Effective Date: December 15th 2017

Updated Date: January 27th 2019

Privacy Policy

Scalpel Software, Inc., ("Scalpel," "we" or "us") is committed to protecting you and your customers' privacy. This Privacy Policy describes how we collect, use and disclose personally identifiable information ("PII", defined below) and protected health information ("PHI", defined below) when you become a registered customer of our service. If you are not a registered customer, you can generally browse through our Website without giving us any information about yourself. Unless we define a term in this Privacy Policy, all capitalized terms used in this Privacy Policy have the same meanings as in our Terms of Service. Therefore, please make sure that you have read and understand our Terms of Service.

Changes to this Policy

Any information that is collected via our Services is covered by the Privacy Policy in effect at the time such information is collected. We have the right to change or add to the terms of this Policy at any time, and to change, delete, discontinue, or impose conditions on use of the Services by posting such changes on our website or any other website we maintain or own. If we make any substantial changes in the way we use your information (PHI/PII), we will notify you of those changes via email, or through other means. Your use of the Services, or Data after we publish any such changes on our website, constitutes your acceptance of the terms of the modified Agreement. You can access a copy of the current terms of this Agreement on our website at any time. You can find out when this Agreement was last changed by checking the "Updated Date" date at the top of the Agreement.

Personally Identifiable Information (PII)

As described by the National Institute of Standards and Technology (NIST special publication 800-122).

"any information about an individual maintained by an agency, including (1) any information that can be used to distinguish or trace an individual's identity, such as name, social security number, date and place of birth, mother's maiden name, or biometric records; and (2) any other information that is linked or linkable to an individual, such as medical, educational, financial, and employment information"

Protected Health Information (PHI)

Protected health information (PHI) is defined as individually identifiable health information transmitted or maintained by a covered entity or its business associates in any form or medium (45 CFR 160.103). The definition exempts a small number of categories of individually identifiable health information, such as individually identifiable health information found in employment records held by a covered entity in its role as an employer.

Information Collection

Information You Provide

We collect information you provide, such as when you email us, sign up through our websites or mobile applications, or fill out forms on our websites or mobile applications. We may collect, but are not limited to collecting, the following information: your name, gender, email address, mailing address, phone number, date of birth, social security number, issues we can help you with.

Information from Third Parties

We may obtain additional information about you from third parties such as marketers, partners, researchers, and others. We may combine information that we collect from you with information about you that we obtain from such third parties and information derived from any other subscription, product, or service we provide.

Information We Collect From Your Use of the Services

We collect information about you when you use our websites and/or mobile applications, including, but not limited to the following:

Device Information

We may automatically collect certain information about the computer or devices (including mobile devices) you use to access the Services. For example, we may collect and analyze information such as (a) IP addresses, geolocation information (as described in the next section below), unique device identifiers and other information about your mobile phone or other mobile device(s), browser types, browser language, operating system, the state or country from which you accessed the Services; and (b) information related to the ways in which you interact with the Services, such as: referring and exit pages and URLs, platform type, the number of clicks, domain names, landing pages, pages and content viewed and the order of those pages, the amount of time spent on particular pages, the date and time you used the Services, the frequency of your use of the Services, error logs, and other similar information. As described further below, we may use third-party analytics providers and technologies, including cookies and similar tools, to assist in collecting this information.

Location Information

We may collect different types of information about your location, including general information (e.g., IP address, zip code) and more specific information (e.g., GPS-based functionality on mobile devices used to access the Services), and may use that information to customize the Services with location-based information, advertising, and features. For example, if your IP address indicates an origin in Greenville, the Services may be customized with Greenville-specific information and advertisements. In order to do this, your location information may be shared with our agents, vendors or advertisers. If you access the Services through a mobile device and you do not want your device to provide us with location-tracking information, you can disable the GPS or other location-tracking functions on your device, provided your device allows you to do this. See your device manufacturer’s instructions for further details.

Cookies and Other Electronic Technologies

We may use the tools outlined below in order to better understand users. As we adopt additional technologies, we may also gather additional information through other methods.

Cookies

“Cookies” are small computer files transferred to your computing device that contain information such as user ID, user preferences, lists of pages visited and activities conducted while using the Services. We use Cookies to help us improve or tailor the Services by tracking your navigation habits, storing your authentication status so you do not have to re-enter your credentials each time you use the Services, customizing your experience with the Services, and for analytics and fraud prevention.

We may use a type of advertising commonly known as interest-based or online behavioral advertising. This means that some of our business partners use Cookies to display Scalpel ads on other websites and services based on information about your use of the Services and on your interests (as inferred from your online activity). Other Cookies used by our business partners may collect information when you use the Services, such as the IP address, mobile device ID, operating system, browser, web page interactions, the geographic location of your internet service provider, and demographic information such as gender and age range. These Cookies help Scalpel learn more about our users’ demographics and internet behaviors.

For more information on cookies, you can visit: http://www.whatarecookies.com/

Web Beacons

“Web Beacons” (a.k.a. clear GIFs or pixel tags) are tiny graphic image files embedded in a web page or email that may be used to collect anonymous information about your use of our Services, the websites of selected advertisers, and the emails, special promotions or newsletters that we send you. The information collected by Web Beacons allows us to analyze how many people are using the Services, using the selected advertisers’ websites or opening our emails, and for what purpose, and also allows us to enhance our interest-based advertising.

Website Analytics

We may use third-party website analytics services in connection with the website, including, for example, to register mouse clicks, mouse movements, scrolling activity and text that you type into the website or mobile application. These website analytics services generally do not collect personal information unless you voluntarily provide it and generally do not track your browsing habits across websites which do not use their services. We use the information collected from these services to help make the website easier to use.

Mobile Device Identifiers

Mobile device identifiers are data stored on your mobile device that may track mobile device and data and activities occurring on and through it, as well as the applications installed on it. Mobile device identifiers enable collection of personal information (such as media access control, address and location) and traffic data. Mobile device identifiers help Scalpel learn more about our users’ demographics and internet behaviors.

Opting Out

We may periodically send you free newsletters and e-mails that directly promote our Service. When you receive such promotional communications from us, you will have the opportunity to "opt-out" (by following the unsubscribe instructions provided in the e-mail you receive). We do need to send you certain communications regarding the Service and you will not be able to opt out of those communications – e.g., communications regarding updates to our Terms of Service or this Privacy Policy or information about billing.

Information Sharing and Disclosure

Your PII is not shared outside of the Companies without your permission, except as described below.

Service Providers

We may engage third-party service providers to work with us to administer and provide the Service. These third-party services providers have access to your PII only for the purpose of performing services on our behalf and are expressly obligated not to disclose or use your PII for any other purpose.

Business Transactions

Information that we collect from our users, including PII, is considered to be a business asset. Thus, if we are acquired by a third party as a result of a transaction such as a merger, acquisition or asset sale or if our assets are acquired by a third party in the event we go out of business or enter bankruptcy, some or all of our assets, including your PII, may be disclosed or transferred to a third party acquirer in connection with the transaction.

Governments and Law Enforcement

We cooperate with government and law enforcement officials or private parties to enforce and comply with the law. We may disclose any information about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate: (i) to enforce our Terms of Service, (ii) to respond to claims, legal process (including subpoenas); (iii) to protect our property, rights and safety and the property, rights and safety of a third party, our users, or the public in general; (iv) to stop any activity that we consider illegal, unethical or legally actionable activity; and (v) as required in accordance with HIPAA or related applicable local, state or federal laws

Data Retention

Your information is stored by us on controlled servers with limited access and may be stored and processed in the United States or any other country where the Companies or agents are located. If you’re located outside the United States and choose to provide your PII to us, we may transfer your PII to the United States and process it there. Those who choose to access and use the Service from outside the U.S. do so on their own initiative, at their own risk, and are responsible for compliance with applicable laws.

Children

Scalpel does not knowingly collect or maintain personally identifiable information from persons under 13 years of age without verifiable parental consent, and no part of the Services are directed at persons under 13. If you are under 13 years of age, then please do not use the Services. If Scalpel learns that personally identifiable information of persons less than 13 years of age has been collected without verifiable parental consent, then we will take the appropriate steps to delete this information. To make such a request, please contact us privacy@scalpel.com.

Do Not Track Signals

Our Website does not have the capability to respond to "Do Not Track" signals received from various web browsers.

Notice for California Users and Residents

Under California Civil Code Section 1789.3, California users are entitled to the following specific consumer rights notice: If you have a question or complaint regarding the Website, please send an email to info@scalpel.com. You may also contact us by writing to Scalpel Software, Inc., 31 Memorial Medical Drive, Greenville, SC 29605. California residents may reach the Complaint Assistance Unit of the Division of Consumer Services of the California Department of Consumer Affairs may be contacted in writing at 400 R Street, Suite 1080, Sacramento, California 95814, or by telephone at (916) 445-1254 or (800) 952-5210.

Under California Civil Code Sections 1798.83-1798.84, California residents are entitled to ask for a notice identifying the categories of PII which we share with certain third parties for direct marketing purposes under certain circumstances and providing contact information for such third parties. If you are a California resident and would like a copy of this notice, please submit a written request to: Scalpel Software, Inc., 31 Memorial Medical Drive, Greenville, SC 29605.

Links to Other Websites

Our Services may contain links to other websites and those websites may not follow the same privacy practices as Scalpel. We are not responsible for the privacy practices of third party websites. We encourage you to read the privacy policies of such third parties to learn more about their privacy practices.

No Rights of Third Parties

This Online Privacy Policy does not create rights enforceable by third parties.

Questions or Comments

If you have questions or concerns about our collection, use, or disclosure of your PII, please email us at privacy@scalpel.com. You may also contact us in writing at:

Attn: Privacy
Scalpel Software, Inc.
31 Memorial Medical Drive
Greenville, SC 29605