Veracity takes your privacy extremely seriously and would like to describe how we collect, use and protect your information when you access our website(s), products (Veracity Learning LRS), and other software applications (collectively, the “Services”) operated by Veracity Technology Consultants, LLC (hereinafter referred to as “Veracity,” “we,” ”us,” “our”). It is Veracity’s policy to respect your privacy regarding any information we may collect from you across our Services. When you access and use the Services, you are subject to our Terms of Service.

If you are a resident of the European Union (“EU”), United Kingdom, Liechtenstein, Norway, or Iceland (collectively the “EEA”), you have specific privacy rights under the EU General Data Protection Regulation (the “GDPR) with respect to your Personal Data (defined below).

This Privacy Policy covers our treatment of personally identifiable information, including “Personal Data” as it is defined in the GDPR (“Personal Data”) that we gather when you are accessing or using our Services. We gather various types of Personal Data from our users, as explained in more detail below, and we may use this Personal Data in order to make our Services available to you, to contact you, and to better understand how you use the Services. This policy covers the types of Personal Data we collect, purposes of using Personal Data, the legal basis for processing Personal Data, practices for sharing Personal Data, your rights to access your Personal Data, and international transfers of Personal Data. We will be the controller of your Personal Data processed in connection with the Services. We gather various types of Personal Data from users, and we use the Personal Data internally in connection with our Services.

The Services are not intended for children under the age of 13 (or under the age of 16 for children living in the EEA, and we do not knowingly collect or solicit Personal Data from anyone under the age of 13 (or under the age of 16 for children living in the EEA). If you are under the age of 13 (or under the age of 16 for children living in the EEA), please do not attempt to register for the Services or send any Personal Data about yourself to us. If we obtain actual knowledge that we have collected Personal Data from a child under age 13 (or under the age of 16 for children living in the EEA), we will delete that information as quickly as possible. We do not sell, as that term is defined in the California Consumer Protection Act (CCPA) the personal information of minors under 16 years old who are California residents. If you believe that a child under 13 (or under the age of 16 for children living in the EEA). Veracity is committed to subject any Personal Data received from residents of EEA Countries to the Principles of the EU-U.S. Data Privacy Framework (DPF).

Veracity complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Veracity has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF. Veracity has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov. To see the DPF list, please visit https://www.dataprivacyframework.gov/list.

Information You Provide
We receive and store any information you knowingly provide to us. We collect email addresses and other contact information that users and correspondents provide to us. We also may preserve records of our correspondence. When you register for an account, we ask for your username and email address. We will always be transparent with you about the information we collect, what we do with it, with whom we share it and who you should contact if you have any concerns. We may optionally ask for additional Personal Data, such as your:

• Name
• Phone/mobile number
• Home/Mailing address
• Work address
• Payment information

In keeping with standard online privacy practices, users should not include any highly sensitive information (such as social security numbers, financial information, or “protected health information” (as that term is defined by the Health Insurance Portability & Accountability Act)) in any emails so that such data does not transfer to our servers (even if only temporarily).

In addition, we collect Personal Data you submit to us, for example by completing a form from our Services. In that case, we may communicate with you, for example by calling you at the phone number you provide, sending you promotional email offers, or emailing you about your use of the Services. Also, we may receive a confirmation when you open an email from us. This confirmation helps enhance our engagement with you and generally improve our Services.

Information Collected Automatically
When you interact with our Services, our servers may automatically log the standard data provided by your web browser. Whenever you interact with our Services, we may automatically receive and record information on our server logs from your browser or device, which may include your IP address, “cookie” information, the type of browser and/or device you’re using to access our Services, and the page or feature you requested. “Cookies” are identifiers we transfer to your browser or device that allow us to recognize your browser or device and tell us how and when pages and features in our Services are visited and by how many people. We use cookies to track current session information and to streamline your login process. We do not require permanent cookies. You may be able to change the preferences on your browser or device to prevent or limit your device’s acceptance of cookies, but this may prevent you from taking advantage of some of our features. We may use this data to customize content and generally to improve the Services. Please refer to our Cookie Policy for more information. You may learn more about “Cookies” at allaboutcookies.org including how to remove cookies from your browser.

Google Analytics Services
We use Google analytics in order to better understand user engagement with the Services. When a user browses or uses the Services, these third party analytics services may collect the user’s IP address, browser type, and approximate location (based on the IP address). They may also use web logs or web beacons and may set and access cookies on your computer or other device.

We may collect, hold, use and disclose information for the following purposes and Personal Data will not be further processed in a manner that is incompatible with these purposes:

• to enable you to customize or personalize your experience of our website;
• to enable you to access and use our website, associated applications and associated social media platforms;
• to contact and communicate with you;
• for internal record keeping and administrative purposes;
• for analytics, market research and business development, including to operate and improve our website, associated applications and associated social media platforms;
• for advertising and marketing, including to send you promotional information about our products and services and information about third parties that we consider may be of interest to you; and
• to comply with our legal obligations and resolve any disputes that we may have.

We will process your Personal Data lawfully, fairly and in a transparent matter. We collect and process information about you only where we have legal basis for doing so.

The legal basis depends on the services you use and how you use them, meaning we collect and use your information only where:

• it’s necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract (for example, when we provide a service you request from us);
• it satisfies a legitimate interest (which is not overridden by your data protection interests), such as for research and development, to market and promote our services, and to protect our legal rights and interests;
• you give us consent to do so for a specific purpose (for example, you might consent to us sending you our newsletter); or
• we need to process your data to comply with a legal obligation.

Where you consent to our use of information about you for a specific purpose, you have the right to change your mind at any time (but this will not affect any processing that has already taken place).

We don’t keep Personal Data for longer than is necessary. While we retain this information, we will protect it within commercially acceptable means to prevent loss and theft, as well as unauthorized access, disclosure, copying, use or modification. That said, we advise that no method of electronic transmission or storage is 100% secure and cannot guarantee absolute data security. If necessary, we may retain your Personal Data for our compliance with a legal obligation or in order to protect your vital interests or the vital interests of another natural person.

Except as described in this policy, we will not give, sell, rent or loan any Personal Data to any third party. Personal Data will only be shared as follows:

Agents and vendors
We may employ other companies and people to perform tasks on our behalf and need to share your information with them, including in some cases the Personal Data you have provided to us, in order to make the Services available to you. For example, we may use third party hosting providers or software developers to help implement and maintain the Services. Our Services may be directly accessed through other web applications through an API integration. Personal Data that you provide to those sites may be sent to Veracity in order to deliver the service. We process such information under this Privacy Policy. However, our agents do not have any right to use the Personal Data we share with them beyond what is necessary to integrate.

Business Transfers
If we are involved in a reorganization, merger, acquisition or sale of our assets, your information may be transferred as part of that deal. We will notify you (for example, via a message to the email address associated with your account) of any such deal and outline your choices in that event.

Protection of Veracity and Others
We reserve the right to access, read, preserve, and disclose any information that we believe is necessary to comply with law or court order; enforce or apply our applicable terms of use and other agreements; or protect the rights, property, or safety of Veracity, our employees, our users, or others.

We acknowledge the right of individuals to access their Personal Data and data collected by Veracity. Although we own the source code, databases and all rights to Veracity Learning, you retain all rights to your data. We implement security measures to protect your information from loss, destruction, misuse, unauthorized access or disclosure. These practices help ensure that your data is safe, secure, and only accessible to you or other applications where you approved access. However, no data transmission over the internet or information storage can be guaranteed to be 100 percent secure. Requests to access personal information or data should be submitted to privacy@veracity.it, with the subject line “Personal Data Request.” Additional details about your access rights and controlling your personal information are provided below.

Choice and consent
By providing personal information to us, you consent to us collecting, holding, using and disclosing your personal information in accordance with this privacy policy. If you are under 16 years of age, you must have, and warrant to the extent permitted by law to us, that you have your parent or legal guardian’s permission to access and use the website and they (your parents or guardian) have consented to you providing us with your personal information. We do not knowingly collect personal information from children without the consent of the child's parent or guardian. You do not have to provide Personal Data to us, however, if you do not, it may affect your use of this website or the products and/or services offered on or through it.

Information from third parties
If we receive Personal Data about you from a third party, we will protect it as set out in this privacy policy. If you are a third party providing Personal Data about somebody else, you represent and warrant that you have such person’s consent to provide the Personal Data to us.

Restrict
You may choose to restrict the collection or use of your Personal Data under certain conditions.. If you have previously agreed to us using your Personal Data for direct marketing purposes, you may change your mind at any time by contacting us at privacy@veracity.it. If you ask us to restrict or limit how we process your Personal Data, we will let you know how the restriction affects your use of our products and services..

Object
You have the right to object to Veracity’s processing of your Personal Data, under certain conditions.

Access and data portability
You may request details of the Personal Data that we hold about you. You may request a copy of the Personal Data we hold about you. Where possible, we will provide this information in CSV format or other easily readable machine format. You may request that we erase the Personal Data we hold about you at any time.

Correction
If you believe that any information we hold about you is inaccurate, out of date, incomplete, irrelevant or misleading, please contact us using the details below. We will take reasonable steps to correct any information found to be inaccurate, incomplete, misleading or out of date.

Erasure
You have the right to request that Veracity erase your Personal Data, under certain conditions.

You may also have the right to make a GDPR complaint to the relevant Supervisory Authority. A list of Supervisory Authorities is available here: https://edpb.europa.eu/about-edpb/board/members_en.

Notification of data breaches
In the case of a personal data breach, Veracity shall without undue delay and, where feasible, not later than 72 hours after having become aware of it, notify the personal data breach to a Veracity supervisory authority. Where the notification to the supervisory authority is not made within 72 hours, it shall be accompanied by reasons for the delay. When the personal data breach is likely to result in a high risk to the rights and freedoms of natural persons, Veracity shall communicate the personal data breach to the data subjects without undue delay.

Public Authorities
In some cases, we may be required to provide Personal Data in response to lawful requests by public authorities to meet national security, law enforcement, or other lawful requirements.

Complaints
If you believe that we have breached a relevant data protection law and wish to make a complaint, please contact us using the details below and provide us with full details of the alleged breach. We will promptly investigate your complaint and respond to you, in writing, setting out the outcome of our investigation and the steps we will take to deal with your complaint. You also may the right to contact a regulatory body or data protection authority in relation to your complaint. If you are a resident of the EEA and have a complaint in regard to data privacy, you may contact the United States Federal Trade Commission (“FTC”) and submit such complaint to the panels established by the EU’s Data Protection Authorities.

Veracity commits to cooperate with the panel established by the EU Data Protection Authorities and comply with the advice given by the panel with regard to data transferred from the EU.

Unsubscribe
To unsubscribe from our e-mail database or opt-out of communications (including marketing communications), please contact us at contact@veracity.it or opt-out using the opt-out mechanisms provided in the e-mail message or website.


In addition to the above, the CCPA provides specific rights to know, delete, and opt out, and requires businesses collecting or disclosing Personal Data to provide notices and means to exercise those rights. The language in this section has the same meanings as given to them in the CCPA. For more information, or to submit a request, please email privacy@veracity.it.


Notice of Collection
The categories of Personal Data that we have collected, as described by the CCPA, in the preceding twelve (12) months includes identifiers, commercial information, internet activity, geolocation data, and inferences. The information we collect is described in greater detail above. We collect and use these categories of information for the purposes described above. The information we share with third parties and the underlying principles that guide our sharing practices are also described above.


Right to Know and Delete
California Residents have the right to delete the Personal Data we have collected from you, and the right to know certain information about our data practices in the preceding twelve (12) months. If you would like to receive or delete your personal information, you can email us at privacy@veracity.it.


Right to OPT Out
If and to the extent “sale” under the CCPA is interpreted to include advertising technology activities specifically for interest-based advertising, we will comply with all applicable laws as to such activity.


Authorized Agent
You may choose to designate an authorized agent to submit requests on your behalf. However, we will require written proof of the agent’s permission to do so and verify your identity directly.


Right to Non-Discrimination
You have the right not to receive discriminatory treatment by us for the exercise of any of your rights.


Shine the Light
As a California resident, you may ask us for a notice describing what categories of personal information we share with third parties or affiliates for those third parties or affiliates’ direct marketing purposes and identify the name and address of the third parties that receive such personal information. Please note that we are only required to respond to requests once during any calendar year.


Consumer Affairs
Under California Civil Code Section 1789.3, California residents are entitled to the following specific consumer rights notice: If you have a question of complaint regarding the Services, please send an email to privacy@veracity.it. You may also contact us by writing to us at Veracity Technology Consultants, 6901-A North 9th Avenue, Suite #249. Pensacola, FL 32504. California residents may reach the Complaint Assistance Unit of the Division of Consumer Services of the California Department of Consumer Affairs in writing at 400 R Street, Suite 1080, Sacramento, California 95814, or by telephone at 916-445-1254 or 800-952-5210.


Veracity complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Veracity has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF. Veracity has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov.

With respect to personal data received or transferred pursuant to the Data Privacy Frameworks, Veracity is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission.

Pursuant to the Data Privacy Frameworks, EU and Swiss individuals have the right to obtain our confirmation of whether we maintain personal information relating to you in the United States. Upon request, we will provide you with access to the personal information that we hold about you. You may also correct, amend, or delete the personal information we hold about you. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the United States under the Data Privacy Frameworks, should direct their query to privacy@veracity.it. If requested to remove data, we will respond within a reasonable timeframe.

We will provide an individual opt-out choice, or opt-in for sensitive data, before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your personal information, please submit a written request to privacy@veracity.it

In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Veracity’s accountability for personal data that it receives in the United States under the Data Privacy Frameworks and subsequently transfers to a third party is described in the Data Privacy Framework Principles. In particular, Veracity remains responsible and liable under the Data Privacy Framework Principles if third-party agents that it engages to process personal data on its behalf do so in a manner inconsistent with the Principles, unless Veracity proves that it is not responsible for the event giving rise to the damage.

In compliance with the Data Privacy Framework Principles, Veracity commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to the Data Privacy Frameworks. EU and Swiss individuals individuals with DPF inquiries or complaints should first contact Veracity by email at privacy@veracity.it

Veracity has further committed to refer unresolved privacy complaints under the Data Privacy Framework Principles to a U.S.-based independent dispute resolution mechanism, BBB NATIONAL PROGRAMS. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit http://www.bbbprograms.org/dpf-complaints for more information and to file a complaint. This service is provided free of charge to you.

If your DPF complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf .


We’re constantly trying to improve our Services, so we may need to change this Privacy Policy from time to time as well, but if we do, we will bring it to your attention by placing a notice on our website, https://veracity.it/privacy-policy and/or by sending you an email, and/or by some other means. Your use of the Services after any changes to the Privacy Policy have been posted will be considered to indicate your acceptance of the changes.

Your continued use of this site after any changes to this policy will be regarded as acceptance of our practices around privacy and Personal Data.

If we make a significant change to this privacy policy, for example changing a lawful basis on which we process your Personal Data, we will ask you to re-consent to the amended privacy policy.


If you have any questions, concerns, or complaints regarding our privacy policies, the data we hold on you, or would like to exercise one of your data protection rights, please don’t hesitate to contact us, and we will work hard to resolve your concerns. Additionally, in compliance with DPF principles, we commit to resolve complaints about our collection or use of the Personal Data of EEA residents. Individuals with inquiries or complaints regarding our data privacy policy should contact us as follows:

Email us at: privacy@veracity.it
Call us at +1-850-852-1070
Or write to us at:

Veracity Technology Consultants
6901-A North 9th Avenue, Suite #249
Pensacola, FL 32504

This policy was last updated and is effective as of 22 January 2024.