Elyptix Documentation

Appearance

Privacy Policy

Last Updated: January 30th, 2025

Introduction

Welcome to Elyptix Inc. ("Elyptix," "we," "our," or "us"). At Elyptix, we understand that your privacy is of paramount importance, and we are deeply committed to protecting your personal information. This Privacy Policy is designed to provide you with comprehensive information about how we collect, use, disclose, and safeguard your information when you use our application offerings or our websites (collectively, the "Services").

By accessing or using our Services, you acknowledge that you have read, understood, and agree to be bound by all the terms outlined in this Privacy Policy. This agreement creates a legally binding relationship between you and Elyptix. If you do not agree with our policies and practices, you should not use our Services. Your continued use of our Services following the posting of any changes to this Privacy Policy constitutes your acceptance of such changes.

Scope of This Privacy Policy

This Privacy Policy applies to all information collected through our Services, regardless of how it is collected or stored. This includes:

All Elyptix Applications: Our privacy practices extend across our entire suite of business applications, including but not limited to:

  • Elyptix Web: Our web platform for building and managing dynamic websites
  • Elyptix Engine: Our dynamic database application for workflow automation
  • Elyptix Time: Our time tracking and scheduling application
  • Elyptix Tasks: Our comprehensive task management system
  • Elyptix Telematics: Our vehicle tracking and fleet management solution

Platform Components: This policy covers all aspects of our platform, including:

  • User interfaces and dashboards
  • Mobile applications and web browsers
  • APIs and Integrations
  • Backend systems and databases
  • Communiction channels and notification systems
  • Analytics and reporting tools

User Interactions: This policy applies to all forms of user interaction with our Services, including:

  • Account creation and management
  • Content creation and publication
  • Inter-user communications and collaboration
  • Data input and processing
  • System administration and configuration
  • Customer support interactions

Definitions

To ensure clarity throughout this Privacy Policy, we define key terms as follows:

Personal Information means any information relating to an identified or identifiable natural person ('data subject'). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

Processing means any operation or set of operations which is performed on personal information or on sets of personal information, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

User means any individual who interacts with our Services, including, but not limited to, visitors to our website, individuals who register for an account, organizational administrators, employees, contractors, and any other individuals who access or use our Services.

Service Provider means any natural or legal person who processes information on behalf of Elyptix. This term refers to third-party companies or individuals employed by us to facilitate our Services, provide the Services on our behalf, perform Service-related services, or assist us in analyzing how our Services are used.

Data Controller means the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal information. For the purposes of this Privacy Policy, we are a Data Controller of your personal information.

Data Processor means a natural or legal person, public authority, agency, or other body which processes personal information on behalf of the Data Controller.

Cookies are small files that are placed on your computer, mobile device, or any other device by a website, containing details of your browsing history on that website among its many uses.

Information We Collect

We collect several categories of information from and about users of our Services in order to provide you with these Services. The specific types of information we collect depends on the Services you use, how you use them, and the information you choose to provide.

Information You Provide to Us

We collect information that you directly provide to us, including but not limited to the following:

  1. Account Information

    • Name and contact details
    • Email address
    • Password (when not using Google Sign-In)
    • Google Account information (when using Google Sign-In)
    • Organization/business details
    • Profile information

  2. Identity Verification

    • Proof of identity documentation (when required for account recovery)
    • Authentication credentials

  3. Payment Information

    • Payment card details
    • Billing addresses
    • Transaction history

  4. Content

    • Website content
    • Images and videos
    • Documents and files
    • Comments and messages
    • Database entries
    • User feedback and testimonials
    • Data and content you enter, submit, or upload to our Services

  5. Communication Preferences

    • Email newsletter preferences
    • Push notification settings
    • Communication history

Information We Collect Automatically

When you use our Services, we automatically collect certain information, including but not limited to:

  1. Device Information

    • IP addresses
    • Browser type and version
    • Device type and model
    • Operating system
    • Mobile device identifiers
    • Time zone settings
    • Screen resolution
    • Language and Keyboard Settings
    • Internet Service Provider information
    • Date/time stamps

  2. Usage Information

    • Access times and dates
    • Pages viewed
    • Features used
    • User interactions
    • Error logs

  3. Location Information

    • Geolocation data (with consent)
    • Geographic location derived from IP address
    • Geographic location of your devices or vehicles

  4. Cookies and Similar Technologies

    • Essential cookies for Service operation
    • Analytics cookies
    • Session cookies
    • Note: Our Services do not respond to "Do Not Track" signals

Information We Collect from Third Parties

We may receive additional information about you from third parties and combine it with the information we collect directly. This includes:

  1. Service Providers and Partners

    • Payment processor information
    • Analytics data from service providers
    • Marketing and advertising data
    • Customer support interactions
    • Integration partner data

  2. Public Sources

    • Publicly available social media information
    • Professional and business directories
    • Government databases and records
    • News and media sources
    • Public records

  3. Business Partners

    • Lead and referral information
    • Joint marketing partner data
    • Event and webinar registration data
    • Survey and research data
    • Business contact information

  4. Identity Verification Services

    • Identity verification results
    • Fraud prevention data

How We Use Your Information

The following section outlines the various ways in which we process and utilize the information we collect. By using our Services, you acknowledge and consent that we may use your information in the following ways, to the fullest extent permitted by applicable law:

  1. Service Provision and Improvement

    • Operating, maintaining, and delivering our Services through any means necessary
    • Enhancing and optimizing user experience based on collected data
    • Researching, developing, testing, and implementing new features and functionality
    • Providing technical assistance and customer support services
    • Processing and facilitating payments and transactions
    • Debugging and resolving technical issues
    • Making modifications to better serve our users' needs
    • Conducting necessary operational and administrative activities

  2. Communication and Notifications

    • Distributing critical service updates and announcements
    • Delivering marketing communications and promotional materials
    • Sending email newsletters and subscription-based content
    • Implementing and managing push notification systems
    • Responding to user inquiries and support requests
    • Facilitating user-to-user communications
    • Sending automated system messages and alerts
    • Providing information about service changes or updates

  3. Analytics, Research and Development

    • Analyzing and understanding user behavior patterns
    • Tracking and measuring service usage and interactions
    • Creating and maintaining aggregated user profiles
    • Conducting market research and analysis
    • Generating statistical and analytical reports
    • Performing technical and business analysis
    • Testing new features and functionality
    • Evaluating service performance metrics
    • Identifying trends and patterns in user behavior

  4. Security, Compliance and Protection

    • Detecting, preventing, and addressing fraud and potential abuse
    • Enforcing our Terms of Service, Acceptable Use Policy, and other agreements
    • Protecting user safety and platform integrity
    • Responding to legal requests and requirements
    • Preventing harm to our users and Services
    • Maintaining audit logs for security purposes
    • Implementing and updating security measures
    • Conducting security assessments and threat analysis
    • Investigating suspicious activities
    • Verifying user identity and authentication

  5. Business Intelligence and Strategic Planning

    • Analyzing business trends and market conditions
    • Understanding customer demographics and preferences
    • Improving and expanding our service offerings
    • Making strategic business decisions
    • Evaluating market opportunities
    • Planning product development
    • Assessing competitive positioning
    • Optimizing business operations
    • Measuring business performance
    • Forecasting business needs

  6. Purpose and Legal Basis for Collection

    • Fulfilling contractual obligations to provide our services effectively
    • Meeting legal and regulatory compliance requirements
    • Supporting legitimate business interests while respecting privacy rights
    • Improving service quality and user experience
    • Protecting platform security and preventing abuse

We collect and process personal information based on specific legal grounds and legitimate purposes. Our use of your personal information is guided by the following principles:

  1. Contractual Necessity

    • To provide and maintain the Services you've requested
    • To process payments and handle billing
    • To deliver customer support and technical assistance
    • To fulfill our obligations under our Terms of Service

  2. Legal Obligations

    • To comply with applicable laws and regulations
    • To respond to valid legal requests from authorities
    • To maintain required business records
    • To meet tax and accounting obligations

  3. Legitimate Business Interests

    • To improve and optimize our Services
    • To detect and prevent fraud and abuse
    • To protect the security of our platform
    • To analyze and understand user behavior
    • To make data-driven business decisions

  4. Automated Processing and Machine Learning We employ automated processing techniques, including machine learning, to enhance our Services. These technologies are used in ways that:

    • Always involve human oversight for significant decisions
    • Focus on improving service functionality and user experience
    • Help identify and prevent fraudulent activities
    • Optimize system performance and reliability
    • Maintain platform security

  5. Proportionality and Privacy Rights All processing activities are conducted in a manner that:

    • Is proportionate to the stated purposes
    • Respects user privacy rights
    • Implements appropriate safeguards
    • Maintains transparency about data usage
    • Provides user control over their information

We regularly review our data collection practices to ensure they remain necessary and proportionate to our service delivery needs while respecting user privacy rights.

Information Sharing and Disclosure

We may share your information with certain third parties to facilitate our services, comply with legal obligations, and enable collaborative features. Below is a detailed explanation of the entities we may share data with and the circumstances under which sharing occurs:

  1. Service Providers

    • Cloud computing services that host our infrastructure and process data
    • Communication and collaboration services that enable messaging and team features
    • Data storage providers that securely maintain backups and archives
    • Payment processors that handle financial transactions and billing
    • User authentication services that verify identities and manage access
    • Website hosting providers that deliver our web applications

    These service providers are carefully selected and contractually bound to maintain appropriate security measures.

  2. Legal Authorities

    • Law enforcement agencies when we receive valid legal requests or court orders
    • Government bodies in response to valid subpoenas or national security demands
    • Regulatory authorities as required by applicable laws and regulations

    We evaluate each legal request carefully and only disclose information that we are legally required to share. When permitted, we notify users of such requests unless legally prohibited from doing so.

  3. Other Users

    • Within your organization: Team members and administrators may see your profile information, activities, and contributions
    • Through public content: Information you choose to make public may be visible to other users
    • Via interactive features: When you participate in collaborative spaces, forums, or shared projects

    We provide granular privacy controls so you can manage what information is visible to other users. Default sharing settings are configured to protect privacy while enabling necessary collaboration.

  4. Business Partners

    • Integration partners whose services you choose to connect with
    • Analytics providers who help us improve our services
    • Marketing and advertising partners (with your consent)

    These partnerships undergo strict vetting and are governed by data processing agreements that protect your privacy rights.

  5. Corporate Transactions In the event of a merger, acquisition, or sale of all or part of our assets, your information may be transferred as part of the transaction. We will notify you via email and/or prominent notice on our website of any change in ownership or uses of your personal information.

We implement strict data minimization principles and only share the information necessary for the intended purpose. All third parties we share data with are contractually obligated to:

  • Implement appropriate security measures
  • Notify us of any data breaches
  • Maintain confidentiality
  • Comply with applicable data protection laws

You have control over certain sharing features:

  • You can configure visibility settings for your profile and content
  • You can choose which third-party integrations to enable

Users-of-Users Personal Information

As a provider of business applications and services, we recognize that our Users may need to process information about their own customers, employees, and other individuals ("End Users"). When our Users input or upload End User data into our applications, we act solely as a data processor, handling this information according to our Users' instructions and requirements.

For instance, when organizations use Elyptix Time to track employee hours, or when businesses use Elyptix Engine to manage customer records, we store and process this End User information strictly as a service provider. We do not independently determine how this data should be used or processed.

Under data protection regulations like GDPR, this means:

  • Our Users are the "Data Controllers" - they decide why and how End User data is collected and used
  • Elyptix acts as the "Data Processor" - we handle the data according to our Users' directions
  • End Users should direct any privacy-related requests to the organization that collected their data (our User), not to Elyptix

Our Users bear primary responsibility for:

  • Ensuring they have proper authorization to collect and process End User data
  • Obtaining necessary consents from End Users
  • Providing privacy notices to End Users
  • Responding to End User requests about their data
  • Complying with relevant privacy and data protection laws

We process End User data in our secure facilities located in Canada, the United States, and Australia. For data subject to GDPR or similar regulations, we maintain appropriate safeguards and transfer mechanisms in accordance with applicable data protection laws.

While we cannot advise our Users on legal matters, we strongly encourage them to:

  • Maintain clear privacy policies explaining how they handle End User data
  • Ensure End Users understand and consent to their data practices
  • Implement appropriate security measures to protect End User data
  • Promptly communicate any data incidents to affected End Users

If you are an End User whose data is processed through our systems:

  1. Direct any privacy requests (access, correction, deletion, etc.) to the organization that collected your data
  2. We will assist our Users in responding to your requests within required timeframes (e.g., 30 days under GDPR)
  3. We retain End User data only as long as instructed by our Users or required by law

Data Storage and Processing

We store and process your information in data centers located in:

  • Canada
  • United States
  • Australia

Our Services are intended for use in North America, Australia, and New Zealand. We do not actively market or direct our Services to users in the European Union, United Kingdom, or other jurisdictions with specific data protection regulations. If you are accessing our Services from outside our supported regions, you do so at your own discretion and are responsible for compliance with your local laws.

Data Security

We implement industry-standard security measures through our cloud service providers to protect your personal information, including:

  • Encryption at rest and in transit
  • Access controls and authentication
  • Automated security monitoring

While we strive to protect your personal information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security but will promptly address any security issues that are brought to our attention.

Response Times and Support

We aim to respond to inquiries and requests within 5 business days. This includes:

  • Account access requests
  • Information correction requests
  • Account deletion requests
  • General privacy inquiries

Support is available during regular business hours (Monday to Friday, 9 AM to 5 PM Pacific Time), excluding holidays. Response times may be longer during high-volume periods or scheduled maintenance windows.

Security Incidents

In the event of a security incident affecting your personal information, we will:

  1. Investigate and contain the incident
  2. Notify affected users via email within 10 business days
  3. Provide guidance on any necessary actions users should take

Your Rights and Choices

You have the right to:

  1. Access your personal information
  2. Correct inaccurate data
  3. Request deletion of your data
  4. Opt-out of marketing communications

These rights can be exercised by:

  1. Using the self-service options in your account settings
  2. Emailing us at privacy@elyptix.com

Children's Privacy

While our Services may be used by individuals under 18 within organizations, we do not knowingly collect personal information from children under 13 without parental consent.

Data Retention

We retain your personal information for the duration that your account remains active and as needed to provide you with our Services.

After account deactivation or discontinuation of Services, we may continue storing your personal information as reasonably required to:

  • Fulfill our legal obligations
  • Resolve any disputes
  • Prevent fraud or misuse
  • Enforce our agreements
  • Protect our legitimate business interests

When determining how long to retain personal information, we evaluate:

  • The type, amount and sensitivity of the data
  • Risks associated with unauthorized access or disclosure
  • Our purposes for processing the data
  • Legal and regulatory requirements

Security Measures

At Elyptix, we implement security measures to protect your Personal Information through physical, electronic, and procedural safeguards. Our Services use HTTPS secure access, with sensitive data transmission protected by industry-standard SSL/TLS encryption protocols. For payment processing, we rely on established payment processors that maintain PCI DSS certification, ensuring your financial information remains protected according to industry standards.

Our cloud infrastructure is provided by leading service providers who maintain enterprise-grade security measures, including advanced firewalls and encrypted storage. Through these partnerships, we benefit from robust physical and digital security controls that help protect your data.

We implement secure development practices in building our applications and carefully evaluate security considerations when developing new features. Our systems employ authentication protocols and access controls to restrict unauthorized access to user data.

However, we must emphasize that despite these security measures, no system can guarantee absolute protection of your Personal Information. We strongly recommend that users take an active role in protecting their accounts by creating strong, unique passwords. Regular monitoring of your account activity and prompt reporting of suspicious behavior helps maintain the overall security of our ecosystem.

Users should exercise particular caution when accessing our Services through public or unsecured networks. We recommend keeping your devices and software up to date with the latest security patches. It's crucial to avoid sharing sensitive information that could cause substantial harm if compromised.

Special attention should be paid to the inherent security limitations of certain communication channels. Email and instant messaging are not recognized as secure communication methods, and public areas of our Services, such as support forums and community spaces, should never be used for sharing sensitive information. Non-SSL pages may not provide the same level of security as SSL-protected pages.

Security is a shared responsibility between Elyptix and our users. While we implement reasonable safeguards to protect your data, we encourage all users to take appropriate precautions when using our Services. This includes being mindful of the information you share, the networks you use to access our Services, and the security settings you enable on your account.

Security of Users-of-users

If you use our Services to collect, store, or process information about your own users, customers, or other third parties ("Users-of-users"), you are responsible for ensuring appropriate security measures for that data. While we implement security controls to protect data stored in our systems, you maintain primary responsibility for:

  • Obtaining necessary consents and permissions from your Users-of-users
  • Implementing appropriate data collection and handling practices
  • Maintaining compliance with applicable privacy laws and regulations
  • Securing access credentials and authentication methods
  • Properly configuring privacy and security settings within our Services
  • Promptly reporting any potential data breaches or security incidents
  • Managing data retention and deletion requests from your Users-of-users

We strongly recommend implementing additional security measures specific to your use case, such as:

  • Data minimization - only collecting necessary information
  • Access controls for your team members
  • Regular security audits of your implementation
  • Clear privacy policies and terms of service
  • Documented procedures for handling data requests
  • Encryption of sensitive data before transmission to our Services

Elyptix cannot be held responsible for security incidents resulting from improper configuration or misuse of our Services by customers in relation to their Users-of-users' data. We encourage you to seek legal counsel to ensure your handling of Users-of-users' data complies with all applicable laws and regulations.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The date of the latest modification will be indicated at the top of this policy.

Contact Us

If you have questions about this Privacy Policy, please contact us at: