Privacy Policy

Effective Date: September 30, 2022

Curta Inc., a Washington corporation (“we,” “us,” “our,” and their derivatives), provides websites, including https://www.curtahealth.com/ and its subdomains (collectively, the “Websites”), products, services, and software (collectively, with the Websites, the “Services”).

1. What does this Privacy Policy cover?
This Privacy Policy (this “Policy”) sets forth how we collect, use, protect, store, disclose, and otherwise process your Personal Data (defined below). This Policy does NOT apply to information you provide to any third party or is collected by any third party.

By using our Services, you are confirming that you understand English well enough to understand this Policy. Should you have questions about this Policy, please contact us by emailing us at privacy@curtahealth.com so we can clarify and address your questions.

2. How do we process Children’s Personal Data?
Our Services are not designed for Children, and we do not intentionally or knowingly collect, use, store, disclose, or otherwise process any Personal Data from Children. A “Child” is a person under 18 years old.


3. What categories of Personal Data do we collect?

Generally

“Personal Data” means information that relates to an identified or identifiable natural person. We may collect the below categories of Personal Data.

  • Information on your interactions with certain software, Excels, and PowerPoints developed by us and associated usernames and Internet Protocol addresses.

  • Information you provide when contacting us or reporting a problem with the Services, such as your first and last name and email address.

  • Information on your interactions with our Websites.

We may also collect information that does not generally identify you but may become associated with your account. We may use information that does not identify you for any permissible business purpose under applicable law.

4. From what sources do we collect Personal Data?

Directly From You

We may collect your Personal Data when you provide it to us directly. For example:

  • When you create an account for a Service, we may collect your username.

  • When you contact us or report a problem with the Services, we may collect your first and last name, email address, and records and copies of your correspondence.

  • When you respond to a survey or questionnaire, we may collect the information provided.

Automatically From You

Cookies are small data file identifiers that are transferred to your computer or mobile web browser that allow us and third parties to recognize your browser or mobile device and transfer information about you and your use of our Services.

You may set your browser to refuse all or some browser cookies or to alert you when cookies are being sent. Please note that, if you disable or refuse cookies or other automatic data collection technologies, some aspects of the Services may be inaccessible or not function properly.

We may collect your Personal Data automatically as you use our Services. For example, we may collect information on your interactions with certain software, Excels, and PowerPoints developed by us and your Internet Protocol address. By way of another example, we may collect information on your interactions with our Websites.

5. For what purposes do we collect your Personal Data?
We may collect your Personal Data for the below purposes.

  • To provide or improve the Services – We may use your Personal Data to process your requests to access the Services and certain of their features and to generally present and improve the Services. For example, we may use your Personal Data for analytic and reporting purposes.

  • To administer the Services – We may use your Personal Data for any lawful business purpose in connection with administering the Services. For example, if you reach out to us, we may use your Personal Data to respond to you or to troubleshoot a problem you reported having with the Services.

  • In furtherance of legal, health, and safety objectives – We may access, use, and share with others your Personal Data for purposes of health, safety, and other matters in the public interest. We may also provide access to your Personal Data to cooperate with official investigations or legal proceedings (e.g., in response to subpoenas, search warrants, court orders, or other legal processes). We may also provide access to your Personal Data to protect our rights and property and those of our agents, clients, and others, including to enforce our agreements and policies.

  • In connection with a sale or other transfer of our business – In the event all or some of our assets are sold, assigned, or transferred to or acquired by another company due to a sale, merger, divestiture, restructuring, reorganization, dissolution, financing, bankruptcy, or otherwise, your Personal Data may be among the transferred assets.

  • As we may describe to you when collecting your Personal Data – There may be other situations when we collect your Personal Data and simultaneously describe the purpose for that collection.

  • Lawful Basis

We only collect, use, or store your Personal Data for a lawful basis such as:

  • You voluntarily provide it to us with your specific, informed, and unambiguous consent;

  • It is necessary to provide you with a Service that you have requested;

  • We have a legitimate business interest that is not outweighed by your privacy rights; or

  • It is necessary to protect your vital interests or the vital interests of others.

6. In what situations do we disclose your Personal Data?
We may disclose your Personal Data:

  • To our clients who you are employed by or otherwise contracted with;

  • To our subsidiaries and affiliates;

  • To our lawyers, consultants, accountants, business advisors, and similar third parties who owe us duties of confidentiality;

  • To a buyer or other successor in the event of a sale, merger, divestiture, restructuring, reorganization, dissolution, or other transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Data held by us pertaining to the users of the Services is among the assets transferred;

  • To comply with any court order, law, or legal process, such as responding to a government or regulatory request;

  • To enforce any contract we may have in effect with our clients or you;

  • If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of us, our clients, or others; or

  • If you have consented to such a disclosure.

7. How is my Personal Data protected?
Our Retention, Purpose Limitation, and Security Policies

We protect your Personal Data through a combination of collection, security, and retention policies.

  • Limited retention. We only keep your Personal Data for as long as we need it for business and operational needs or to comply with any statutory, regulatory, or legal obligations.

  • Purpose limitation. We will use your Personal Data only for the Services you choose to access and for the purposes for which you choose to share it.

  • Security measures. We use appropriate measures to ensure a level of security appropriate to the risk involved and have implemented contractual, technical, administrative, and physical security measures designed to protect Personal Data from unauthorized access, disclosure, use, and modification. As part of our privacy compliance processes, we review these security procedures on an ongoing basis to consider new technology and methods as necessary. However, please understand that our implementation of security measures as described in this Policy does not guarantee the security of your Personal Data.
    o In the event of a security breach, we will notify the proper regulatory authorities and any affected users of the breach within 72 hours after we become aware of the breach.

8. How do we treat Personal Data transferred to the United States?

Place of Business

We may store or process your Personal Data outside of the country where we collect the information or the country in which you reside. Our primary place of business is in the United States. You should understand that we may transfer some or all of your Personal Data to the United States to carry out certain operational and processing needs as described in this Policy.

Transfer Mechanisms

When transferring Personal Data out of foreign territories, we implement technical, organizational, and physical safeguards to protect your Personal Data. We use European Commission approved standard contractual clauses and implement related measures where required by applicable law. Please contact us if you have questions related to the relevant transfer mechanism for your Personal Data. 

9. What rights do you have to your Personal Data? 

Right to Access, Correct, Delete, or Restrict Processing

Subject to any limitations and exceptions under applicable law, you have the right to request access to your Personal Data and exercise the following rights:

  • You have the right to correct or update certain types of Personal Data.

  • You have the right to request deletion of your Personal Data. If you choose to have your Personal Data removed from the Services, we will carry out your request within 30 days of account verification, subject to extension, and we will only retain minimal Personal Data to document your request and the actions we took to carry out your request.

  • You have the right to restrict certain processing of your Personal Data and the right to object to some types of processing of your Personal Data.

  • You have the right to withdraw your consent at any time.

We will comply with your requests in accordance with, and subject to, applicable law. For example, we are not required to delete your Personal Data if we have an overriding legitimate ground for retaining that information, such as to prevent fraud. Please note that we are legally prohibited from carrying out requested actions in some instances, including (1) when we are unable to confirm your identity and (2) where doing so would adversely affect the rights or freedoms of other individuals. Further, we are not required to carry out a requested action in some instances, including where the request is considered excessive.

We Are Here to Help
Please email us at privacy@curtahealth.com with the subject line “Privacy Request” if you would like to exercise any of the rights described above or if you have questions regarding your rights.

Right to Complain
You have the right to lodge a complaint regarding our collection, storage, or processing of your Personal Data with a data protection supervisory authority in the country where you live or work.

10. How will we notify you of changes to this Policy?
We reserve the right to change this Policy from time to time consistent with applicable law. If we make changes to this Policy, we will notify you by revising the date at the top of this Policy, and in some cases, we may provide you with additional notice (such as sending you an email notification).

11. How can you contact us?
If you have questions, you may email us at privacy@curtahealth.com.