LEGAL

Privacy Policy

Last updated 9/10/2019

Welcome to Simply Business. This Privacy Policy explains Simply Business’s policy for personally identifiable information (“Personal Information”) and other information we collect from both users and visitors to any website under Simply Business’ control, collectively whether partial or otherwise (including, without limitation, www.simplybusiness.com, www.harborwayinsurance.com, and the web-site from which these Terms were accessed from), Simply Business social media, and other content created by Simply Business (collectively, the “Site”).

The Site is owned and operated by Simply Business, Inc. ("Simply Business", "we," "our" or "us"). Our business is to make protecting your business or rental as simple as possible, with no hint of compromise on quality or cost. That being said, there are certain ways that we'll use your Personal Data which this policy explains in detail.

We've done our best to write this in clear and easily understandable language. If any part of this privacy policy is unclear, we're happy to guide you: [email protected]

This Privacy Policy applies to information we collect through any version of the Site. It governs how we receive and handle information.

This privacy policy doesn't apply to:

• Data collection that happens offline or outside of our Site (unless otherwise stated below).
• The data practices of third parties who may interact with our Site.
• Simply Business is responsible for data we share with third parties in relation to our Site, but we are not responsible for any unauthorized or unofficial integrations that our customers create.

To get the full picture, you should also review our Terms and Conditions

By using our Site, you consent to our Privacy Policy and Terms and Conditions. You also consent to our collection, use and sharing of your information, data, and other activities, as described below.

What information do we collect?

Information you give us

Personal Data

As you use the Site, we may ask you for personally identifiable information, like your name or email address. We'll call this "Personal Information". We may collect Personal Information through forms and other interactions on the Site.

We ask you for information to contact insurers that may fulfill your insurance needs. We have kept to a minimum the amount of "required" information that you need to provide us across our Site. If you do not want to provide us with certain information it may therefore be impossible for us to provide all aspects of our service to you. We may store your Personal Information on our servers. In the event you make a purchase and authorize Simply Business to use your credit or debit card information, we may save your payment information to allow for their use the next time you want to make a purchase from us.

Information collected as you use the site

We also collect information from across our Site. This enables us to see how people use our Site, and helps us in continually refining and enhancing our service. We may also use aggregated customer information to provide potential insurers with a general profile of people using our Site, and to analyze the effectiveness of our service to customers. None of this information can be related back to you as an individual.

We also take information like how long you've been on the Site and which pages you've visited. This helps us improve the services we provide to our customers.

Tracking Technology

We also work with third party "analytics" companies who analyze the activity of visitors to our Site. As part of this, their use of cookies and other tracking technologies (collectively, "Tracking Technologies") enable them to have access to some personal information about our visitors, such as your IP address and general location. However, they do not have access to details such as your name, phone number, address, email or payment details.

One of the ways we do this is through "cookies". A cookie is a small file our Site gives your device when it's accessed. We use cookies to enable functionality, improve Site usage analytics, and market the Site. Most browsers allow you to turn off cookies. However, switching off cookies will restrict your use of the Site.

We and our vendors may also use tools like web beacons ("clear gifs"), scripts, and images to help manage site content and usage.

These technologies help us understand the performance and usefulness of content in the Site. We use these insights to improve the content and products offered through the Site.

Tracking Technologies used by our Site providers are not covered by this policy. We don't have control over them, but do screen to make sure they have acceptable policies before integrating.

Tracking Consent

We get your consent to our storage and collection Tracking Technologies in a few ways:

• Giving you transparent information in this Privacy Policy
• Giving you the opportunity to choose to disable cookies.

FYI: We are not required to get consent for Tracking Technology that's strictly necessary to the Site. For example, using cookies as a way to improve security through fraud prevention.

Third Party Tracking

Simply Business may use other Tracking Technologies (some which may not exist yet) in connection with the Site in the future.

Third parties may also use Tracking Technologies in connection with our Site. They may collect information about your online activities across third party websites. We may not control those Tracking Technologies and we are not responsible for them. You consent to encountering third party Tracking Technologies as you use our Site. You also accept that our Privacy Policy does not apply to Tracking Technologies or practices of third parties.

"Do Not Track"

Some third parties have ways (e.g. Browser do-not-track signals) for users to control how online services collect their information. We don't currently take any action based on these signals, however this may change in the future.

How do we use information we collect?

If you fill in one of the forms on our Site, you provide Personal Information to us. The purpose of our Site is to connect you with different insurance organizations. In order to do this, we will pass the data you have provided to potential insurers. We may verify that your Personal Information is active and valid.

The success of the Site is based on us finding companies that can meet your financial needs. To do this we need to share the information you provide to us on the Site. We therefore may disclose your Personal Information to third parties who wish to provide you with quotes for products or services related to the request you have submitted on the Site. We will also disclose your information to suppliers we engage to process data on our behalf. We will also use information internally in the administration of this Site. We may also provide marketing information to those organizations who have introduced your inquiry to us.

We will not, without permission, willfully disclose a participant's financial information to any third party except as provided herein, or when we believe in good faith that it is required by law or regulation.

Additionally, we may use Personal Information that we collect about you: to contact you about your use of the Site (including, at our discretion, changes to the Site and/or any of the Site's policies); for internal business purposes; and for purposes disclosed at the time you provide information or as otherwise set forth in this Privacy Policy.

Inquiries

When you contact us, we will use that information only for reasons connected with your request. Not all information submitted on the Site via a "contact us" form or other similar inquiry method may receive a response.

When do we share information with third parties?

The purpose of our Site is to connect you with different insurance organizations. There are certain situations where we may share information we have collected about you with third parties. This includes Personal Information as disclosed at the time you provide your information and as described below or otherwise in this Privacy Policy. We also may share non-Personal Information, such as aggregated user statistics, with third parties.

We may also disclose your information as follows:

• Requested Third Parties: Our Site may present options to receive certain information or marketing from third parties. By completing a form on the Site, you will have us send (or give access to) certain information to third parties. If you choose to do so, your Personal Information and other information may be disclosed to those third parties. All information you disclose will be subject to the third-party privacy policies and practices.
• Site Providers: We may use third-party vendors to perform certain services on behalf of us or the Site. A few examples include hosting the Site, analytics, and other administrative services. We may provide these vendors with access to user information, including Personal Information, to carry out the services they are performing for you or for us. Third-party analytics service providers such as Google Analytics and other service providers may set and access their own Tracking Technologies on your device and they may otherwise collect or have access to information about you, potentially including Personal Information, about you. We are not responsible for those third party technologies or activities arising out of them, nor are we responsible for the effectiveness of or compliance with any third parties' opt-out options. We are not responsible for those third party technologies or activities arising out of them.
• Legal Requirements: To the fullest extent permitted by applicable law, we may also disclose your information if we believe in good faith that doing so is necessary or appropriate to: (i) protect or defend the rights, safety or property of Simply Business or third parties (including through the enforcement of this Policy, our Terms and Conditions, and other applicable agreements and policies); or (ii) comply with legal and regulatory obligations (e.g., pursuant to law enforcement inquiries, subpoenas or court orders). To the fullest extent permitted by applicable law, we have complete discretion in electing to make or not make such disclosures, and to contest or not contest requests for such disclosures, without notice to you.
• Business Transfers: We may share your Personal Information with our parent, subsidiaries and affiliates ("Affiliates"). We also reserve the right to disclose and transfer all such information: (i) to a subsequent owner, co-owner or operator of the Site or applicable database; or (ii) in connection with a merger, consolidation, restructuring, the sale of substantially all of our interests and/or assets or other corporate change, including, during the course of any due diligence process.

Third party content and sites

The Site may contain content that is supplied by a third party, and those third parties may collect information when pages from the Site are served to you. In addition, when you are on the Site you may be directed to other sites that are operated and controlled by third parties that we do not control. We are not responsible for the data collection and privacy practices employed by any of these third parties or their sites and they may be tracking you across multiple sites and may be sharing the results of that tracking with us and/or others. For example, if you click on a link, the click may take you off the Site onto a different site. These other sites may associate their Tracking Technologies with you, independently collect data about you, including Personal Information, and may or may not have their own published privacy policies. We encourage you to note when you leave our Site and to review the third-party privacy policies of all third-party websites and exercise caution in connection with them.

Changing information and communication preferences

You are responsible for maintaining the accuracy of the information you submit to us, such as your contact information. The Site may allow you to review, correct or update Personal Information you have provided through the Site's forms or otherwise, and you may provide changes by contacting us. If so, we will make good faith efforts to make requested changes in our then active databases as soon as reasonably practicable (but we may retain prior information as business records). Please note that it is not always possible to completely remove or delete all of your information from our databases and that residual data may remain on backup media or for other reasons. When you edit your Personal Information or change your preferences on the Site, information that you remove may persist internally for Simply Business's administrative purposes.

At the point of submitting your personal details, we collect your email address to enable insurance organizations to contact you. Additionally, this allows Simply Business's customer service team to get in touch if any more information is needed. You may request not to receive future communications, do so by contacting us at [email protected] or using the details set out below.

International Users

Our Site is operated in the United States. If you are located outside of the United States, please be aware that information we collect, including Personal Information, will be transferred to, and processed, stored and used in the United States. The data protection laws in the United States may differ from those of the country in which you are located, and your Personal Information may be subject to access requests from governments, courts, or law enforcement in the United States according to laws of the United States.

By using the Site or providing us with any information, you consent to the transfer to, and processing, usage, sharing, controlling and storage of your information, including Personal Information, in the United States as set forth in this Privacy Policy

European Union Users - Privacy Shield Framework

Simply Business is pursuing participation with the EU-U.S. Privacy Shield Framework. Simply Business is committed to subjecting all personal data received from European Union (EU) member countries, in reliance on the Privacy Shield Framework, to the Framework's applicable Principles. To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce's Privacy Shield List.

Once certified, Simply Business will be responsible for the processing of personal data it receives, under the Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. Simply Business intends to comply with the Privacy Shield Principles for all onward transfers of personal data from the EU, including the onward transfer liability provisions.

With respect to personal data received or transferred pursuant to the Privacy Shield Framework, Simply Business expects to be subject to the regulatory investigatory and enforcement powers of the U.S. Federal Trade Commission. In certain situations, Simply Business may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

In compliance with the Privacy Shield Principles, Simply Business commits to resolve complaints about our collection or use of your personal information. EU individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Simply Business by email at [email protected].

Simply Business has further committed to refer unresolved Privacy Shield complaints to JAMS, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact or visit https://www.jamsadr.com/eu-us-privacy-shield for more information or to file a complaint. The services of JAMS are provided at no cost to you.

Under certain conditions, more fully described on the Privacy Shield website, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.

Children and COPPA

We are a general audience Site and do not use the Site to knowingly collect personal information from children under the age of thirteen (13) that requires parental notice and consent under the Children's Online Privacy Protection Act ("COPPA") without such parental consent. In fact, if you are under 18 years of age, you are not permitted to use the Site and should not send any information about yourself to us through the Site.

In the event that we become aware that we have collected personal information from any child, we will dispose of that information in accordance with COPPA and other applicable laws and regulations. If you are a parent or guardian and you believe that your child under the age of 13 has provided us with personal information without COPPA-required consent, please contact us by email at [email protected]

Security

We make every effort to use commercially reasonable safeguards to help protect and secure your Personal Information. However, no data transmission over the Internet, mobile networks, wireless transmission or electronic storage of information can guarantee to be 100% secure. Please note that we cannot ensure the security of any information you transmit to us, and you use our Site and provide us with your information at your own risk.

Contacting Simply Business

If you have any questions about the Privacy Policy or practices described in it, you should contact us at [email protected] or at our mailing address:

Simply Business, Inc.
> 1 Beacon Street
> 15th Floor
> Boston, MA 02108

Dispute Resolution

Anyone can bring up privacy complaints directly to us at the contact above and we will respond within 45 days. If both sides fail to resolve the complaint, the individual has a right to engage with JAMSto address the complaint.

What happens when this policy changes?

We reserve the right to change this Privacy Policy at any time. Any changes will be effective immediately upon the posting of the revised Privacy Policy and your use of our Site indicates your consent to the privacy policy posted at the time of use. However, we will not use your previously collected Personal Information in a manner materially different than represented at the time it was collected without your consent. We will also keep prior versions of this Privacy Policy in an archive for your review.