Privacy Notice

• Information about your visits to the Site and use of the Services, the resources you access, any data you download, and information related to the ways in which you interact with the Site or the Services;
• IP addresses, including the general information in such address, such as city, state and zip code, unique device identifiers, other information about your mobile phone or other mobile device(s), browser types, and browser language;
• Referral pages and links, URLs, number of clicks, pages viewed, how long you're on a page, your search queries and results;
• Information about your device, computer and/or browser you use, as well as the device's operating system, such as device hardware model, operating system version, or mobile network information; and
• Data about your device’s location, which can be precise (e.g., latitude/longitude data) or imprecise (e.g., location derived from an IP address or data that indicates a city or postal code level).

• Data brokers from which we purchase demographic data to supplement the data we collect.
• Social networks when you reference our Service or grant permission to Laserfiche to access your data on one or more of these services.
• Partners with which we offer co-branded services, sell or distribute our products, or engage in joint marketing activities.
• Publicly-available sources such as open government databases or other data in the public domain.

Laserfiche collects and uses the information you provide in connection with our Site and Services for our business purposes, including to:

• Manage our Site and Services, including your registration and account;
• Perform services requested by you, such as to respond to your comments, questions, and requests, and provide customer service;
• Send you technical notices, updates, security alerts, information regarding changes to our policies, and support and administrative messages;
• Prevent and address fraud, breach of policies or terms, and threats or harm;
• Keep you informed regarding Laserfiche and our software and services;
• Develop and send you direct marketing, including advertisements and communications about our and third-party products, updates, special offers, promotions, rewards, events, and services;
• Help Laserfiche enhance products and services;
• Contact you for market research and to survey your satisfaction with Laserfiche software and services;
• Encourage you to participate in our user groups and invite you to events that may be of interest, including trainings, webinars, and conferences;
• Improve our Site; and
• Analyze information for trends and statistics, which may entail providing this information to an agent acting on Laserfiche’s behalf to assist in data analytics.

If you supply Laserfiche with your postal address online, you may receive periodic mailings from us with information on new products and services or upcoming events. If you supply us with your telephone number online, you may receive telephone calls from us with information regarding orders and/or requests you have placed online – such as a software demonstration request or general business inquiry.

If you supply Laserfiche with your email address, you may receive email messages from us for marketing purposes such as providing information on new products and services or upcoming events. We may track when you open our e-mail messages or click on the links contained within them.

You have the right to opt-out of marketing communications we send you at any time. You can exercise this right by clicking on the "unsubscribe" or "opt-out" link in the marketing e-mails we send you. To opt-out of other forms of marketing (such as postal marketing or telemarketing), please contact us using the contact details under the “Contact Us” heading below.

Note that by opting in to allow Laserfiche and its event sponsors/industry partners to receive your contact information through an event in accordance with this Privacy Notice, you will be subject to each event sponsor/industry partner’s communications and privacy Notice as well and must opt-out with them directly.

We also use information about you for commercial purposes with your consent, including to:

• Serve advertising tailored to your interests on our Service and Third-Party Services; and
• Fulfill any other purpose disclosed to you and with your consent.

We may use information that does not identify you (including information that has been de-identified) without obligation to you except as prohibited by applicable law.

Subject to recent changes in the law, which may include a different definition of "sell" from those previously used in this Notice (further discussed below), Laserfiche generally does not sell or rent your information. Laserfiche will disclose information it has about you for our business purposes including, but not limited to, those described as follows:

We will occasionally hire other companies or contract with third-party consultants to provide limited services on our behalf. Laserfiche will only provide those companies the information they need to deliver services, and they are prohibited from using that information for any other purpose.

We also share information about you as follows:

• Affiliates for Business Purposes. We may share your information with our related entities including our parent and sister companies. For example, we may share your information with our affiliates for customer support, marketing, and technical operations.
• Customers for Business Purposes. We share your information with our customers in connection with us processing your information on their behalf. For example, we share your information with our customers in order to facilitate your orders, maintain and administer your online accounts, respond to your questions and comments, comply with your requests, market and advertise to you, and otherwise comply with applicable law.
• Business Partners for Business and/or Commercial Purposes. We may share your information with our business partners in connection with offering you co-branded services, selling or distributing our products, or engaging in joint marketing activities. For example, we may share information about you with a retailer for purposes of providing you with product support. We may also share your information with approved third parties for marketing purposes; this may include our authorized resellers, user group training partners, and cloud solution providers. We may also share your information with third parties who provide services to assist us with our business activities.
• Promotions. Our promotions may be jointly sponsored or offered by third parties. If you voluntarily choose to enter a promotion, we may share your information with third parties for those commercial purposes as set forth in the official rules that govern the promotion as well as for administrative purposes and as required by law (e.g., on a winners list).
• User Group, Training, and Events. Our events may be jointly sponsored or offered by third parties. If you voluntarily sign-up for an event through Laserfiche, we may share your contact details or information that you provide with the sponsor, facility, or any other organization who we schedule you to meet with at that event for commercial purposes in order to fulfill your event registration and/or inform you of future events organized by the sponsor, which we believe you may be interested in.
• Some information about your use of the Site and Services and certain Third Party Services may be collected using Tracking Technologies across time and services and used by us and third parties for business and/or commercial purposes such as to associate different devices you use, and deliver relevant ads and/or other content to you on the Site, Services, and certain Third Party Services, as explained further under the "Cookies and Other Tracking Technologies And Choices Regarding the Same" heading.
• Third Parties. We may share your information with third parties for business purposes of facilitating your requests (such as when you choose to share information with a social network about your activities on the Site or Services) and for commercial purposes in connection with tailoring advertisements, measuring and improving our Service and advertising effectiveness, and enabling other enhancements, subject to your preferences (where applicable).
• Consent or another lawful purpose. We may share your information for any other lawful purpose and/or with your consent.

We will share your information to respond to duly authorized requests from governmental authorities as required by law, or in circumstances in which we believe disclosure is necessary or reasonably appropriate to protect the rights, property, or safety of us or others. Please note that Laserfiche is required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Some of the hyperlinks on our Site may lead to third-party websites that are not controlled by or affiliated with Laserfiche ("Third Party Services"). These links are provided solely as a convenience to you and not as an endorsement by Laserfiche of the content on such third-party websites. If you use our Services, which include third-party integration(s), such Services are also subject to the terms of use and privacy Notice of each applicable third-party entity. For example, Office Online is a Microsoft service and use of Office Online is subject to Microsoft’s terms of use and privacy Notice. Laserfiche is not responsible for and does not endorse, guarantee or monitor the content, availability, viewpoints, products or services that are offered or expressed on such third-party websites and does not make any representations or warranties regarding the content or accuracy of any content on these third-party websites, including third-party privacy policies. Without limiting the foregoing, in our sole discretion, we may share aggregated information which does not identify you or de-identified information about you with third parties or affiliates for any purpose except as prohibited by applicable law.

Laserfiche also discloses your personal information when: (a) we are required to do so by law, regulation, warrant, subpoena or court order, (b) we are required in urgent circumstances to protect the personal safety of Laserfiche employees, users of Laserfiche products or services, or members of the public, (c) it is necessary to enforce the Terms of Use, or to exercise, establish or defend our legal rights, or (d) such disclosure is part of a sale of all (or substantially all) of the assets of one or more divisions or affiliates of Laserfiche where customer information might be included among the transferred assets.

Laserfiche does not generally sell personal information as the term "sell" is traditionally understood. However, to the extent the California Consumer Privacy Act ("CCPA") is interpreted to include advertising technology activities such as those disclosed below in the Section entitled "Cookies and Other Tracking Technologies And Choices Regarding the Same" as a "sale," Laserfiche will comply with applicable law as to such activity. For more information about how to opt-out of sale of personal information, see the Section below entitled "California Privacy Rights."

Do-Not-Track ("DNT") is a preference that can be set in your browser to notify websites you visit that you do not want them to collect certain information about you. Laserfiche does not respond to DNT signals at this time and will not do so unless and until the law is interpreted to require such response. As discussed in this Notice, we and third parties may track your visits to our Site to provide targeted advertising.

Please see our Cookie Statement for information about how we use cookies and similar tracking technologies. In addition to the technologies listed in our Cookie Statement, we use the following to collect information:

• Device Fingerprinting. Device fingerprinting is the process of analyzing and combining sets of information elements from your device’s browser, such as JavaScript objects and installed fonts, in order to create a "fingerprint" of your device and uniquely identify your device and apps.
• App Technologies. There are a variety of tracking technologies that may be included in our apps, and these are not browser-based like cookies and cannot be controlled by browser settings. For example, our apps may include third party SDKs, which is code that sends information about your use to a server, and is in effect the app version of a pixel. These SDKs allow us to track our conversions, bring you advertising both on and off the Service, and provide you with additional functionality, such as the ability to connect our Service with your social media account.
• Location-Identifying Technologies. GPS, WiFi, Bluetooth, and other location-aware technologies may be used to collect precise location data when you enable location-based services through your device. Location data may be used for purposes such as verifying your device’s location and delivering or restricting relevant content and advertising based on that location.

As discussed in our Cookie Statement, we also work with ad serving services, advertisers, and other third parties to serve advertisements on the Site, Services, and/or on Third Party Services. These third parties may use Tracking Technologies on our Sites, Services, and Third Party Services (including in e-mails and advertisements) to track your activities across time and services for purposes of associating the different devices you use, and delivering relevant ads and/or other content to you on the Site, Services, and Third Party Services or third party devices after you have left the Service ("Interest-based Advertising").

We serve ads on and through Third Party Services, such as Facebook, LinkedIn and Google, that are targeted to reach people (or people similar to people) who have visited our Site or are identified in one or more of our databases ("Matched Ads"). This is done by us uploading a customer list to the Third-Party Service or incorporating a pixel from the Third-Party Service on our Site, and the Third-Party Service matching common factors between our data and their data. To opt-out of receiving Matched Ads, please contact the applicable Third-Party Service. If we use Facebook Custom Audiences to serve Matched Ads on Facebook services, you should be able to hover over the box in the right corner of such Facebook ads and find out how to opt-out. We are not responsible for such Third-Party Service’s failure to comply with your opt-out instructions.

You can reset your device advertising ID at any time through your device settings, which is designed to allow you to limit the use of information collected about you. For information on how to do this on Apple devices, visit Apple.com. For information on how to do this on Android devices, visit Google.com. You can stop all collection of information via an app by uninstalling the app.

The location data collected through an app depends on your device settings and app permissions. You can exercise choice over the location data collected through our apps by (i) for GPS data, disabling location in your device settings or disabling location permissions to that app; (ii) for Bluetooth data, disabling Bluetooth and any Bluetooth scanning option in your device settings; or (iii) for WiFi data, disabling WiFi and any WiFi scanning option in your device settings. You can stop collection of all location data via an app by uninstalling the app.

Some of the third parties that collect information from or about you on the Site or Services in order to provide more relevant advertising to you participate in the Digital Advertising Alliance ("DAA") Self-Regulatory Program for Online Behavioral Advertising. This program offers a centralized location where users can make choices about the use of their information for online behavioral advertising. To learn more about the DAA and your opt-out options for their members, please visit (i) for website opt-out, https://www.aboutads.info/choices; and (ii) for mobile app opt-out, https://www.aboutads.info/appchoices. In addition, some of these third parties may be members of the Network Advertising Initiative ("NAI"). To learn more about the NAI and your opt-out options for their members, please visit https://www.networkadvertising.org/choices/. Please note that if you opt-out of online behavioral advertising using any of these methods, the opt-out will only apply to the specific browser or device from which you opt-out. Further, opting-out only means that the selected members should no longer deliver certain Interest-based Advertising to you, but does not mean you will no longer receive any targeted content and/or ads (e.g., from other ad networks). We are not responsible for effectiveness of, or compliance with, any third-parties’ opt-out options or programs or the accuracy of their statements regarding their programs.

You may also limit our use of information collected from or about your mobile device for purposes of serving online behavioral advertising to you by going to your device settings and selecting "Limit Ad Tracking" (for iOS devices) or "Opt Out of Interest-Based Ads" (for Android devices).

Please be aware that if you disable or remove Tracking Technologies some parts of the Service may not function correctly.

Laserfiche has always considered our advertising technology partners to be Service Providers. However, regulators may interpret newer data protection laws such as the CCPA as characterizing certain kinds of digital advertising activities as "sales." In such an event, Laserfiche will comply with applicable laws in connection with its use of such advertising technology services on its Services.

For further information about the types of Tracking Technologies we use, why, and how you can control such Tracking Technologies, please see our Cookie Statement.

Occasionally, portions of the Site may allow you to post information that other visitors to the Site will be able to access (i.e., a "bulletin board" or interactive "chat"). If you choose to post information on a bulletin board or through a chat session, it becomes available to the public, and Laserfiche has no ability to control or limit the use of information that is available to the public. Laserfiche and its affiliates will utilize any information you post through the Site in connection with the operation of its business. Laserfiche encourages you not to post any information you consider private or sensitive on the Site. To request removal of your information from such bulletin boards or chat sessions, please contact us using the contact details provided under the "Contact Us" heading below. In some cases, we may not be able to remove your information, in which case we will let you know if we are unable to and why.

• You can opt-out of receiving promotional e-mails from us at any time by following the instructions as provided in e-mails to click on the unsubscribe link, or e-mailing us at the e-mail address set forth in the section entitled "Contact Us" below with the word UNSUBSCRIBE in the subject field of the e-mail. Please note that you cannot opt-out of non-promotional e-mails, such as those about your account, transactions, servicing, or Laserfiche’s ongoing business relations. To opt-out of other forms of marketing (such as postal marketing or telemarketing), please contact us using the contact details provided under the "Contact Us" heading below.

  If you have opted-in to receive push notification on your device, you can opt-out at any time by adjusting the permissions in your device or uninstalling our app.

Please note that your opt-out is limited to the e-mail address, device, and phone number used and will not affect subsequent subscriptions.

California consumers, Nevada consumers, and data subjects in Europe may have additional rights as set forth in the sections entitled "California Privacy Rights," "Nevada Privacy Rights," and "European Privacy Rights" below. For more information about choices regarding Tracking Technologies, see the section on "Cookies and Other Tracking Technologies and Choices Regarding the Same" above.

• Shine The Light Customer Rights

  Customers in the State of California may request a list of categorized third parties and in some cases affiliates to whom we may have disclosed their personal information specifically for those third parties’ and/or affiliates’ own marketing purposes, as well as the type of personal information disclosed to those parties. If you are a California resident and would like to request this information, please submit a written request to the email or address provided below. Requests must include "California Privacy Rights Request" in the first line of the description and include your name, street address, city, state, and ZIP code. Please note that we are not required to respond to requests made by means other than through the provided e-mail address or mail address.

• California Consumer Rights Under The CCPA

  Right to Know and Delete.

  Consumers who are California residents (and not representatives of businesses, whether those businesses are our customers or others) have the right to know certain information about our data practices in the preceding 12 months. In particular, they have the right to request the following from us:

  • The categories of personal information we have collected about them;
  • The categories of sources from which the personal information was collected;
  • The categories of personal information about them that we disclosed for a business purpose or sold;
  • The categories of third parties to whom the personal information was disclosed for a business purpose or sold; and
  • The business or commercial purpose for collecting or selling the personal information.

In addition, in certain circumstances California consumers have the right to delete the personal information we have collected from them.

To exercise any of these rights, California consumers should submit a request through our online form available at https://secure1.laserfiche.com/Forms/CCPARequest, email us at privacy@laserfiche.com, or call us at 800-985-8533. In the request, please specify which right you are seeking to exercise and the scope of the request. We will confirm receipt of your request within 10 days. We may require specific information from you to help us verify your identity and process your request. If we are unable to verify your identity, we may deny your requests to know or delete.

If we have processed personal information about you as a service provider on behalf of a customer and you wish to exercise any rights you have with such personal information, please inquire with our customer directly. If you wish to make your request directly to us, please provide the name of our customer on whose behalf we processed your personal information. We will refer your request to that customer, and will support them to the extent required by applicable law in responding to your request.

Do Not Sell My Personal Information.

Laserfiche will always seek your affirmative direction/consent to intentionally disclose personal information to third parties in ways that might otherwise be construed to be a "sale" under the CCPA.

Nevada law (NRS 603A.340) requires each business to establish a designated request address where Nevada consumers may submit requests directing the business not to sell certain kinds of personal information that the business has collected or will collect about the consumer. A sale under Nevada law is the exchange of personal information for monetary consideration by the business to a third party for the third party to license or sell the personal information to other third parties. If you are a Nevada consumer and wish to submit a request relating to our compliance with Nevada law, please contact us at Nevadarequests@laserfiche.com.

If you are a data subject located in the European Economic Area ("EEA"), you may have the right to access, rectify, or erase personal data we have collected about you through the Site or Services. You may also have the right to data portability and the right to restrict or object to our processing of personal data we have collected about you through the Site or Services. In addition, you have the right to ask us not to process your personal data (or provide it to third parties to process) for marketing purposes or purposes materially different than for which it was originally collected or subsequently authorized by you. You may withdraw your consent at any time for any data processing we do based on consent you have provided to us. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.

Laserfiche is committed to cooperating and complying with European Union data protection authorities (DPAs) advice with respect to any human resources data transferred from the European Union in the context of the employment relationship.

To exercise any of these rights, contact us as set forth in the section entitled "Contact Us" below and specify which right you intend to exercise. We will respond to your request within 30 days. We may require additional information from you to allow us to confirm your identity.

If your information has been processed by us on behalf of a customer and you wish to exercise any rights you have with such information, please inquire with our customer directly.

If you have any issues with our compliance, you have the right to lodge a complaint with a European supervisory authority.

If you are a visitor from the EEA, our legal basis for collecting and using the personal data described above will depend on the personal data concerned and the specific context in which we collect it.

However, we will normally collect personal data from you only where we have your consent to do so, where we need the personal data to perform a contract with you, or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms. In some cases, we may also have a legal obligation to process personal data about you, for example when providing personal data to a law enforcement agency or where we have an accounting or tax obligation. In rare situations, we may also need to share your personal data with others to protect your vital interests or those of another person.

If we ask you to provide personal data to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your personal data is mandatory or not (as well as of the possible consequences if you do not provide your personal data).

Similarly, if we collect and use your personal data in reliance on our legitimate interests (or those of any third party), we will make clear to you at the relevant time what those legitimate interests are.

If you have questions about or need further information concerning the legal basis on which we collect and use your personal data, please contact us using the contact details provided under the “Contact Us” heading below.

Your information may be transferred to, and processed in, countries other than the country in which you are resident. These countries may have data protection laws that are different to the laws of your country.

Specifically, Laserfiche is headquartered in the USA, our data centers are located in the USA, Canada, and Ireland, and our group companies and third-party service providers and partners operate around the world. This means that when we collect your information we may process it in any of these countries.

However, we have taken appropriate safeguards to require that your personal data will remain protected in accordance with this Notice. For personal data transferred from the United Kingdom, the European Union, and Switzerland, we will provide appropriate safeguards, such as through use of standard contractual clauses.

Laserfiche complies with the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data transferred from the European Union and Switzerland to the United States. Laserfiche has certified to the Department of Commerce that it adheres to the Privacy Shield Principles ("Principles"). If there is any conflict between the terms in this Notice and the Principles, the Principles shall govern personal data processed in reliance on Privacy Shield. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/. Laserfiche will use appropriate safeguards to comply with the judgment issued by the Court of Justice of the European Union on July 16, 2020 declaring the EU-U.S. Privacy Shield Framework as invalid.

Laserfiche’s responsibility for personal data it receives in reliance on Privacy Shield and subsequent transfers of that personal data to third parties is detailed in the Principles. Where Laserfiche relies on the Principles for onward transfers from the EU and Switzerland, including the onward transfer liability provisions, Laserfiche remains responsible under the Principles for third-party agents processing personal data on its behalf.

With respect to personal data received or transferred pursuant to Privacy Shield, we are subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Laserfiche commits to resolving complaints about your privacy and our collection and use of your personal data in reliance on Privacy Shield within 45 days of receiving your complaint. Individuals with questions or complaints regarding this Notice should first submit inquiries by contacting us using the contact details provided under the "Contact Us" heading below. heading below. Laserfiche has further committed to refer unresolved complaints regarding personal data transferred in reliance on Privacy Shield to the American Arbitration Association, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not resolved your complaint, please contact or visit the American Arbitration Association for more information or to file a complaint. When filing by mail or email, please complete the appropriate Privacy Shield Program Notice of Arbitration Form located in the link below and forward to the International Centre for Dispute Resolution.

International Centre for Dispute Resolution Case Filing Services
1101 Laurel Oak Road, Suite 100
Voorhees, NJ 08043
United States
Phone: +1.212.484.4181
Email box: casefiling@adr.org

For any questions or for further information about this program, the ICDR’s International Arbitration Rules, or with additional language versions of the ICDR’s International Arbitration Rules, please contact the International Centre for Dispute Resolution at +1.212.484.4181 or by visiting the website https://go.adr.org/privacyshield.html. The services of the American Arbitration Association are provided at no cost to you.

Under certain limited circumstances, data subjects, as defined by the Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, of the European Union, may invoke binding Privacy Shield arbitration as a last resort if all other forms of dispute resolution have been unsuccessful. To learn more about this method of resolution and its availability to you, please visit https://www.privacyshield.gov/.

We have implemented industry standard controls, intrusion detection network monitoring, and reasonable security measures designed to protect the personal information that you submit through the Services and Site. These measures include physical access controls, access authorization controls, and firewalls. We also periodically review our information collection, storage, and processing practices to help prevent loss, misuse, unauthorized access, alteration or other destruction of information we collect. When accessing secure sections of the Site, we use Transport Layer Security (TLS) encryption to secure the communication of information passing between your browser and our servers. Additionally, only authorized administrators, Laserfiche employees and third-party contractors have access to systems containing such information. Nevertheless, transmission via the internet is not completely secure and we cannot guarantee the security of your information.

The Site and Services are intended for a general audience and not directed to children under sixteen (16) years of age. We do not market products or services to children, and we do not knowingly collect personal information from children at any time, including as defined by the U.S. Children’s Privacy Protection Act ("COPPA") or personal information as defined under the CCPA from anyone under the age of 16 without verification of consent. If you are under the age of 16, please do not provide personal information of any kind whatsoever and please do not use Laserfiche Site and Services or participate in Laserfiche’s surveys, contests, events, and other promotions. If you are a parent or guardian and believe Laserfiche has collected such information without parental consent, please contact us as set forth in the section entitled "Contact Us" below and we will remove such data to the extent required by COPPA or other applicable law.

We retain personal information we collect from you where we have an ongoing legitimate business need to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax or accounting requirements).

Laserfiche may change this Privacy Notice at any time. When we update this Notice, we take appropriate measures to inform you, consistent with the significance of the changes we make. We will obtain your consent to any material changes if and where this is required by applicable data protection laws. You can see when this Notice was last updated by checking the "effective" date displayed at the top of this Notice. Laserfiche recommends that you review this Privacy Notice regularly for any revisions. Your continued use of the Site or Services after such revisions will constitute your acknowledgement of the amended Notice.

If you have any comments or questions regarding our Privacy Notice, or want to exercise your data protection rights, please send a message to:

Compulink Management Center, Inc. d/b/a Laserfiche
ATTN: Data Protection Officer
3545 Long Beach Blvd.
Long Beach, CA 90807
USA
notices@laserfiche.com