THIS PRIVACY POLICY DESCRIBES HOW YOUR PERSONAL INFORMATION IS COLLECTED, USED, AND SHARED WHEN YOU VISIT, INTERACT WITH, OR MAKE A PURCHASE FROM WWW.XACTLIFE.COM (THE “SITE”).
Xact LLC (“Xact LLC”, “Xactlife”, “Xact”, “us”, “we” or “our”) is committed to protecting the privacy and confidentiality of Personal Information we may collect. Xact has created this privacy policy (“Privacy Policy”) to advise you about our information practices, such as the types of information we collect and how we may use that information, and to inform you about your privacy rights and how the law protects you. We urge you to read this Privacy Policy carefully to understand our policies and practices regarding your Personal Information and how we will treat it. By visiting any part of our Websites (as defined below) or otherwise providing Xact with Personal Information by any means, you accept and agree to the practices described in this Privacy Policy and your continued use of the Websites (following the posting of a revised privacy policy) means that you accept and agree to the terms of the revised privacy policy, so please check the policy periodically for updates.
This Privacy Policy applies to www.xactlife.com and all other websites, features, or online services that are owned or controlled by Xact and that post a link to this Privacy Policy (collectively, the “Websites”), whether accessed via computer, mobile device, or otherwise. Note, however, this Privacy Policy does not apply to use of unaffiliated websites that link to our Websites. Once you enter another website (whether through an advertisement, service, or content link), be aware that we are not responsible for the privacy practices of such other websites.
This Privacy Policy aims to give you information on how Xact collects and uses your Personal Information through your use of the Websites, including any information you may provide through the Websites when you sign up for an account, sign up to receive information or communications from us, interact with us on social media, purchase a product or service, or request further services or information from us.
It is important that you read this Privacy Policy together with any other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or using Personal Information about you so that you are fully aware of how and why we are using your information. This Privacy Policy supplements the other notices and is not intended to override them.
The Websites are not designed for, or directed to, children under the age of 16 and Xact does not intentionally collect information about anyone under the age of 16 on the Websites. If Xact discovers that it has inadvertently collected Personal Information from anyone younger than the age of 16, we will attempt to delete the information as soon as possible. If you believe that we might have any Personal Information from a child under 16, please contact us atprivacy@xact.com
This version was last updated on October 17, 2018 and historic versions can be obtained by contacting us.
We reserve the right, at any time and without notice, to add to, change, update or modify this Privacy Policy, simply by posting such change, update or modification on the Websites. Any such change, update or modification will be effective immediately upon posting on the Websites. If we make material changes to this Privacy Policy, we will notify you by email or by posting a notice of such changes at HTTP://WWW.XACTLIFE.COM/PAGES/PRIVACY-POLICY. However, unless you consent, Xact will not use your Personal Information in a manner materially different than what was stated in our posted Privacy Policy at the time your Personal Information was collected. Please check this Privacy Policy regularly to ensure you are aware of any changes in our practices.
It is important that the Personal Information we hold about you is accurate and current. Please keep us informed if your Personal Information changes during your relationship with us. You are responsible for maintaining the accuracy of the information you submit to us, such as your contact information. If you contact us with changes, we will make good faith efforts to make requested changes in our then-active databases as soon as reasonably practicable. Note, however, that information may persist internally for our administrative purposes and that residual data may remain on backup media or for other reasons.
The Websites may include links to third-party websites, plug-ins and applications and certain content on the Websites may be hosted and served by third parties that Xact does not control. When you click on a link to any other website or location, you will leave our Websites and go to another site and another entity may collect Personal Information from you. We have no control over, do not review, and cannot be responsible for, these outside websites or their content. Please be aware that the terms of this Privacy Policy do not apply to these outside websites, their privacy statements or content, or to any collection of your Personal Information after you click on links to such outside websites. We encourage you to read the privacy policies of every website you visit. The links to third party websites or locations are for your convenience and do not signify our endorsement of such third parties or their products, content or websites.
In addition, Xact content may be included on web pages and websites that are not associated with Xact and over which we have no control. These third parties may collect data through the use of their own cookies, pixel tags or other technology, independently collect information or solicit Personal Information, and may have the ability to track your use of their websites and services. Xact is not responsible for the privacy practices or the content of any third party.
Personal Information or personal data means any information about an individual from which that person can be identified. It does not include information where the identity has been removed (anonymous data).
We and our third-party service providers may collect, use, store and transfer different kinds of Personal Information about you that we have grouped together as follows:
We also collect, use and share AGGREGATED INFORMATION such as statistical or demographic information for any purpose. Aggregated Information may be derived from your Personal Information but is not considered Personal Information in law as this information does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Information with your Personal Information so that it can directly or indirectly identify you, we treat the combined information as Personal Information that will be used in accordance with this Privacy Policy.
We do not collect any SPECIAL CATEGORIES of Personal Information about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
III. HOW WE COLLECT YOUR PERSONAL INFORMATION
We use different methods to collect information from and about you including through:
Certain functionality on the Websites may permit interactions that you initiate between the Websites and a third party website or service (“THIRD PARTY INTERACTIONS”). Examples of Third Party Interactions may include technology that enables you to “like” or “share” content from the Websites on or to other websites or services; to transmit content to the Websites from your account on a third party website or service; to otherwise connect the Websites to a third party website or service, such as through an application programming interface (API) made available by Xact or a third party; or for users to register for an account and login through social networking sites such as Facebook and Google (each an “SNS”). By registering or logging in through a SNS, you are allowing the Websites to access your information and you are agreeing to the SNS’s Terms of Use and Privacy Policy in your use of such services. We may receive information from the SNS to make it easier for you to create an account with us. Any information that we collect from your SNS account may depend on the privacy settings you have with that SNS, so please consult the SNS’s privacy and data practices.
If you choose to use Third Party Interactions, information you post or provide access to may be publicly displayed on the Websites or by the provider of the Social Feature that you use. Similarly, if you post information on a third party platform that references the Websites (e.g., by mentioning one of the Websites or using a hashtag associated with one of the Websites in a tweet or status update), your post may be published on our Websites in accordance with the terms of the third party website or service. Also, both Xact and the third party may have access to certain information about you and your use of the Websites and the third party website or service. In addition, we may receive information about you in connection with other users’ use of Third Party Interactions (e.g., we may learn that you are a “friend” or “connection” of the third party or receive other information about you that the other user enables us to receive).
The information we collect in connection with Third Party Interactions is subject to this Privacy Policy. The information collected and stored by the third party remains subject to the third party’s privacy practices, including whether the third party continues to share information with us, the types of information shared, and your choices with regard to what is visible to others on that third party website or service.
Xact works with certain third parties (including network advertisers, ad agencies, and analytics companies) to provide us with information regarding traffic on the Websites, to serve advertisements, including our advertisements elsewhere online, and to provide us with information regarding the use of the Websites and the effectiveness of our advertisements. These third parties may use Device Identifier and Usage Data to compile reports on user activity. For example, if you clicked on one of our advertisements that led you to one of the Websites, our service provider(s) may be able to tell us which advertisement you clicked on and where you were viewing the advertisement. These third parties may set and access their own tracking technologies (including cookies, embedded scripts, and pixel tags) and may otherwise collect or have access to your Device Identifier, Usage Data and related information about you. Cookies and pixel tags, including those set by third party network advertisers, may be used to, among other things, target advertisements, prevent you from seeing the same advertisements too many times, conduct research regarding the usefulness of certain advertisements to you, and assist in providing analytics.
These third parties may also transfer Device Identifier and Usage Data to other third parties where required to do so by law, or where such third parties process analytics information on their behalf. Each of these third party’s ability to use and share Device Identifier and Usage Data is restricted by their respective Terms of Use and Privacy Policy. By using our Websites, you consent to the processing of data about you by these third parties in the manner and for the purposes set out above. For a full list of third party analytics services, please contact us at privacy@xactlylife.com.
We may share Device Identifier and Usage Data about visitors with third party advertising companies, analytics providers and other vendors for similar purposes. While we may use a variety of service providers to perform advertising and analytics services, some of these companies may be members of the Network Advertising Initiative ("NAI”) or the Digital Advertising Alliance ("DAA") Self-Regulatory Program for Online Behavioral Advertising.
For additional information regarding targeted advertising and the “opt-out” procedures of NAI members and DAA Self-Regulatory Program participating companies, you may visit:
Please note that opting out through these mechanisms does not opt you out of being served advertising. You will continue to receive generic ads while visiting the Websites and elsewhere online. Some third parties may collect Personal Information about your online activities over time and across different websites.
Your browser settings may allow you to automatically transmit a “Do Not Track” signal to websites and online services you visit. However, there is no consensus among industry participants as to what “Do Not Track” means in this context. Like many websites and online services, the Websites currently do not respond to or alter their practices when they receive a “Do Not Track” signal from a visitor’s browser. To find out more about “Do Not Track,” you may wish to visit http://www.allaboutdnt.com.
We may use the information we collect about you, including Personal Information and Usage Data:
In addition to the above, we may use anonymous data to analyze request and usage patterns so that we may enhance the content of our services and improve navigation on the Websites. We reserve the right to use anonymous data for any purpose and disclose anonymous data to third parties in our sole discretion.
We may use your Identity, Contact, Technical, Usage and Profile Information to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services, and offers may be relevant for you.
You will receive newsletters or marketing communications from us if you have requested information from, purchased goods or services from us, or if you provided us with your details when you entered a competition or registered for a promotion and, in each case, you have consented to receive marketing communications at that time.
A cookie is a data file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server. Cookies may be either “persistent” cookies or “session” cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed. Cookies do not typically contain any information that personally identifies a user, but Personal Information that we store about you may be linked to the information stored in and obtained from cookies.
We may use both session cookies and persistent cookies to provide you with a more personal and interactive experience on our Site. This type of information is collected to make the Websites more useful to you and to tailor the experience with us to meet your special interests and needs.
Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. You can, however, obtain information about blocking and deleting cookies for some commonly used browsers via the links below:
Please note that blocking all cookies will have a negative impact upon the usability of many websites and if you choose to block cookies, you may not be able to use all the features on our Websites.
We may share non-personally identifiable information, such as aggregated user statistics, in our discretion and without restriction.
We may disclose the information we have collected about you, including Personal Information, as disclosed at the time you provide your information, with your consent, as described in this Privacy Policy, or in the following circumstances:
Xact may, and reserves the right to, share your information with any other company that is not presently, but becomes, an Xact parent, subsidiary, or affiliate.
You may be presented with an opportunity to receive information and/or marketing offers from Xact and our affiliated businesses, partners and agents. If you agree at that time to receive such communications, your Personal Information will be disclosed to that third party (or parties). For more information, please refer to the Marketing Communications section.
Third Party Service Providers
We may share personal information with third party service providers in connection with the performance of services to, or on behalf of, Xact and the Websites, including to conduct quality assurance testing; to facilitate creation of accounts; to provide technical support; and/or to provide other services to Xact.
SHOPIFY
Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you.
Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.
Payment:
If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
For more insight, you may also want to read Shopify’s Terms of Service (https://www.shopify.com/legal/terms) or Privacy Statement (https://www.shopify.com/legal/privacy).
THIRD-PARTY SERVICES
In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.
For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
In particular, remember that certain providers may be located in or have facilities that are located a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
As an example, if you are located in Canada and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act.
Once you leave our store’s website or are redirected to a third-party website or application, you are no longer governed by this Privacy Policy or our website’s Terms of Service.
Links
When you click on links on our store, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.
By using our website, you (the visitor) agree to allow third parties to process your IP address, in order to determine your location for the purpose of currency conversion. You also agree to have that currency stored in a session cookie in your browser (a temporary cookie which gets automatically removed when you close your browser). We do this in order for the selected currency to remain selected and consistent when browsing our website so that the prices can convert to your
Administrative & Legal Reasons
We may transfer and disclose information, including Personal Information, to third parties:
We may also use Technical Information to identify users, and may do so in cooperation with copyright owners, Internet service providers, wireless service providers, or law enforcement agencies in our discretion.
Social Networking Sites
As set forth in Section IV, our Websites and services enable you to post content to SNSs. If you choose to do this, we will provide information to such SNSs in accordance with your elections. You acknowledge and agree that you are solely responsible for your use of those websites and that it is your responsibility to review the terms of use and privacy policy of the applicable SNS. We will not be responsible or liable for: (i) the availability or accuracy of such SNSs; (ii) the content, products or services on or availability of such SNSs; or (iii) your use of any such SNSs.
Community Features
As set forth in Section III, our Websites and services enable you to post User Content through Community Features. If you choose to use these features, you will be identified by your first name and last initial. Please note that any Personal Information you include on a public area of the Site will be publicly viewable. Once displayed publicly, that information can be collected and used by others. We cannot control who reads your postings or what other users may do with the information that you voluntarily post, so it is very important that you do not put data such as private contact information that you do not want to make available to the public in your posts. Once you have posted information publicly, while you will still be able to edit and delete it on the Site, you will not be able to edit or delete such information cached, collected, and stored elsewhere by others (e.g., search engines).
We require all third parties to respect the security of your Personal Information and to provide the same level of privacy protection as required by this Privacy Policy.
Xact may also disclose and transfer your Personal Information: (i) to a subsequent owner, co-owner or operator of the Websites or applicable database, or of our products or services; (ii) if Xact (or any of its affiliated, parent, or subsidiary companies) assigns its rights regarding any of your information to a third party; or (iii) in connection with or during negotiation of a corporate merger, financing consolidation, restructuring, the acquisition or dissolution transaction or proceeding involving sale, transfer, divestiture, or disclosure of all or a portion of our business or assets including, without limitation, during the course of any due diligence process. In the event of an insolvency, bankruptcy, or receivership, Personal Information may also be transferred as a business asset. If another company acquires our company, business, or assets, that company will possess the Personal information collected by us and will assume the rights and obligations regarding your Personal information as described in this Privacy Policy. These transfers and disclosures may be carried out without notice to you.
You have several choices regarding the use of information on our Websites and services:
You can review, request access to, update, correct or delete your Personal Information by contacting us at privacy@xactlife.com.
You may request deletion of your Personal information by contacting us and we will use commercially reasonable efforts to honor your request, but please note that we may be required to keep such information and not delete it (or to keep this information for a certain time, in which case we will comply with your deletion request only after we have fulfilled such requirements). When we delete any information, it will be deleted from the active database, but may remain in our archives. We may also retain information for fraud prevention or similar purposes. Also, note that we may need to delete your user account in order to delete your Personal Information.
You are responsible for maintaining the accuracy of the information you submit to us, such as your contact information. If you contact us with changes, we will make good faith efforts to make requested changes in our then-active databases as soon as reasonably practicable. Note, however, that information may persist internally for our administrative purposes and that residual data may remain on backup media or for other reasons.
We will only send you direct marketing emails or other similar communications if you opt-in to receive such emails. In the future, if you do not wish to have your e-mail address or other contact information used for promotional purposes, you may indicate a preference to stop receiving further communications from us and can “opt-out” by following the unsubscribe instructions provided in the e-mail you receive or by contacting us directly (please see contact information in Section A above). Where you opt out of receiving these marketing messages, this will not apply to Personal Information provided to us as a result of the purchase of any service or other transaction and we may send you service related communications, including notices of any updates to our Terms of Use or Privacy Policy.
You may choose not to provide us with any Personal Information. In such an event, you may still be able to access and use some of the Websites; however you may not be able to access and use those portions of the Websites that require your Personal Information. You may opt out of receiving marketing e-mails by following the opt-out instructions above or provided to you in those e-mails. Please note that we reserve the right to send you certain communications relating to your account or use of any of the Websites (for example, administrative and service announcements, shipping notices, and order confirmations) and these transactional account messages may be unaffected if you opt-out from marketing communications.
Where we need to collect Personal Information by law, or under the terms of a contract we have with you and you fail to provide that information when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.
We strive to provide you with choices regarding certain Personal Information uses, particularly around marketing and advertising. You can opt-out of such communications as outlined in Section B, above
Please note that you may continue to receive service-related and other non-marketing communications.
As set forth in Section IV, our Websites and services enable you to interact with or post content to certain third parties and SNSs. If you would like to discontinue these interactions and connections, please refer to the privacy settings of the third party or SNS to determine how you may adjust our permissions and manage the interactivity between the Services and your social media account.
Xact uses commercially reasonable security measures to safeguard the Personal Information we collect from loss, misuse and unauthorized access, disclosure, alteration and destruction. However, please note that no system can be completely secure and Xact does not ensure or warrant the security of any information we collect. You use our Websites and provide us with your information at your own risk.
We have put in place procedures to deal with any suspected Personal Information breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
The Websites are hosted and operated in the United States and Xact and its third party service providers and partners operate in the United States and other jurisdictions. If you are located outside of the United States, please be aware that any information you provide to us may be transferred to and processed in the United States and other countries. By using the Websites, or providing us with any information, you acknowledge and consent to this transfer, processing and storage of your information in countries where the privacy laws may be less stringent than those in the country where you reside or are a citizen.
Pursuant to California Civil Code Section 1798.83, residents of the State of California have the right to request from companies conducting business in California certain information regarding Xact’s disclosure within the immediately preceding calendar year of that California resident’s personal information to third parties (and in some cases, affiliates) for their direct marketing purposes.
If you are a California resident and you have questions about our practices with respect to sharing information with third parties and affiliates for their direct marketing purposes, please send your request to the following email address: privacy@xactlife.com or write to us at the following mailing address: Xact LLC., Attn: Privacy, 99 E. C St Suite 103, Upland, CA 91786. You must put the statement "Your California Privacy Rights" in the subject field of your e-mail or include it in your writing if you choose to write to us at the designated mailing address. You must include your name, street address, city, state, and ZIP code. We are not responsible for notices that are not labelled or sent properly, or do not have complete information.
If you have any questions or concerns regarding our privacy policy or practices, please feel free to contact us via email at privacy@xactlife.com. We can also be contacted by mail at:
Xact LLC.
Attn: Privacy
99 E. C Street, Suite 103
Upland, CA 91786
References to “Personal Information” in this Privacy Policy are equivalent to “Personal Data” governed by European data protection legislation.
We will only use your personal data when the law allows us to do so. Most commonly, we will use your Personal Information in the following circumstances:
Generally, we do not rely on consent as a legal basis for processing your Personal Information other than in relation to sending marketing communications to you via email. You have the right to withdraw consent to marketing at any time by contacting us using the contact information provided above.
We have set out below, in a table format, a description of the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate. Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us if you need details about the specific legal ground we are relying on to process your personal data where more than one ground has been set out in the table below.
PURPOSE/ACTIVITY
|
TYPE OF INFORMATION
|
LAWFUL BASIS FOR PROCESSING INCLUDING BASIS OF LEGITIMATE INTEREST
|
To register you as a new customer or user
|
(a) Identity (b) Contact (c) Profile
|
Performance of a contract with you and/or taking steps, at your request, to enter such a contract
|
To process and deliver products and services including: (a) Manage payments, fees and charges (b) Collect and recover money owed to us
|
(a) Identity (b) Contact (c) Financial (d) Transaction (e) Marketing and Communications
|
(a) Performance of a contract with you and/or taking steps, at your request, to enter such a contract (b) Necessary for our legitimate interests (to recover debts due to us)
|
To manage our relationship with you which will include: (a) Notifying you about changes to our terms or Privacy Policy (b) Asking you to leave a review or take a survey
|
(a) Identity (b) Contact (c) Profile (d) Marketing and Communications
|
(a) Performance of a contract with you and/or taking steps, at your request, to enter such a contract (b) Necessary to comply with a legal obligation (c) Necessary for our legitimate interests (to keep our records updated and to study how customers use our products/services)
|
To enable you to participate in sweepstakes, contests and promotional activities or complete a survey
|
(a) Identity (b) Contact (c) Profile (d) Usage (e) Marketing and Communications
|
(a) Performance of a contract with you and/or taking steps, at your request, to enter such a contract (b) Necessary for our legitimate interests (to study how customers use our products/services, to develop them and grow our business)
|
To administer and protect our business and the Websites (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)
|
(a) Identity (b) Contact (c) Technical (d) Usage (e) Location |
(a) Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganization or group restructuring exercise) (b) Necessary to comply with a legal obligation
|
To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you
|
(a) Identity (b) Contact (c) Profile (d) Usage (e) Marketing and Communications (f) Technical (g) Location
|
Necessary for our legitimate interests (to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy)
|
To use data analytics to improve our website, products/services, marketing, customer relationships and experiences
|
(a) Technical (b) Usage
|
Necessary for our legitimate interests (to define types of customers for our products and services, to keep our websites updated and relevant, to develop our business and to inform our marketing strategy)
|
To make suggestions and recommendations to you about goods or services that may be of interest to you |
(a) Identity (b) Contact (c) Technical (d) Usage (e) Profile
|
Necessary for our legitimate interests (to develop our products/services and grow our business)
|
To allow participation in Community Features |
(a) Identity (b) Profile (b ) User Content |
(a) Performance of a contract with you and/or taking steps, at your request, to enter such a contract (b) Necessary for our legitimate interests (to study how customers use our products/services, to develop them and grow our business, to allow user interaction on the Websites) |
This Privacy Policy is issued on behalf of Xact LLC.
If you have any questions about this Privacy Policy, including any requests to exercise your legal rights, please contact us using the details set out below.
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
In some circumstances, you can ask us to delete your data: see the Request Erasure subsection below for further information.
In some circumstances we may anonymize your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.
If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis that allows us to do so.
Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
Under certain circumstances, EU Residents may have rights under data protection laws in relation to your personal data as outlined below:
If you wish to exercise any of the rights set out above, please contact privacy@xactlife.com.
No Fee Usually Required
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
What We May Need From You
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
Time Limit To Respond
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
Complaints to Supervisory Authority
EU Residents may have the right to make a complaint at any time to the supervisory authority for data protection issues. However, we would appreciate the chance to deal with your concerns before you approach the supervisory authority so please first contact us directly to allow us to do so.