Personal Information is Collected. We collect most of this personal information directly from you—in person, by telephone, text or email and/or via our Site. However, we may also collect information:

  • From a third party with your consent (e.g., other Customers authorized to share such personal information);
  • From cookies on our Site; and
  • Via our IT systems, including automated monitoring of our Site and other technical systems, such as our computer networks and connections, access control systems, communications systems, email and instant messaging systems.

7. How and Why We Use Your Personal Information. Under data protection law, we can only use your personal information if we have a proper reason for doing so, e.g.,:

  • To comply with our legal and regulatory obligations;
  • For the performance of our contract with you or to take steps at your request before entering into a contract;
  • For our legitimate interests or those of a third party; or
  • Where you have given consent.

A legitimate interest is when we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests.

The table below explains what we use (process) your personal information for and our reasons for doing so:

What we use your personal information for

Our reasons

To provide products and services to you

For the performance of our contract with you or your potential employer or to take steps at your request before entering into a contract

To prevent and detect fraud against you or Company

For our legitimate interests or those of a third party, i.e. to minimize fraud that could be damaging for us and for you

Conducting checks to identify our customers and verify their identity

Other processing necessary to comply with professional, legal and regulatory obligations that apply to our business

To comply with our legal and regulatory obligations

Gathering and providing information required by or relating to audits, inquiries or investigations by regulatory bodies or other legal process

To comply with our legal and regulatory obligations

Ensuring business policies are adhered to, e.g. policies covering security and internet use

For our legitimate interests or those of a third party, i.e. to make sure we are following our own internal procedures so we can deliver the best service to you

Operational reasons, such as improving efficiency, training and quality control

For our legitimate interests or those of a third party, i.e. to be as efficient as we can so we can deliver the best service for you at the best price

Ensuring the confidentiality of sensitive information

To comply with our legal and regulatory obligations

Preventing unauthorized access and modifications to systems

For our legitimate interests or those of a third party, i.e. to prevent and detect criminal activity that could be damaging for us and for you

To comply with our legal and regulatory obligations

Updating and enhancing Customer records

For the performance of our contract with you or your potential employer or to take steps at your request before entering into a contract

To comply with our legal and regulatory obligations

For our legitimate interests or those of a third party, e.g. making sure that we can keep in touch with our customers about existing products and services

External audits and quality checks, e.g. for accreditation and the audit of our accounts

For our legitimate interests or a those of a third party, i.e. to maintain our accreditations so we can demonstrate we operate at the highest standards

To comply with our legal and regulatory obligations

We may also anonymize, aggregate or de-identify personal information so the end-product does not identify you or any other individual. For example, we may use this information to generate norms by industry, geography, level, etc., enable us to understand where our services are being utilized, conduct ongoing validation studies, compile reports, and improve the services. Such aggregated, anonymized or de-identified information is not considered personal information for purposes of this Privacy Policy and we may use it for any purpose.

8. Information Processed by our Customers.

Our Customers may provide us with personal information belonging to their employees or potential employees or other third parties in connection with their use of our Site. Company does not control the content or nature of the information processed by our Company in connection with their use of our Site.

9. Processing of Medical Practice Data.

Some of the personal information received by Company, in connection with the Site, may be provided by Customers that are subject to laws and regulations, such as rules issued under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and Health Information Technology for Economic and Clinical Health Act of 2009 (HITECH), that govern a health care providers’ use and disclosure of certain individually identifiable health-related Personal Information (“Protected Health Information”).

As a service provider to our Customers we collect and analyze data related to our Customers patients’ on their behalf. When we receive Protected Health Information, we may do so as a “Business Associate” of our Customers under an agreement that, among other things, prohibits us from using or disclosing the Protected Health Information in ways that are not permissible by the Customer itself, and requires us to implement certain measures to safeguard the confidentiality, integrity, and availability of the Protected Health Information. When we act as a Business Associate, we may be subject to certain laws and regulations, including certain HIPAA rules that govern our use and disclosure of Protected Health Information and that may be more restrictive than otherwise provided in this Privacy Policy.

To the extent that any of the information we collect in connection with the Site constitutes Protected Health Information under HIPAA, we will comply with the requirements of HIPAA and its implementing regulations.  Additionally, Company will only process such Protected Health Information upon instruction from such Customer, consistent with our Terms of Use and Business Associate Agreements.

10. Who We Share Your Personal Information With. We routinely share personal information with:

  • Service providers we use to help deliver our products and/or services to you or to run our business, such as website hosts, laboratory testing facilities, government entities;
  • Third parties approved by you, including other Customers you choose to link your account to;

We may also share personal information with external auditors, e.g. in relation to accreditation and the audit of our accounts.

We may disclose and exchange information with law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations.

We may also need to share some personal information with other parties, such as potential buyers of some or all of our business or during a re-structuring. We will typically anonymize information, but this may not always be possible. The recipient of the information will be bound by confidentiality obligations.

11. How Long Your Personal Information Will Be Kept. We will keep your personal information while you have an account with us, while we are providing services to you, and to provide continued services to other Customers. Thereafter, we will keep your personal information for as long as is necessary:

  • To respond to any questions, complaints or claims made by you or on your behalf;
  • To show that we treated you fairly; or
  • To keep records required by law.

We will not retain your personal information for longer than necessary for the purposes set out in this Privacy Policy. Different retention periods apply for different types of personal information.

12. Children and our Site.

Our Site is not directed to children, and you may not use our Site if you are under the age of 18. If you are under 18, do not use our services, access the Site, or provide any information about yourself including, without limitation, your name, address, email address or any screen name or user name you may use. If we learn that we have collected or received personal information from a child under 13 without verification of parental consent, in compliance with the Children’s Online Privacy Protection Act, we will purge such information from our database and cancel the corresponding accounts. If you believe we may have any information from or about a child under 13, please see our “How to Contact Us” Section below. Please visit the FTC’s website at www.ftc.gov for tips on protecting children’s privacy online.

13. Keeping Your Personal Information Secure. We use reasonable and appropriate physical, technical, and administrative safeguards to protect your information from unauthorized use, access, loss, misuse, alteration, or destruction. We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

However, while we strive to protect your privacy, due to many reasons, including the inherent security flaws in the internet, we cannot guarantee the security of any information you disclose to us and, as such, you agree that your disclosure of such information is at your own risk.

14. Where Your Personal Information is Held. Information may be held at our offices and those of our third party agencies, service providers, representatives and agents as described above (see above: “Who We Share Your Personal Information with”).

15. A Note to Users Outside of the United States. Company is headquartered in the United States and utilizes service providers in the United States. The Site is not intended for Site visitors outside the United States. If you are a non-U.S. user of the Site, by visiting the Site and providing us with data, you acknowledge and agree that your personal information may be processed for the purposes identified in this Privacy Policy. If you choose to access our Site outside the United States, Company and our service providers may transfer your personal information to, or access it in, jurisdictions that may not provide equivalent levels of data protection as your home jurisdiction. In particular, you are advised that the United States of America uses a sectoral model of privacy protection that relies on a mix of legislation, governmental regulation, and self-regulation. Where the laws of your country allow you to do so, by using the Site or the services or by providing your data, you consent and authorize Company to transfer, store, and use all such personal information in the United States of America (and any other country where we operate) which may not offer an equivalent level of protection to that required in the country where you reside and to the processing of that personal information by us on our servers located in the United States of America, as described in this Privacy Policy. If you do not want your personal information transferred to the United States of America and any other country where we operate, please do not submit any information to us or use our Site or the services.

16. Third Party Websites.

If, in your interactions with the Site, you are linked or directed to, or click on, a third party website, we cannot control what information you may provide to that party or on that website, and we are not responsible for how that party may use or disclose any information you may provide to them. This is not as an endorsement by us of any third party website, content that may be offered on such third party website, or of any products or services provided by such third party. We do not control, nor are we responsible for, such third party website, product or service offerings. As such, we urge that you exercise caution before providing them with your personal information and to review the third party’s privacy policy for information on its data processing practice.

You should contact the site administrator for such third party website if you have any complaints, claims, concerns or questions regarding such third party website or its privacy practices.

17. Changes to This Privacy Policy. This Privacy Policy was published on the date “Last Updated” above.

We may change this Privacy Policy from time to time. Changes to this Privacy Policy will be made by updating this page. Please visit this Privacy Policy regularly to read the current version.

18. How to Contact Us. Please contact us by post, email or telephone if you have any questions about this Privacy Policy or the information we hold about you. Our contact details are shown below:

CerteDrive Corp.
1140 Monroe Ave NW, Suite150
Grand Rapids, Michigan 49503
Telephone: (616) 459-1566
Email: support@certedrive.com