Last Modified: 12/12/2022
Any entity accessing or using the Sites and/or Services (“you”) represents and warrants that you accept the data practices and terms described in this Policy and as applicable, the Terms of Service and End User Terms. If you do not agree with this Policy, please discontinue your use of the Sites and Services immediately.
CHANGES TO THIS POLICY:
We may revise this Policy from time to time and without prior notice to you. Except as otherwise noted in this Policy, such changes may apply to any personal information we already hold about you or personal information collected after the Policy is modified. Changes will be posted on this page and are effective as of the “Last Modified” date at the top of this Policy. Please visit this page regularly so that you are aware of our latest updates. Continuing to access or use the Sites or Services after any changes become effective indicates your acceptance of the revised Policy.
In addition, we may provide you with “just-in-time” disclosures or additional information about the data processing practices of specific parts of our Sites or Services. Such notices may supplement this Policy or provide you with additional choices about how we process your personal information.
OUR RELATIONSHIP TO YOU:
To understand Invoice Simple’s data protection obligations and your rights to your Personal Data under this Policy, it is important that you identify which relationship(s) you have with Invoice Simple.
“Customers” refers to anyone utilizing the Services to save or transmit an invoice or estimate, including registered users of the Invoice Simple Services with either paid and/or free and trial accounts. As the Invoice Simple service is designed for business customers, all Customers should interact with us and provide data to us in their business capacity. Invoice Simple has a “data controller” or direct relationship with Customers using and accessing the Sites and Services with regard to their own Personal Data. Authorized users of a Customer’s Invoice Simple paid, free, and/or demo account are collectively and individually referred to as “Customers.”
“Users” refers to individuals or companies doing business with a Customer utilizing Invoice Simple Services whether your data was entered by the Customer or whether you enter it on a form hosted by Invoice Simple on behalf of a Customer. Invoice Simple has a “data processor” relationship with Users and will collect your Personal Data solely on behalf of a Customer. Your agreement with the relevant Customer should explain how the Customer shares your Personal Information with Invoice Simple and other third parties, and if you have questions about this sharing, then you should direct those questions to the Customer.
“Visitors” refers to any individual accessing the Sites as well as to any individual submitting Personal Data via the Sites for any reason including, but not limited to entering data into any invoice or estimate or other form hosted on the Sites, submitting a “contact us” or other online inquiry form, subscribing to a newsletter or blog, registering for a demo or webinar, or completing an online survey. Invoice Simple has a “data controller” or direct relationship with all Visitors accessing or submitting Personal Data via the Sites for any reason.
This Policy does not apply to information processed by third parties, including but not limited to third parties with which Invoice Simple integrates to provide payment processing services. When you visit a third-party website or interact with third party services including those you may access by following a link from the Sites or those with whom we may share information as set forth in this Policy, you acknowledge that your use and access to any third-party services in conjunction with Invoice Simple Services is solely at your own risk. Please review any third parties’ privacy policies before disclosing information to them.
“Personal Data” means any information about an identified or identifiable individual and any device information that may be linked with an identifiable individual. We collect and process the following types of information. Note: Specific Personal Data elements listed are provided for example only and are subject to change. We may create anonymous records from Personal Data for certain business purposes of Invoice Simple and our Affiliates as defined below. Any information that is anonymized or aggregated is no longer Personal Data and we may indefinitely use it, share it and retain it for any reason.
“Contact Data”: Personal Data about you used to contact you. For example: your name, company name, title, email address, physical address, phone number, or mobile phone number.
“Profile Data”: Personal Data related to a free or paid Customer account on our Services. For example: business name, phone number, mobile phone number, e-mail address, website, physical address and basic business and industry information, employer, colleague names, username, password, and credit card account information.
“User Data”: Personal Data of a Customer’s Users utilized by Invoice Simple on behalf of Customers to send invoices and/or estimates to and provide associated services to a Customer’s Users. For example: User name, User phone number, User postal address, and User email address. User Data may be entered by Customes utilizing our Services or by Users using our Services to do business with Customers on webpages we host on behalf of those Customers.
NOTE: By entering User Data into our systems via the Sites and/or Services, you understand that Invoice Simple is acting as a data processor providing services to you. You represent and warrant that you have the requisite authority to provide such Personal Data to us, and that the disclosure does not violate any applicable law or regulation, including but not limited to the Payment Card Industry Data Security Standard (PCI DSS), the Health Insurance Portability and Accountability Act (HIPAA), the California Consumer Privacy Act of 2018 (CCPA), the Personal Information Protection and Electronic Documents Act (PIPEDA), the EU General Data Protection Regulation (GDPR) or the UK General Data Protection Regulation (UK GDPR).
“Invoice & Estimate Data”: Any data included in an invoice or estimate created, transmitted, stored and/or viewed via the Services, and any data related to the payment status of an invoice or acceptance status of an estimate. Any data entered by Users as part of viewing or paying an invoice or estimate is considered Invoice & Estimate Data, as is any data entered by a Visitor in any online invoice, estimate, or client form accessible from the Sites. This includes any such data not classified as “User Data,” for example: items purchased, services utilized, discount rates, amounts due or overdue, shipping address and contact information, and any data entered in a free-form or custom field.
“Billing Data”: When you subscribe to a plan for our Services we collect information about your or your business’ payment methods, such as credit or debit card numbers, bank account numbers, and billing address.
“Support & Inquiry Data”: We collect information that you provide to us, such as when you create an account, submit a support ticket, engage in an online chat, email or call our sales or service team, enroll your mobile number for SMS messaging campaigns, respond to an in-product offer, when you comment to a blog, or when you email, call, write, fax or otherwise initiate contact with Invoice Simple regarding our Sites and/or Services. We record your contact information and support & inquiry details in our customer relationship management system and support ticketing system.
“Device Data”: When you download and use a Mobile App we may collect certain information automatically, such as the type of mobile device you use, your unique device ID, the IP address of your mobile device, your mobile phone number, your mobile operating system, the type of mobile internet browsers you use, geolocation information and information about the way you use the Mobile App.
“Performance & Log Data”: Information created by your use of our Sites and Services. For example: your IP address, browser type, operating system, command line information, diagnostic information related to the Sites (i.e. crash activity reports), the referring webpage, pages visited, date, your geolocation, your mobile carrier, your device and application IDs and search terms. Note that depending on the law of your country of residence, your IP address may legally be considered personally identifiable information.
“Cookies”: A cookie is a small amount of data generated by a website and saved by your web browser. Its purpose is to remember information about you, similar to a preference file created by a software application. In some cases, Cookies and similar automated data collection technologies may be used to collect personal information, or information that becomes personal information if we combine it with other information.
“Other Data”: Any other information that an individual provides to us. For example: survey responses, blog comments, or other communications submitted to Invoice Simple.
COLLECTION AND PROCESSING:
We collect your Personal Data through our Sites and Services. Our Sites are public, any information that is disclosed on our Sites may appear on search engines, or other publicly available platforms and may be “crawled,” searched and used by unaffiliated third parties. Please do not post any information that you do not want to reveal publicly.
Providing the Services: We process your Personal Data when you sign up for and use our Services with a free or paid account. For example, we use your Contact Data, and Profile Data to configure your account, your templates, and your user credentials, and to communicate with you as it relates to your use of the Services. If you provide a mobile phone number to us as part of your Profile Data, you are explicitly granting us permission to call or send text messages (which may be sent using an auto-dialer) related to your use of the Sites and Services to that number, which we may do at our discretion. We use User Data and Invoice & Estimate Data to enable Customers to utilize the Services to send invoices and estimates, to manage customer relationships, and to enable Users to view and pay invoices, to view and approve estimates, and to otherwise do business with Customers via the Services. We may share this Contact Data, Profile Data, and Invoice & Estimate Data with our service providers and partners to the extent necessary to provide you with the Services.
Invoice & Estimate Processing: We use User Data and Invoice & Estimate Data to create and transmit invoices and estimates on behalf of Customers via the Services. User Data and Invoice & Estimate Data may be used to communicate with a User on behalf of a Customer regarding an invoice or estimate.
Payment Processing: We use Billing Data to collect monthly subscription and usage fees associated with the Services as applicable. We use vaulted credit numbers to process authorized one-time transactions and to automatically process payments as part of recurring subscription payment schedules.
Customer Service: When you contact us through the Sites or Services, including submitting a “contact us” or other online inquiry form, subscribing to the Services, submitting a review, contacting customer support team, utilizing the chat function on our Sites, subscribing to a newsletter or blog, entering a contest, registering for a demo or webinar, completing an online survey or any other means, we may record your Contact Data and your Support & Inquiry Data in our customer relationship management system and use your Personal Data to respond to you. If you provide a mobile phone number to us, you are explicitly granting us permission to send text messages to that number to respond to your request and to contact you at that number via an auto-dialer, which we may do at our discretion.
Marketing: We may use your Personal Data including Contact Data and Support & Inquiry Data to keep you updated about our products and services and send you promotional material about Invoice Simple and as permitted by applicable law, on behalf of our parent company, affiliates, subsidiaries, joint ventures, or other companies under common control with us (collectively, “Affiliates”) and partner companies. Promotional materials may include marketing communications, online surveys, notifications regarding our events and webinars and those of our Affiliates and partners. If you provide a mobile phone number to us, you are explicitly granting Invoice Simple permission to send text messages, recorded messages, and/or use an auto-dialer to contact that number for marketing and promotional purposes, which we may do at our discretion. This consent is not a condition of purchasing Invoice Simple Services. You may opt-out of our marketing communications at any time.
Site Experience: We may use Profile Data and Device Data to tailor your experience on the Sites, provide content that we think might be of interest, and to display content according to your stated preferences.
Cookies & Similar Tech: When you access the Sites or Services or open one of our HTML emails, we may automatically record Performance & Log Data and Device Data, set Cookies, or use web beacons, pixel tags, click-stream tracking and similar automated data collection technologies. We use this Personal Data for essential and functional purposes including for site administration, to improve the performance and usability of the Sites and Services, and to analyze how users interact with the Sites and Services. On certain portions of our Sites and Services, we may collect Personal Data through these technologies for advertising, remarketing or other similar purposes.
Security & Enforcement: We process your Personal Data to enhance the security of our Sites and Services and to combat spam, malware or other security risks. This may include monitoring your activities on our Sites and Services. Without processing your Personal Data for such purposes, we may not be able to ensure the security of our Sites and Services. We may also process Personal Data to monitor, investigate, prevent and mitigate any alleged or actual prohibited, illicit or illegal activities or violations of our services and agreements with you. We may use your Personal Data to enforce agreements with third parties and collect fees based on your use of our Services.
Additional Processing: If we process Personal Data in connection with your use of the Sites or Services in a way not described in this Policy, this Policy will still apply generally (e.g. with respect to Your Rights and Choices) unless otherwise stated when you provide Personal Data.
Information we collect may be shared with a variety of parties depending upon the purpose for and context in which that information was provided. In all cases where we share Personal Data with third parties, we will use a “minimum necessary” standard to disclose only that information required for satisfying the purpose of or performing the service for which the information is disclosed. We generally transfer Personal Data as follows:
Consent: We will share your Personal Data in accordance with your consent for us to do so.
Customers: When Users make a purchase from a Customer using our Direct Payment Services, we may share Personal Data with that Customer except where that disclosure is prohibited by law, regulation or other obligations.
Service Providers: In connection with our general business operations, to enable certain features, and in connection with our other legitimate business interests, we may share your Personal Data with service providers or sub-processors who provide certain services or process data on our behalf. Our contracts with these service providers dictate that they only use your information in connection with the services they perform for us and you consent to our sharing of information with these parties by using our Sites, Services or Direct Payment Services subject to this Policy.
Affiliates: In order to streamline certain business operations, develop products and services that better meet the interests and needs of our customers, and inform our customers about relevant products and services, we may share a Customer’s or Visitor’s Personal Data with any of our current or future Affiliates. Customers and Visitors hereby agree to our sharing some or all of your information and Personal Data with our Affiliates. We never share User Data with Affiliates.
Third-Party Partners: When you complete an online inquiry form to which you were referred by a third-party partner, any information collected through the Invoice Simple hosted online inquiry form may be shared with the referring third party partner. We may share your Personal Data with third parties for marketing or adverting purposes, as permitted by law. For example, when you sign up for a webinar co-hosted by us and a third-party partner, we may share your Personal Data with the third-party partner. Third party partners may use your Personal Data for their own purposes subject to their own privacy policies.
Third-Party Integrated Services: Invoice Simple provides the ability to integrate the Services with certain third-party payment processing and other (“Integrated Services”). When you establish a connection between our Services and an Integrated Service, Invoice Simple may share all data in your account with the Integrated Service including data regarding User Data. Although, Invoice Simple facilitates the Integrated Services, Invoice Simple does not control the policies or procedures of third parties providing the Integrated Service. Third party providers of Integrated Services may collect, use, and share data and personal information subject to their own policies and procedures. You should consult such third party’s terms and privacy policies for their use of your information. You acknowledge that the use of Integrated Service is at your own risk. You are responsible for ensuring that your use of Integrated Services is compliant with all applicable laws. Invoice Simple may provide Personal Data to Integrated Service providers for their marketing purposes, if you have not opted out of such disclosure.
Business Transactions: Your Personal Data may be processed in the event of a business transaction, such as a merger, acquisition, liquidation, or sale of all or a portion of our assets. For example, Personal Data may be disclosed (subject to confidentiality restrictions) during the due diligence process for a potential transaction or may part of the assets transferred, in such case the acquiring company will possess any rights granted to us under this Policy.
Legal Disclosures: In limited circumstances, we may, without notice to you or your consent, access and disclose your Personal Data, any communications sent or received by you, and any other information that we may have about you to the extent we believe such disclosure is legally required, to prevent or respond to a crime, to investigate violations of our Terms of Service, End User Terms, or in the vital interests of us or any person or entity. Note, these disclosures may be made to governments that do not ensure the same degree of protection of your Personal Data as your home jurisdiction. We may, in our sole discretion (but without any obligation), object to the disclosure of your Personal Data to such parties.
We retain Personal Data for so long as necessary to service the purpose(s) for which your Personal Data was processed and for a reasonable time thereafter, or as necessary to comply with our legal obligations, to resolve disputes or enforce our agreements. While retention requirements can vary by jurisdiction, we generally apply the retention periods noted below:
Services Usage: We will retain Personal Data for as long as a Customer remains an active user of our Services and for a reasonable time thereafter, to serve the purpose(s) for which the Personal Data was processed. We may store any information about your activity on our Services, including Contact Data, Profile Data, Invoice & Estimate Data, Billing Data, Support & Inquiry Data, and any Other Data created, posted or shared by you while using our free or paid Services for as long as we deem it necessary or until you provide specific instructions to delete it, which may be indefinitely, or where a valid business reason exists for such storage such as retaining a comprehensive transaction history, maintaining the integrity of our systems and logs or for the establishment or defense of legal claims, audit and crime prevention purposes.
User Data: We may store on behalf of Customers, for as long as a valid business reason exists, which may be indefinitely, any Personal Information, including but not limited to Invoice & Estimate Data, collected about a User or other individual, whether entered directly into our systems by the User or whether entered by an authorized Customer via the Services.
Note that Customers control any consumer data we collect and process on their behalf, whether that Personal Data is entered by a consumer User via the Services or whether it is entered by a Customer via the Services, and it is up to the Customer to determine how long they will store their Users’ Personal Information in our systems.
Site Activity: We may store any information about your activity on our Sites or any Other Data created, posted or shared by you on our Sites for as long as we deem it necessary or until you provide specific instructions to delete it, which may be indefinitely, or where a valid business reason exists for such storage such as maintaining the integrity of our systems and logs or for the establishment or defense of legal claims, audit and crime prevention purposes.
Marketing: We store information used for marketing purposes indefinitely until you unsubscribe or provide specific instructions to delete it. When you unsubscribe from marketing communications, we add your contact information to our suppression list to ensure we respect your unsubscribe request.
Cookie Data: We retain any information collected via cookies, clear gifs, flash cookies, webpage counters and other technical or analytics tools up to one year from the expiry of the cookie or date of collection. Cookies owned by third parties may have other retention periods.
YOUR RIGHTS AND CHOICES:
Customers and Visitors with whom Invoice Simple has a data controller relationship have the following rights in relation to your Personal Data, in each case to the extent required/permitted under applicable law, and subject to our rights to limit or deny access or disclosure under applicable law.
Users and other consumers who do business with Customers utilizing Invoice Simple Services must contact the Customers utilizing Invoice Simple Services to exercise these rights. Users can request that the Customer provide you with access to the Personal Data Invoice Simple stores about you on its behalf, that it make changes to that Personal Data, and/or that the Personal Data be deleted from Invoice Simple systems. Invoice Simple cannot honor such requests directly from Users but will assist Customers with honoring them.
Access: Customers and Visitors with whom Invoice Simple has a data controller relationship, may request a list of your Personal Data that we process by submitting an official request in writing via email to address provided below.
Rectification: Customers and Visitors with whom Invoice Simple has a data controller relationship may correct any Personal Data that we hold about you by emailing us at the address provided below and indicating both the inaccurate and corrected information. Customers may also login to your Invoice Simple user account and modify your Personal Data.
Erasure: Customers and Visitors with whom Invoice Simple has a data controller relationship may request that we delete your Personal Data from our systems once per year by making an official request in writing via email to the address provided below and indicating the specific information you would like permanently deleted from our systems. Note that Customers who request removal of their Personal Data will no longer have access to any existing Invoice Simple account and will not be able to use any Invoice Simple product or service. Invoice Simple reserves the right to retain certain account information for its recordkeeping or compliance purposes.
Customers may also login to their Invoice Simple user account and delete any Profile Data, Contact Data or Customer Data to which they have access. However, to ensure that Personal Data is completely removed from our systems, you must submit an official request in writing to Invoice Simple at the address provided below, as using a system delete function may merely restrict viewing that data from any system interface and prevent utilizing that data for any system function rather than permanently deleting it.
Data Export: Customers and Visitors may request a copy of your Personal Data in a common portable format of our choice by submitting an official request in writing via email to the address provided below.
We may require that you provide additional Personal Data to exercise these rights, e.g., information necessary to prove your identity. We also reserve the right to retain this additional information for our recordkeeping or compliance purposes.
It is possible for you to access and use the Sites without providing any Personal Data, but you may not be able to access certain features or view certain content and some portions of the Sites may not function properly. You must provide Personal Data in order to utilize the Services. You have the following choices regarding Personal Data we process:
Consent: If you consent to processing you may withdraw your consent at any time to the extent required by law.
Cancellation: Customers may cancel their Invoice Simple accounts by contacting us using the contact information provided below.
Opt-Out: You may opt-out of all information collection from your mobile device by uninstalling the Mobile App. You may use the standard uninstall processes as may be available as part of your mobile device or via the mobile application marketplace or network.
You may opt-out of receiving marketing communications from us by following the opt-out instructions included in such communications. Any communications from us that are not service-related or transactional in nature will offer you an “unsubscribe” option. To the extent required by law, you may choose to opt-out of sharing Personal Data with third parties.
- You can visit the Google Ads Settings page here.
- You can use the Google Analytics Opt Out Browser add on.
- Digital Advertising Alliance’s opt-out page here allows you to opt out from receiving third party advertiser cookies.
- You can visit the Network Advertising Initiative opt-out page here.
- You can control Facebook’s use of interest-based ads through your Facebook account settings or can visit the customer support page here.
- To learn more about cookies and similar tracking technologies, and how they can affect your privacy, visit allaboutcookies.org.
As there is no consistent industry understanding of how to respond to “Do Not Track” signals, we do not alter our data collection and usage practices when we detect such a signal from your browser.
CALIFORNIA PRIVACY RIGHTS:
This section only applies to Customer and Visitor users of our Sites and Services with which we have a data controller relationship and that are residents of the State of California at the time of data collection. Rights in this section are in addition to the rights set forth above. California residents have certain additional rights subject to the California Consumer Privacy Act of 2018 (“CCPA”). Any residents of the State of California with whom Invoice Simple has a data processor relationship (Users) must contact the Customer(s) utilizing Invoice Simple Services to exercise these rights. Invoice Simple cannot honor such requests directly from Users or other consumers but will assist Customers with honoring them.
Consumer Information collected through the Sites and Services is collected for our use and/or the use of the Customer identified at the collection point and is not transferred to any third party for valuable consideration. However, if you are a California resident, you may send us specific instructions not to sell your personal information now or in the future. Such requests can be made via phone, email or in writing to the contact information provided below.
Access: You may request a list of your Personal Data that we process by submitting an official request in writing via email to address provided below.
Rectification: You may correct any Personal Data that we hold about you by emailing us at the address provided below and indicating both the inaccurate and corrected information. Customers may also make changes to Personal Data by logging into your Invoice Simple account.
Erasure: You may request that we delete your Personal Data from our systems that: is no longer necessary in relation to the purposes for which it was collected or otherwise processed; was collected in relation to processing that you previously consented to but later withdrew such consent; or was collected in relation to processing activities to which you object and there are no overriding legitimate grounds for our processing.
Data Export: You may request a copy of your Personal Data in a common portable format of our choice by submitting an official request in writing via email to the address provided below.
Third Parties: California law provides you have the right to receive the following information: the categories of information we disclosed to third parties for the third parties’ direct marketing purposes during the preceding calendar year; and the names and addresses of third parties that received such information or, if the nature of their business cannot be determined from the name, examples of the products or services marketed. You are entitled to receive a copy of this information in a standardized format and the information will not be specific to you individually. You may make this request by emailing us at the address provided below.
California residents have the right to exercise the privacy rights in this section twice within any 12-month period under the CCPA by contacting Invoice Simple at the contact information provided below. California residents may exercise these rights via an authorized agent who meets the agency requirements of the CCPA. Any request subject to CCPA is subject to an identification and residency verification process. We will not fulfill any CCPA request unless we have received sufficient information for us to verify the requestor is properly authorized to make such request and the request provides sufficient detail for us to properly understand, evaluate and respond.
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA: we will not deny you goods or services; charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties; provide you a different level or quality of good or services; or suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
We have implemented reasonable security measures designed to secure your Personal Data from accidental loss, unauthorized access, use, alteration and disclosure, however we do not provide any guarantee that your Personal Data will remain secure. We are not responsible for circumvention of any privacy settings or security measures contained on the Sites or Services. All information you provide to us is stored on our service providers’ servers which utilize industry standard security controls and maintain Payment Card Industry (PCI) Compliance where applicable; however, we do not have control over and will not be liable for third parties’ security processes. Any transmission of information or Personal Data is at your own risk.
If you believe that you have experienced unauthorized access or use of your account, please contact us immediately at [email protected]
Our services are neither directed at nor intended for direct use by individuals under the age of 18 or the age of majority in the jurisdiction where they reside. Further we do not intentionally gather information about such individuals. If we learn that we have inadvertently done so, we will promptly delete it. Do not access or use the Sites or Services if you are not the age of majority in your jurisdiction.
Invoice Simple operates in Canada and administers the Sites and Services from servers and data centers located in the United States and Canada. If you are accessing the Sites or Services from outside the United States and Canada, your Personal Data may be transferred to, stored, or processed in the United States and Canada and maintained on computers or servers located outside of your state, province, country, or other governmental jurisdiction where the privacy laws may not be as protective those in your jurisdiction. By accessing our Sites and Services, you understand and consent to the transfer of your information to the United States and Canada and to those third parties with whom we share it as described in this Policy. If you do not want your information transferred to or processed or maintained outside of the country or jurisdiction where you are located, you should not use our Sites or Services.
Please note, Invoice Simple acts as a data processor on behalf of its Customers and Customers are responsible for obtaining your consent relating to the collection, use, transfer and other processing of your Personal Data. Customers may provide additional notices to you containing additional limitations or permissions with respect to our processing of your Personal Data in order to comply with applicable law.
DESIGNATED COUNTRIES PRIVACY RIGHTS
This section only applies to users of our Service that are located in the European Economic Area, United Kingdom and/or Switzerland (collectively, the “Designated Countries”) at the time of data collection.
Invoice Simple markets its services in the United States, Canada, and United Kingdom. We may ask you to identify which country you are located in when you use some of the Services, or we may rely on your IP address to identify which country you are located in. When we rely on your IP address, we cannot apply the terms of this section to any individual that masks or otherwise hides their location information from us so as not to appear located in the Designated Countries. If any terms in this section conflict with other terms contained in this Policy, the terms in this section shall apply to users in the Designated Countries.
If you are located in the EEA/UK, you have certain rights under European/United Kingdom law with respect to your personal data, including the right to request access to, correct, amend, delete, port to another service provider, or object to certain uses of your personal data. You can learn more about these rights from www.knowyourprivacyrights.org.
If you are a Customer using or a Visitor to the Sites and/or Services and wish to exercise these rights, please reach out to us using the contact information below. If you are a User of a Customer who uses Invoice Simple’s platform and wish to exercise these rights, please contact the Customer you interacted with directly — we serve as a data processor on their behalf, and cannot honor any requests directly.
If you are unhappy with the response that you receive from us we hope that you would contact us to resolve the issue but you also have the right to lodge a complaint with the relevant data protection authority in your jurisdiction at any time.
Our Relationship to You. Invoice Simple is a data controller with regard to any personal information directly collected from Customer and Visitor users of its Sites and Services. A “data controller” is an entity that determines the purposes for which and the manner in which any personal information is processed. Any third parties that handle your personal information in accordance with our instructions are our service providers and are “data processors.”
Invoice Simple acts as a service provider to Customers and is a “data processor” with regard to any consumer Personal Information imported by Customers into our systems via our Services—whether that consumer Personal Information is entered directly into our systems by the consumer as a User or entered or imported by a Customer. As a “data processor” Invoice Simple does not have any direct control over the purposes for which and the manner in which any User personal information is processed; instead processing of this Personal Information is governed by data processing agreements between Invoice Simple and our Customers.
Legal Bases for Processing Personal Information. Below is a chart indicating the legal bases we rely on as a data controller for processing personal information of Users and Visitors.
Purposes of Processing
Legal Basis for Processing
Marketing. We will only contact individuals located in the Designated Countries by electronic means (including email or SMS) based on our legitimate interests, as permitted by applicable law, or the individual’s consent. When we rely on legitimate interest, we will only send you information about our Services that are similar to those which were the subject of a previous sale or negotiations of a sale to you or as otherwise permitted by applicable law.
If you do not want us to use your personal information in this way, or to disclose your personal information to third parties for marketing purposes, please go to the email settings for your account to opt out, click an unsubscribe link in your emails, exercise the “STOP” option in any text message, or contact us at the address provided below. You can object to direct marketing at any time and free of charge.
Individual Rights. We provide you with the rights described below when you use our Services. We may limit your individual rights requests (a) where denial of access is required or authorized by law; (b) when granting access would have a negative impact on other’s privacy; (c) to protect our rights and properties; or (d) where the request is frivolous or burdensome.
If you would like to exercise your rights under applicable law, please contact us using the information provided below. We may seek to verify your identity when we receive an individual rights request from you to ensure the security of your personal information.
Right to Withdraw Consent. For any consent-based processing of your personal information, you have the right to withdraw your consent at any time. A withdrawal of consent will not affect the lawfulness of our processing or the processing of any third parties based on consent before your withdrawal.
Right of Access. Upon your request, we will provide you with a copy of your personal information in our files without undue delay and free of charge, unless we are permitted by law to charge a fee. Your access may be limited to the extent it would adversely affect the rights and freedoms of other individuals.
Right to Rectification (or “Correction”). You may request to correct or update any of your personal information in our files. We may provide you with the ability to update some or all of your personal information directly via the Services.
Right to Erasure (or the “Right to be Forgotten”). Upon your request, we will erase any of your personal information in our files that: is no longer necessary in relation to the purposes for which it was collected or otherwise processed; was collected in relation to processing that you previously consented to, but later withdrew such consent; or was collected in relation to processing activities to which you object, and there are no overriding legitimate grounds for our processing.
Right to Restriction. You have the right to restrict our processing of your personal information where one of the following conditions applies:
- You contest the accuracy of your personal information that we processed. If you restrict processing based on this condition, you may experience an interruption of some or all of the Services during the period necessary for us to verify the accuracy of your personal information;
- The processing is unlawful and you oppose the erasure of your personal information and request the restriction of its use instead;
- We no longer need your personal information for the purposes of the processing, but it is required by you to establish, exercise or defense of legal claims; or
- You have objected to processing, pending the verification whether the legitimate grounds of our processing override your rights.
During the time which restriction of processing applies, we will only process your restricted personal information with your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest. We will inform you if or when the restriction is lifted.
Right to Object to Processing. You may object to our processing at any time and as permitted by applicable law if we process your personal information on the legal bases of: consent, contract, or legitimate interests. We may continue to process your personal information if it is necessary for the defense of legal claims, or for any other exceptions permitted by applicable law.
Right to Data Portability. If we process your personal information based in a contract with you or based on your consent, or the processing is carried out by automated means, you may request to receive your personal information in a structured, commonly used and machine-readable format, and to have us transfer your personal information directly to another “controller,” where technically feasible, unless exercise of this right adversely affects the rights and freedoms of others. Your right to data portability only applies to personal information provided by you to us.
Notification to Third Parties. When we fulfill your individual rights requests for correction (or rectification), erasure or restriction of processing, we will notify third parties also handling the relevant personal information unless this proves impossible or involves disproportionate effort. Upon your request, we will identify such third parties.
Right to Lodge Complaint. We commit to resolve complaints about our collection or use of your personal information. Individuals with inquiries or complaints regarding our Policy should first contact us at [email protected]. You also have a right to lodge a complaint with a competent supervisory authority situated in a Member State of your habitual residence, place of work, or place of alleged infringement. A list of Supervisory Authorities is available here: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm
If you have questions you may reach our Data Protection Officer at:
Attn: Privacy and DPO
400-112 Hastings St. W.
Vancouver, BC V6B 1G8
Email: [email protected]
or our United Kingdom representative at:
Highfield Court, Tollgate,
Chandler’s Ford, Eastleigh,
Hampshire, UK, SO53 3TY