Types of Personal Information Collected. The types of Personal Information which may be collected when you visit the Esker Websites include but are not limited to the following: (a) your first and last name; (b) your title, department, and your company's name; (c) your home, work, or other physical address (including street name, name of a city or town, state/province); (d) your e-mail address; (e) your telephone number; (f) your fax number; (g) internet protocol address or any other identifier/connection data that permits Esker to make physical or online contact with you; and (h) any information that Esker collects online from you and maintains in association with your account, such as your Esker username and password.
How Personal Information is used. Esker will use Personal Information only in ways that are compatible with and relevant for the purposes for which it was collected. Esker will retain the Personal Information for no longer than is necessary for the purposes for which the Personal Information was collected. Esker may be required to release an individual’s personal information in response to lawful requests by public authorities including to meet national security and law enforcement requirements. Esker will not share, sell, rent, or trade with third parties for their marketing purposes any of your data or your customer’s data collected by us, unless you direct us to do so and have the appropriate authorization to do so. Examples of how Esker may use the Personal Information you provide include, but are not limited to the following: (a) create and maintain your accounts; (b) process, fulfill, and follow-up on your orders and special requests; (c) register your products; (d) answer your questions; (e) register you in programs (per your request); (f) send you marketing surveys, newsletters, event invitations, and product information (g) customize and facilitate your navigation on the Esker Websites; (h) process your employment application; (i) provide you with information related to your account and the products and/or services you purchase from Esker; (j) better understand your needs and interests; (k) improve and develop Esker’s products and services internally at Esker and Esker, S.A. and its affiliates ; (l) personalize communications; (m) prevent and detect fraud and abuse in order to protect your security and the security of Esker’s customers; and (n) comply with legal obligations. Any other information transferred by you in connection with its visit to the Esker Websites-that is information that cannot be used to identify you-may be included in databases owned and maintained by Esker or its agents. Esker retains all rights to these databases and the information contained in them. Esker also posts your testimonials/comments/reviews on the Esker Websites which may contain Personal Information. Esker obtains your consent via email prior to posting the testimonial to post your name along with your testimonial. Esker Websites offer publicly accessible blogs or community forums such as blog.esker.com. You should be aware that any Personal Information you provide in these areas may be read, collected, and used by others who access them. Esker shall not be responsible or liable for the Personal Information you choose to submit in these forums.
Security. Esker takes reasonable and appropriate physical, technical, and organizational precautions to protect your Personal Information in its possession from loss, misuse, unauthorized access, disclosure, alteration, and destruction. Specifically, with regard to the Esker Websites, Esker hosts the Esker Websites in a secure server environment that uses firewalls, intrusion detection systems, and other advanced technology to prevent interference or access from outside intruders. Furthermore, Esker uses Secure Socket Layer technology on the Esker Websites to encrypt Personal Information when Personal Information is sent on the Esker Websites. Additionally, Esker annually trains its employees on this Policy. Even with these safeguards in place, no method of transmission over the internet is 100% secure and Esker does not guarantee the security of Personal Information transmitted via the Internet.
California Residents Rights under the California Consumer Privacy Act of 2018 as expanded by the California Privacy Rights Act of 2020 (“CPRA”). If you are a California resident, Esker processes your Personal Information in accordance with the applicable sections of the CPRA and the CCPA regulations as set by the California Privacy Protection Agency (CPPA Regulations). Except as what is specified under the applicable laws, EU Individuals are not entitled to CPRA rights and California residents are not entitled to GDPR rights. Esker does not share, sell, rent, trade, or lease your Personal Information, nor does it retain, use, or disclose Personal Information for any purpose, including commercial purposes, unless expressly permitted by the CPRA or CPPA Regulations. Thus, Esker does not offer an opt-out to the sale of Personal Information. In the preceding twelve months, Esker has not sold Personal Information. Esker will not discriminate against you for exercising any of your CPRA rights. Under the CPRA, you have the right to request that Esker disclose certain information to you about its collection and use of your Personal Information over the past twelve months. Once Esker receives and confirms your verifiable consumer request, Esker will disclose to you: (1) the categories of Personal Information collected about you, (2) the categories of sources for the Personal Information collected about you, (3) Esker’s business or commercial purposes for collecting or selling the Personal Information, (4) the specific pieces of Personal Information collected about you, and (5) if your Personal Information was sold or disclosed for a business purpose, Esker will identify the Personal Information sold, who it was sold to, and for what business purpose. Under the CPRA, you have the right to request that Esker delete your Personal Information and limit the use or disclosure of any sensitive personal information (if applicable). Once Esker receives and confirms your verifiable consumer request, Esker and any of its applicable agents will delete your Personal Information from its records, unless an exception under the CPRA or CPPA Regulations applies.
To exercise any of the above-referenced rights, please submit a verifiable consumer request to Esker at email@example.com. Only you, or a person registered with the California Secretary of State that you authorized to act on your behalf, may make a verifiable consumer request related to your Personal Information. You may only make a verifiable consumer request twice within a twelve-month period. Additional information may be requested by Esker to verify your identity before honoring the request. Esker will use reasonable commercial efforts to respond to a verifiable consumer request within forty-five days of its receipt. If Esker requires up to ninety days to respond, written notification will be sent to you advising of the reason for the delay. In the event Esker determines in good faith that a verifiable consumer request is excessive, repetitive, or unfounded, a fee may be charged. In such a case, Esker shall notify you in writing and provide you with reasons for the fee and a cost estimate before completing your request.
Other California Privacy Rights. California Civil Code Section 1798.83 permits you to request information regarding the disclosure of your Personal Information by us to third parties for the third parties’ direct marketing purposes. California Business and Professions Code Section 22581 permits registered users who are minors to request and obtain deletion of certain posted content. California Business and Professions Code Section 22575 requires an operator of a commercial website that collects Personally Identifiable information about California residents to disclose how it responds to web browser "do not track" signals or other mechanisms that provide consumers the ability to exercise choice regarding the collection of personally identifiable information about online activities over time. Because there is currently no industry standard on responding to such signals or mechanisms, Esker does not respond to them at this time.
Children’s Privacy. Children are restricted from customer registration and buying products/services on the Esker Websites. Furthermore, Esker does not knowingly collect or solicit any Personal Information from anyone under the age of thirteen through the Esker Websites. If Esker learns that it has Personal Information on a child under the age of thirteen it will immediately be deleted from Esker’s systems.
Esker’s Contact Information. To ask questions regarding this Policy, contact Esker at:
Esker, Inc. Attn: General Counsel/Chief Compliance Officer 1850 Deming Way, Ste. 150 Middleton, WI 53562 Telephone: 1-800-368-5283 Email: firstname.lastname@example.org
EU Individuals may lodge privacy complaints or enforce their GDPR rights with a supervisory authority listed at: https://ec.europa.eu/newsroom/article29/news-overview.cfm. The Global Data Protection Officer for Esker can be contacted at email@example.com.
Changes to this Policy. Esker may amend this Policy from time-to-time. When Esker does update this Policy, it will also revise the “Last Updated” date at the bottom of this Policy. Any material changes to this Policy will also be posted at https://www.esker.com/privacy-policy/
Last Updated: January 5, 2023