Privacy Policy

Privacy Policy

Provectus IT Inc (“Provectus” or “we” or “us”) respects and upholds your right to privacy protection. Provectus recognizes applicable local laws and regulations and relevant data protection standards with respect to the collection, use, disclosure, storage, and transfer of personal information from individuals.

This Privacy Policy sets out how you can contact us in relation to your personal information and, if requested by you, opt-out of this Privacy Policy, limit the use of, or amend, any personal information we may have about you.

By providing us with personal information about yourself through our website, or otherwise, you consent to the collection, use, disclosure, storage, and transfer of that personal information as set out in this Privacy Policy. If at any time, you wish to withdraw your consent to the collection, use, disclosure, storage, and transfer of your personal information in accordance with our Privacy Policy, you may opt-out by contacting us (refer to the Contact Us information below) or by immediately ceasing to provide any further personal information about yourself to Provectus via its website or otherwise.

This Privacy Policy does not apply to the extent that we process personal information in our capacity as a processor or service provider on behalf of our customers. Customers are solely responsible for establishing policies for and ensuring compliance with all applicable laws and regulations, as well as any and all privacy policies, agreements, or other obligations relating to such customers’ use or collection of personal information in connection with the use of our Services by individuals with whom our customers interact. If you are an individual who interacts with a customer using our services, or you otherwise believe that a customer is using our services to process your personal information, and you contact us regarding that data, you will be asked to contact the applicable customer for assistance with any questions or requests regarding your personal information, including, but not limited to, any requests to access, change or delete your personal information.

1. What personal information do we collect from the people who visit our website?  

Generally, the personal information we collect is limited to:

  • Contact data, which includes your email address(es).
  • Identity data, which includes your first name, last name, and the name of your entity.
  • Marketing and communications data, which includes your preferences in receiving marketing from us and your communication preferences.
  • Technical data, which includes your internet protocol (IP) address, login data, browser type, and version, time zone setting and location, browser plug-in types and versions, operating system, platform, and other technology on the devices you use to access this website.
  • Usage data, which includes information about how you use our website.

We may use the above personal data to form a view on what we think you may want or need, or what may be of interest to you.

You may receive marketing communications from us if you have requested information from us or purchased services from us or if you have provided us with your details when you entered a survey or registered for an event or a promotion, and, in each case, you have not opted out of receiving that marketing.

You can tell us not to contact you with marketing communications either at the point such information is collected or by following the unsubscribe instructions in any communication sent to you. You can also exercise this right at any time by contacting us using the contact details at the end of this Privacy Policy.

We do not collect personal Information about you other than the information that you voluntarily provide to us through this site to fulfill the purpose of your request.

We may also collect other personal information contained in the content you submit to us.

2. How long do we process personal information?

We process personal Information only for so long as is necessary for the purpose(s) for which it was originally collected, after which it will be deleted or archived except to the extent that it is necessary for us to continue to process it for the purpose of compliance with legal obligations to which we are subject or for another legitimate and lawful purpose. We will only keep your personal information when we consider it necessary for one of the purposes for which you have disclosed it. If it is no longer necessary to keep your personal information, we will take reasonable steps to destroy or de-identify your personal information safely, if required.

 3. Use of your Information

We use your information for a variety of business and commercial purposes to complete any transaction or provide any product you have requested or authorized. We will not sell (other than as defined under CCPA), rent, loan, or lease your personal information to others unless we have your permission or are required by law to do so. We will not use or share the personal Information that you provide us online in ways unrelated to those described herein without first letting you know and, where required, seeking your consent.

In case we are planning to change the purpose of the processing of your information that is incompatible with the original one, we will contact you to provide you with further information on purposes for processing prior to it taking place, at all times ensuring appropriate legal basis for processing, which may include asking for your additional consent.

If you are based in the European Economic Area (“EEA”), the United Kingdom (“UK”), or Switzerland, our legal basis for collecting and using your personal information will depend on the personal information concerned and the specific context in which we collect it. As further described in Sections 7 and 15, we comply with the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”), the UK Extension to the EU-U.S. DPF, and Swiss-U.S. Data Privacy Framework (“Swiss-U.S. DPF”) regarding collection, retention, and use of personal information from the EEA, the UK, and Switzerland. 

In some limited cases, we may also have a legal obligation to collect personal information from you. If we ask you to provide personal information to comply with a legal requirement, we will make this clear at the relevant time and advise you whether the provision of your personal information is mandatory or not, as well as of the possible consequences if you do not provide your personal circumstance.

4. Who do we disclose your personal information?

We may share your personal information with:

  • Any member of our group, which means our subsidiaries, and their subsidiaries.
  • Appropriate third parties including:
    • our business partners, customers, suppliers, and sub-contractors for the performance of any contract we enter into or other dealings we have in the normal course of business with you or the person that you work for;
    • our auditors, legal advisors, and other professional advisors or service providers;
  • We may sell, transfer or otherwise share information in connection with a merger, acquisition, reorganization, or sale of assets, or in the event of bankruptcy.
  • We may disclose your information to third parties if we determine such disclosure is reasonably necessary to: (a) comply with applicable law, regulation, legal process, or government request, (b) protect any person from death or serious bodily injury, (c) prevent fraud, abuse, or security issue of Provectus or other users, and (d) to protect Provectus’ or its licensors’ rights, property, safety, or interest.
  • In relation to information obtained via our website:
    • our advertisers and advertising networks require the Information to select and serve relevant adverts to you and others. We do not disclose information about identifiable individuals to our advertisers, but we will provide them with aggregate information about our users. We may also use such aggregate information to help advertisers reach the kind of audience they want to target. We may make use of the personal Information we have collected from you to enable us to comply with our advertisers’ wishes by displaying their advertisement to that target audience and subject to the cookie section of this policy;
    • analytics and search engine providers that assist us in the improvement and optimization of our site and are subject to the cookie section of this policy.
  • We may also disclose or share your personal information where you have given us your consent to do so for a specific purpose.

5. Information Security

We are dedicated to keeping your information secure and testing for vulnerabilities. We also continue to work on features to keep your information safe in addition to things like file encryption.

When you give us personal information, we take steps to ensure that it’s treated securely. Non-sensitive details (your email address etc.) are transmitted normally over the internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we make our best effort to ensure its security on our systems.

We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used, or accessed in an unauthorized way, altered, or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors, and other third parties who have a business need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal information data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

We use a variety of secure techniques to store and protect your information, including secure IT systems and firewalls. Any digital transfer of personal information is secured using a range of security methods. Provectus is constantly reviewing its information security technology and practices.

For further information about our security practices, please see our Security page.

6. Children’s Privacy/COPPA

This website is not directed at children under the age of 13. Some children may use our website to obtain information, but we do not anticipate that they will engage in activities that result in the PRC obtaining any personal information. If we learn that we have information about a child under the age of 13, we will delete it.

7. Third-Party Websites and Social Media Platforms

Our website may contain links to other websites for news and other information, and other websites may reference or link to our website or other Services. Our Privacy Policy only applies to this corporate website, and we are not responsible for the privacy practices or the content of other websites. You should check the privacy policies of those sites before providing your personal information to them. Our Services may include publicly accessible blogs, forums, social media pages, talent acquisition platforms, and private messaging features. By using such Services, you assume the risk that the personal information provided by you may be viewed and used by third parties for any number of purposes. In addition, social media buttons such as Facebook, Linked In, and Twitter may be on our website. These features may collect your IP address, and which page you are visiting on our website, and may set a cookie to enable the feature to function properly. These social media features are either hosted by a third party or hosted directly on our website. Your interactions with these features apart from your visit to our site are governed by the privacy policy of the company providing it.

8. Cookies and other technologies

Cookies are small text files placed on your device to store data that can be recalled by a web server in the domain that placed the cookie. 

Our website may use “cookies” and other technologies such as web beacons. These technologies help us to better understand user behavior including for security and fraud prevention purposes, tell us which parts of our websites people have visited, and facilitate and measure the effectiveness of advertisements and web searches. 

Our websites may include cookies or similar technologies from third-party service providers.

We use Google Analytics, a third-party web analysis service provided by Google Inc., which uses “performance cookies” and “targeting cookies” to analyze how you use the website. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States. However, this website uses Google Analytics with the extension ‘_anonymizeIp()’ which means that Google will truncate/anonymise the last octet of the IP address for Member States of the European Union or other parties to the Agreement on the European Economic Area.

On behalf of us, Google will use the information collected for the purpose of evaluating your use of our Website, compiling reports on website activity, and providing other services relating to website activity and internet usage to us. Google will not associate your IP address with any other data held by Google. You may refuse the use of cookies by selecting the appropriate settings on your browser. Furthermore, you can prevent Google’s collection and use of data (cookies and IP address) by downloading and installing the browser plug-in Google Analytics Opt-out Browser Add-on. For more information about Google Analytics cookies, please see Google’s help pages and privacy policy.

You have a variety of tools to control the data collected by cookies and similar technologies. For example, you can use controls in your internet browser to limit how the websites you visit are able to use cookies and to withdraw your consent by clearing or blocking cookies.To learn more about these tools and to control them, please view our Cookies Policy.

9. Future changes to our Privacy Policy

Information that we collect from you may be transferred to, stored, and processed by us, our affiliates, and other third parties in countries outside the EEA, the UK, and Switzerland including, but not limited to, the United States and other countries, where data protection and privacy regulations may not offer the same level of protection as in other parts of the world.

For transfers of personal information from the EEA, the UK, and Switzerland to third countries, we will transfer personal information according to the requirements of applicable data protection legislation by putting in place appropriate safeguards, including by entering into European Commission Standard Contractual Clauses. Customers transferring personal information from the EEA, the UK or Switzerland can reach out to Provectus for a copy of its Data Processing Addendum by contacting us at legal@provectus.com.

In addition, Provectus has self-certified and adheres to the principles identified in the EU-U.S. DPF, UK extension to the EU-U.S. DPF, and Swiss-U.S. DPF set forth by the US Department of Commerce. For more information about our certification and the Data Privacy Framework, see our Data Privacy Framework Notice below.

10. How to contact us

Depending on your location, and subject to applicable law, you may have the following rights with regard to the personal information we control about you.

  • You can access, correct, amend, and delete your personal information by contacting us at legal@provectus.com.
  • If you are based in the EEA, the UK, or Switzerland, you can object to the processing of your personal information, ask us to restrict the processing of your personal information, or request the portability of your personal information. You can exercise these rights by contacting us at legal@provectus.com or through the mechanisms listed on our Data Privacy Framework certification page.
  • If you decide at any time that you no longer wish to receive marketing communications from us, please follow the unsubscribe instructions provided in any of the communications. If you choose to no longer receive marketing communications, we may still communicate with you about security updates, responses to service requests, or other service-related, non-marketing purposes.
  • If we have collected and processed your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal. You can withdraw your consent by contacting us at legal@provectus.com.

You have the right to complain to a data protection authority about our collection and use of your personal information. For more information, please contact your local data protection authority. If you are based in the EEA, the UK, or Switzerland, the contact details for data protection authorities are available below and listed on our Data Privacy Framework certification page.

11. Information for California Consumers

This section applies to California consumers, and it describes how we collect, use, and share the personal information of California consumers in operating our business, and their rights with respect to that Personal Information. For purposes of this section, “personal information” has the meaning given in the California Consumer Privacy Act of 2018 (“CCPA”) but does not include information exempted from the scope of the CCPA. Under the CCPA, Personal Information is any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular California resident or household.

  1. How We Collect, Use, and Share Your Personal Information. We collect the following statutory categories (as defined by CCPA) of Personal Information directly from you or automatically from your device:
  • Identifiers, such as your name, email address, phone number, company name and role, device identifier, IP address, unique browser ID, cookies, beacons, pixel tags, account login, other unique identifiers;
  • Professional or employment-related information, such as information about your business and your role;
  • Inference data, such as information about your preferences;
  • Commercial information, such as your service subscription records, and site engagement;
  • Internet or network information, such as browsing and search history, site and advertisement interactions;
  • Financial information, such as credit card and other billing related information;
  • Geolocation data, such as city, state, and country based on IP address.

The business and commercial purposes for which we collect this information are described in Section 3 of this Privacy Policy; and the categories of third parties to whom we “disclose” the information for a business purpose are described in Section 5 of this Privacy Policy.

  1. California Privacy Rights. California law grants California residents consumers certain rights and imposes restrictions on particular business practices as set forth below.
  • You may request access to, or for a copy of the personal information we have collected, used, disclosed, and disclosed about you over the past twelve (12) months.
  • You may request for us to disclose the purposes for which we use the personal information we collect
  • You may request the categories of sources from which we have collected your personal information
  • You may request that we delete certain personal information we have collected from you.
  • You have a right not to receive discriminatory treatment for the exercise of your CCPA privacy rights
  • California consumers have the right to opt-out of the sale of their personal information. We do not and will not sell your personal information. We may provide third parties with certain personal information to provide or improve our products and services, for example, to deliver products or services at your request. In such cases, we require those third parties to handle the information in accordance with applicable laws and regulations.
  1. How to Exercise Your California Privacy Rights.

If you are a California consumer seeking to exercise your CCPA rights, or if you are an authorized agent wishing to exercise CCPA rights on behalf of someone else, please email us at legal@provectus.com. We will respond to verifiable requests received as required by law.

Please note that to protect your personal information, we will verify your identity by a method appropriate to the type of request you are making. We may also request that your authorized agent have written permission from you to make requests on your behalf, and we may also need to verify your authorized agent’s identity to protect your personal information.

California Civil Code Section 1798.83 permits users of our Services who are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to legal@provectus.com.

If you have questions about your rights under CCPA, please send us an email to legal@Provectus.com.

12. Data Privacy Framework Notice

Provectus AI, Inc. (“Provectus”, “we”, or “us”) complies with the EU-U.S. Data Privacy Framework, UK Extension to the EU-U.S. Data Privacy Framework, and the Swiss-U.S. Data Privacy Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Economic Area, United Kingdom, and Switzerland to the United States. Provectus has certified to the Department of Commerce that it adheres to the Data Privacy Framework Principles. If there is any conflict between the terms in this privacy policy and the Data Privacy Framework Principles, the Data Privacy Framework Principles will govern.  To learn more about the Data Privacy Framework Program, please visit www.dataprivacyframework.gov. To view our certification, please click here.

  • A. Scope. Our certification of commitment to adhere to the Data Privacy Framework Principles applies to the personal data (a) we collect from customers and visitors of our website (“Provectus User Data”) and (b) that we process on behalf of our customers under an agreement (“Provectus Services Data”).
  • B. Data Processed. The Provectus User Data that we collect, use, and share is described in our Privacy Policy, Section 3. We process Provectus Services Data as instructed by our customers.
  • C. Purpose of Data Processing. The purposes for which we collect, use, and share Provectus User Data are described in our Privacy Policy, Section 4. We process Provectus Services Data as instructed by our customers and in response to contractual commitments.
  • D. Third Parties Who Receive Personal Data. We share Provectus User Data as described in our Privacy Policy. We may share Provectus Services Data with the following third parties in accordance with our agreements with Customers.
  • E. Affiliates. We may disclose Provectus User Data to our subsidiaries and corporate affiliates for use consistent with this Privacy Policy.
  • F. Service Providers. We may employ third-party service provider companies and individuals to provide, improve, and protect the Services on our behalf. We maintain contracts with service providers that restrict their access, use, and disclosure of personal data in compliance with our Data Privacy Framework obligations, including the onward transfer principle, we may be liable if they fail to meet those obligations and we are responsible for the event giving rise to damage.
  • G. Legal Requirements. We may disclose Provectus Services Data to (a) comply with applicable law, regulation, legal process, or government request, including to meet national security or law enforcement requirements, (b) protect any person from death or serious bodily injury, (c) prevent fraud, abuse, or security issue of Provectus or other users, and (d) to protect Provectus’ or its licensors’ rights, property, safety, or interest.
  • H. Business Transfers. Provectus may sell, transfer, or otherwise share some or all of its assets, including Provectus Services Data, in connection with a merger, acquisition, reorganization, or sale of assets, or in the event of bankruptcy.
  • I. Rights to Access, Limit Use, or Limit Disclosure. We will handle requests to access, correct, amend, or delete Provectus User Data in accordance with our Privacy Policy. Provectus does not have relationships with individuals whose personal data is contained in Provectus Services Data submitted by a Customer. An individual who seeks to access, correct, or delete personal data provided to us as Provectus Services Data by one of our Customers should direct their request to the Customer. With our Data Privacy Framework self-certification, we have committed to respect those rights. We will help our Customer fulfill your request in accordance with our Customer’s instructions.
  • J. Disputes. JAMS is the US-based independent organization responsible for reviewing and resolving complaints about our Data Privacy Framework compliance – free of charge to you. Please first submit any such complaints directly to us via legal@provectus.com. If you aren’t satisfied with our response, please contact JAMS at www.jamsadr.com/eu-us-data-privacy-framework.  In the event your concern isn’t addressed by JAMS, you may be entitled to binding arbitration granted under the Data Privacy Framework Program and its principles to resolve complaints as described here.
  • K. U.S. Federal Trade Commission Enforcement. Provectus’s commitment under the Data Privacy Framework is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. If there is any conflict between this Data Privacy Framework Notice and the Data Privacy Framework Principles, the Data Privacy Framework Principles will take precedence.
  • L. Requirement to Disclose. In certain situations, Provectus may be required to disclose personal information that we process under the Data Privacy Framework in response to lawful requests by public authorities, including to meet national security, to enforce contractual obligations, or to meet law enforcement requirements.
  • M. Changes to this Notice. We reserve the right to amend this Notice from time to time consistent with the Data Privacy Framework Program requirements.
  • N. Contact Us. See the contact information listed in Section 14.

13. Future changes to our Privacy Policy

Your privacy is important to us and Provectus is committed to our privacy practices being up-to-date with prevailing best practices and changes in local laws, regulations, and data protection standards and technology.

Given this, we may change our Privacy Policy from time to time and will notify you by posting an updated version of our Privacy Policy on our website.

14. How to contact us

If you have any questions about our Privacy Policy, wish to opt out of our Privacy Policy, or have any complaint regarding the treatment of your privacy or personal information by us, please contact us by sending an email to legal@provectus.com

If you contact us requesting access to your information, we will respond within 30 days.

To stop receiving our promotional emails, please send an email to info@provectus.com or follow the instructions in any promotional message you get from us.

This Policy was last updated on December 11, 2023

 (view the prior version here).