Privacy Policy

** eero max speeds are derived from IEEE specifications. Coverage varies based on normal use and building conditions. Actual range and performance can vary. See eero.com/legal for more details. ©2023 Amazon.com, Inc. or its affiliates. eero and all related marks are trademarks of Amazon.com, Inc. or its affiliates. Amazon.com c/o eero LLC, 660 3rd St., San Francisco, CA.

***Maximum wireless transmission rates are the physical rates derived from IEEE Standard 802.11 specifications. Range, coverage, and maximum quantity of connected devices are based on test results under normal usage conditions. Actual wireless data throughput, wireless coverage, and quantity of connected devices are not guaranteed. Use of Wi-Fi 6E, and features including OFDMA, 1024-QAM, and HE160 requires clients to also support the corresponding features.

†Unlimited Digital Voice requires Internet service to function. If Internet is canceled customer must subscribe to Unlimited Voice (non-Digital) service to retain Voice service. Your Frontier Digital Voice service, including 911 service, requires electrical or battery backup power to function. During a power outage, you may not be able to make calls, including to 911, without backup power for the Residential Gateway (RG) and/or the Optical Network Terminal (ONT), or an alternate means of calling. Optional battery backup can be purchased separately at frontier.com/batterybackup. Includes direct dialed local and long distance calls to the US, Canada and Mexico. Other call types excluded. Restrictions apply.

‡Hours are subject to change. My Premium Tech Pro is a best effort service and may not always be able to solve every problem, despite best efforts by its technicians. For Fiber 5 Gig customers, the My Premium Tech Pro subscription is provided at no charge and required for as long as Fiber 5 Gig remains on the account.

Exclusive offer for qualified addresses. For new residential Internet customers only. Max speeds are wired, Fiber 1 Gig location dependent. Wi-Fi, actual & average speeds vary. Max speed capable range for Fiber 500 (450-500 Mbps download/upload), Fiber 1 Gig (846-1000 Mbps download, 792-1000 Mbps upload), Fiber 2 Gig (1800-2000 Mbps download/upload) and requires 2 Gbps capable devices and wiring. Fiber 5 Gig (4500-5000) and requires 5 Gbps capable devices and wiring. Performance details: frontier.com/internetdisclosures Requires Auto Pay using bank account. Auto Pay with credit debit card $5/mo. more, and without Auto Pay $10/mo. more. Printed bill available for up to $3.49/mo. Fee does not apply to select customers. A $50 equipment restocking fee per household applies when Internet is disconnected. A fee up to $150 per device for Fiber 500, 1 Gig, and 2 Gig, and up to $400 for Fiber 5 Gig also applies if equipment is not returned. Other applicable charges and additional services are extra. Subject to availability. Price and terms subject to change. Cannot be combined with other offers. Other restrictions, Frontier policies and service terms apply.

Please be assured that your privacy is of utmost importance to us. We are committed to complying with all applicable data privacy laws including, but not limited to, the EU General Data Protection Regulation (GDPR), including the GDPR as it forms part of the laws of England, Wales, and Northern Ireland by virtue of Section 3 of the European Union (Withdrawal) Act 2018 (UKGDPR), the UK Data Protection Act 2018 (UKDPA), the Swiss Federal Act on Data Protection (FADP) regarding personal information collected and processed concerning residents of the European Union and European Economic Area, the United Kingdom, and Switzerland (the “Data Privacy Requirements”). The specific practices outlined in this privacy statement apply to websites, solutions and services maintained by or on behalf of the Company and that display this policy. Additional information regarding the Company’s processing of the personal information of residents of Australia and the State of California is available at Privacy Rights of Residents of Australia and Privacy Rights of California Residents

Some of our web pages contain links to web sites operated and maintained by others outside the Company. Please be aware that when you follow a link to another site, you are then subject to the privacy policies of the new site. We have no control over the privacy practices of websites or applications that we do not own and we encourage you to review their privacy practices.

Who is the Controller for the Personal Information Processed?

A “controller” is a person or organization who, alone or jointly, determines the purposes for which, and the manner in which, any personal information is, or is likely to be, processed. This policy is issued on behalf of Metrix Services , Inc. f/k/a TRG Customer Solutions, Inc., of 1717 Pennsylvania Avenue NW, Suite 825, Washington, DC, 20006. Unless we notify you otherwise, Metrix Services , Inc. f/k/a TRG Customer Solutions, Inc. is the controller of your personal information.

We may also, in some circumstances, act as a processor of personal information. Where we are acting in the capacity of a data processor, we only process your personal information to the extent, and in such a manner, as is necessary for the business purposes in accordance with the controller’s (our business customer) written instructions. We will not process your personal information for any other purpose or in a way that does not comply with the controller’s written instructions or the applicable data protection legislation. This privacy policy does not cover the activities that we undertake on behalf of our clients and in which we act as data processor. Should you wish to inquire about the data processing we undertake for any of our clients, or wish to assert your data protection rights regarding that processing, please contact the relevant client directly.

All questions, concerns, or complaints should be directed to the Company’s Data Privacy Office

What Personal Information We Collect

The Company does not engage in sales directly to consumers acting in an individual or household capacity (“consumers”). As such, the information the Company collects about consumers is limited.

Generally speaking, we collect the following information relating to you and/or your use of our sites or services:

Contact details and account information (e.g., name, title of business contact, address, e-mail, phone number).
Financial information (e.g., payment method and history, accounts payable) from our business customers and vendors.
Commercial and purchase information (e.g., purchase history).
Automatically collected information (e.g., information that is automatically logged and combined about you, your device, and your interaction over time with the websites, services, and online resources, including browser and device information, IP addresses, information collected through cookies, pixel tags and other technologies, such as the address of the page you are visiting, the time you are viewing the page, your browsing environment, and your display settings).
Other information you may choose to provide (e.g., instructions, comments and opinions you provide when you contact us directly by email, online forms, telephone or mail, survey responses when you choose to participate in a survey, and any other information that you choose to provide to us when you interact with us such as when you register for events or subscribe to publications).

Why We Process Personal Information

The Company and its service providers and business partners process personal information for the following purposes and legal grounds:

Providing our products and services and communicating with our business customers about them (contractual requirement, legal obligation, or legitimate business interests). The Company collects and processes the personal information of the individuals working for our customers so that we can enter into and perform contracts with our customers to provide our products and services and communicate with our customers about the same.
Working with our vendors (contractual requirement or legitimate business interests). The Company collects and processes the personal information of the individuals working for our vendors so that we can enter into and perform contracts with our vendors to support our provision of products and services.
Enhancing the customer experience for the benefit of our business customers (consent or legitimate business interests). The Company collects and processes personal contact information and business contact information about individuals who purchase products and services from our business customers as well as their impressions of their purchase experience and experience with the products and service. This personal information is used to identify products and services that may be of interest to our customers and to provide them with information regarding the same.
For marketing and advertising purposes (consent or legitimate business interests). We use your personal information to do things like send you information relating to our products and services that may be of interest to you and to otherwise provide you with our marketing and advertising materials or to engage in customer generation and acquisition activities. We may engage third-party advertising providers to display our ads on their online services. For more information, please see the “Cookies” and “Marketing and Exercising your Right to Opt-Out of Marketing” sections below.
Maintaining and improving the functionality of our websites and services (consent or legitimate business interests). We use your personal information to do things like provide our websites and services’ functionality to you, such as arranging access to your account and providing you with related client services. We use the personal information that we collect to do things like measure the number of visitors to the different areas of our sites, and to help us improve our sites and services and make them more useful to users. This includes analyzing these logs periodically to determine the traffic through our servers, the number of pages served, and the level of demand for pages and topics of interest. For more information, please see the ‘Cookies” section below.
Meeting our legal, regulatory, and contractual obligations (legal obligation, contractual requirement, and legitimate business interests). We use your personal information to do things like comply with applicable laws and regulations, exercise and protect our legal rights, and comply with our contractual obligations with our affiliates, service providers, business partners, and other third parties.

Recipients of Personal Information

We disclose personal information as follows:

To Affiliates and Subsidiaries. Personal information may be disclosed to Company affiliates and subsidiaries as necessary to fulfill the purposes described in this Privacy Policy.
To Service Providers, Business Partners, and Other Third Parties. Personal information may be disclosed to our third party service providers and business partners to perform services for us. These can include providers of services such as website hosting, targeted advertising services, products and services-related consulting and monitoring, data analysis, information technology and related infrastructure provision, customer service, email delivery, auditing, fulfilling orders, payment/billing, finance, fraud prevention, logistics, sales, event management, training, surveys, printing, archiving, or to fulfill the purpose for which you have provided it and other related services. We may also disclose your personal information to other third parties as necessary or appropriate in the ordinary course of business, such as:
- To comply with applicable law and regulations, including laws outside your country of residence;
- To private and public entities and institutions, including debt collectors, courts, or other companies insofar as there is a relevant legal basis for such disclosure;
- For other legal reasons such as to enforce our terms and conditions and to protect our rights, privacy, safety or property, and/or that of our affiliates, you or others; and
- In connection with a sale, merger, or business transaction.
Disclosures to public and government authorities. The Company may be required to disclose personal information in response to lawful requests by public and government authorities to comply with national security or law enforcement requirements.

Cookies

We and our third-party service provider partners use cookies and similar technologies (“Cookies”) when you use our websites, platforms, applications or other products and services. Cookies are small text files that web servers place on a user’s hard drive. Our consent management system shows you a list of the cookies we use, including their provider, purpose, description, and other relevant information. In the default setting, only essential cookies are enabled for residents of the European Economic Area, United Kingdom, and Switzerland. Through the consent management system, you can determine whether you consent to the setting of additional cookies or not. You can adjust your preferences at any time through the consent management system. These cookies are on by default for U.S. residents, who may be able to opt out where that right is provided for by law.

For further information about our use of cookies, including a categorized list of each of the cookies we use, please visit our consent management system which can be accessed by clicking the cookie icon on the lower right side of our website.

Our third-party providers may use the cookies and information collected through them to recognize your end device on other websites. We can instruct the respective third-party providers to display advertising that is based on the visit or use of our websites, platforms, applications or other products and services. If you register with the third-party provider using your own user data, the respective recognition characteristics of different browsers and end devices can be aligned with each other. If the third-party provider generated a separate characteristic for the laptop, desktop, smartphone or tablet you use, these individual characteristics can be associated with each other as soon as you use a service of a third-party provider with your login information. This way, the third-party provider can effectively manage our advertising campaigns across different end devices.

You can modify your cookie settings or turn off all or certain types of cookies by adjusting your browser settings. You can also manage your cookie preferences via our consent management system.

Marketing and Exercising Your Right to Opt-Out of Marketing

In jurisdictions where express consent is legally required, we will not use your personal information to send you marketing materials if you have not expressly consented to receive them. If you request that we stop processing your personal information for marketing purposes, we shall stop processing your personal information for those purposes where required by applicable law. In all jurisdictions, you can opt out of direct e-mail marketing by clicking the “unsubscribe” link in the email. We would encourage you to make such requests via the forms and links provided for that purpose in the marketing materials we send you by contacting our Data Privacy Office by e-mail at info@MetrixServices.us

Our marketing-related communications may contain tracking technology so that we can tailor the content of our marketing-related communications more closely to the personalized needs of recipients. Those tracking technologies include, for instance, miniature graphics embedded in an e-mail sent in HTML format that enable analysis of whether and when the relevant e-mail was opened, and which links contained in the e-mail were followed.

The personal data collected using tracking pixels are stored by us and statistically analyzed to optimize the marketing-related communications service as described above. The user may withdraw his/her consent to marketing-related communications tracking at any time.

We Also Collect and Use Non-Personal Information

In addition to personal information, we collect and store anonymized data (“non-personal information,” such as search engine queries and anonymous survey responses, to help us better understand and meet the needs of our visitors. We may share non-personal information with others, including the public, in aggregated form (for instance, in a list of our most popular search engine queries), in partial or edited form (such as in a report summarizing responses to a questionnaire), or verbatim (for example, in a complete listing of survey responses).

Data Subject Rights of EEA, Swiss, and UK Residents

Residents of certain jurisdictions, including the European Economic Area (EEA), Swiss, and UK residents, may have the following rights regarding their personal information:

Right of Access / Right to Know: You have the right to obtain confirmation from the Company as to whether or not personal information concerning you is being processed and to obtain information, including about how, what when, why and for how long your personal information is processed and to whom it is disclosed. You have the right to access your personal information and to receive a copy of the data.
Right to Rectification: You have the right to request the Company to correct inaccurate personal information and to complete incomplete personal information.
Right to Erasure (Right to be Forgotten): You have the right to request the Company to erase personal information concerning you where your personal information is no longer needed for the purposes for which it was collected or processed or has otherwise been improperly processed.
Right to Object: You have the right to object to the processing of your personal information if the processing is based upon the Company’s legitimate interest or for the performance of a task carried out in the public interest, including any profiling based on such processing, or if the processing is for direct marketing.
Right to Restrict Processing: You have the right to request the Company to restrict the processing of your personal information while your data subject rights requests are being investigated and answered.
Right to Portability: You have the right to receive personal information that you have provided to the Company and transmit such personal information to another entity where the processing of such personal information is based on consent and is processed by automated means. Additionally, you have the right to require the Company to transmit such personal information directly to another entity, where technically feasible.
Right not to be Subject to Automated Decision-Making, Including Profiling: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or significantly affects you. Automated decision-making is not a process currently used by the Company with respect to individuals who are not our prospective or current employees. If you are a prospective, current, or former Company employee, please consult our HR Privacy Policy for more information about the rights you may have regarding your personal information.
Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority as described herein if you believe that the processing of your personal information infringed on applicable data protection regulations.

Right to Withdraw Consent: Where the processing of your personal information is based upon your consent, you have the right to withdraw your consent at any time, with effect for the future.

To make a subject access request, you should send the request to our Data Protection Officer by sending an email to info@metrixservices.us. In some cases, the Company may need to ask for proof of identification before the request can be processed. The Company will inform you if it needs to verify your identity and the documents it requires. The Company normally will respond to a request within a period of one month from the date it is received. In some cases, such as where the Company processes large amounts of an individual's personal information, it may respond within three months of the date the request is received. The Company will write to you within one month of receiving the original request to tell you if this is the case.

The EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss –U.S.DPF

This certification covers the following Company entities:

Metrix Services , Inc. complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Metrix Services , Inc. has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. Metrix Services , Inc. has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

International Transfers

The Company relies upon the DPF certification for cross-border transfers of personal information, but takes additional steps to protect personal information. We ensure at least one of the following safeguards is implemented, which require the recipient to treat the personal information in accordance with all applicable Data Privacy Requirements:

we transfer your personal information to countries that have been deemed to provide an adequate level of protection for personal information by the European Commission (in the case of transfers out of the EEA) or the UK Government (in the case of transfers out of the UK); and/or
where we use certain service providers, we may use specific contracts approved by the European Commission (in the case of transfers out of the EEA) and/or the UK Government (in the case of transfers out of the UK), in both cases which give personal information the same protection it has within the EEA and/or UK as applicable.

In addition to the protections provided under other sections of this Data Privacy Policy, the Company will provide the following protections for personal information transferred from the EU, UK or Switzerland to the U.S.:

Choice

You will be offered a clear, conspicuous, and readily available mechanism to choose (opt out) whether your personal information is (1) to be disclosed to a third party (other than a third party acting as an agent to perform tasks on behalf of and under the instruction of the Company or (2) to be used for a purpose that is materially different than or incompatible with the purpose for which it was originally utilized or subsequently authorized by the individual.

Additionally, you will be offered a similar choice mechanism to give affirmative or explicit (opt in) choice whether your sensitive personal information is to be disclosed to a third party or used for a purpose other than the purposes for which it was originally collected or subsequently authorized by the individual by opt-in choice. However, explicit (opt in) choice is not required when the disclosure of the sensitive personal information is (1) in the vital interests of the individual or another person; (2) necessary for the establishment of legal claims or defenses; (3) required to provide medical care or diagnosis; (4) necessary to carry out the organization’s obligations in the field of employment law, or (5) related to personal information that is manifestly made public by the individual.

Transfer of Personal Information from the UK, EEA, or Switzerland to Processors in the U.S.

The Company’s EEA, UK and Swiss entities may transfer personal information to a processor in the United States solely for processing purposes. A “processor” is a third party who processes personal information on behalf of and in accordance with the instructions of the Company’s EEA, UK and/or Swiss entities. When personal information is transferred from the EEA, UK and/or Switzerland to the United States solely for processing purposes, the Company’s EEA, UK and/or Swiss entities will comply with the applicable data protection laws, including the GDPR, UKGDPR, UKDPA, and/or FADP, respectively, and enter into a contract with the processor to ensure that the processor (1) acts only on instructions of the Company’s EEA, UK and/or Swiss entities; (2) provides appropriate technical and organizational measures to protect the personal information against unlawful destruction or accidental loss, alteration, unauthorized disclosure or access; and understands whether onward transfers are allowed; and (3) assists the Company’s EEA, UK and/or Swiss entities in responding to individuals exercising their rights under the DPF principles, taking into account the nature of the processing.

Onward Transfers to Third Party Agents

After personal information is transferred from the EEA, UK, and/or Switzerland to Company entities in the United States, the Company may thereafter transfer the personal information to third parties acting as controllers. A “controller” is a person or organization which, alone or jointly with others, determines the purposes and means of the processing of personal information. Examples of third party controllers may include banks and healthcare providers, or management personnel in other Company offices outside of the U.S. When the Company makes such onward transfers to third party controllers, the Company will comply with the DPF notice and choice principles and enter into a contract with the third party controller that provides that (1) such personal information may be processed only for limited and specified purposes consistent with the consent provided by the individual; (2) the third party controller will provide the same level of protections as the DPF principles; (3) the third party controller will notify the Company if the third party can no longer meet its obligation to provide the same level of protection for the personal information as required by the DPF principles; and (4) upon such notice by the third party controller, the third party controller will cease processing the personal information and/or take reasonable and appropriate steps to remediate any unauthorized processing.

Onward Transfers to Public Authorities

The Company may be required to disclose personal information in response to lawful requests by public authorities to comply with national security or law enforcement requirements.

Verification

The Company has verified and will verify annually through self-assessment that the attestations and assertions made about its DPF privacy practices are true and that those privacy practices have been implemented as represented and in accordance with the DPF principles. This verification has been and will be signed by an officer of the Company or other authorized representative of the Company at least once a year and is available upon request by individuals or in the context of an investigation or a complaint about non-compliance. The verification includes the following:

That the Policy is accurate, comprehensive, prominently displayed, completely implemented and accessible;
That the Policy conforms to the DPF Principles;
That individuals are informed of any in-house arrangements for handling complaints and of the independent mechanisms through which they may pursue complaints;
That it has in place procedures for training employees in the implementation of this Policy and disciplining them for failure to follow it;
That it has in place internal procedures for periodically conducting objective reviews of compliance with the above.

Recourse Mechanisms For Personal Information Transferred Under the DPF

Inquiries or complaints regarding transfers of personal information from the EEA, UK or Switzerland to the U.S. pursuant to the DPF should be directed to our Data Privacy Office by e-mail at info@metrixservices.us.

If a complaint remains unresolved, EEA residents should contact the state or national data protection authority in the jurisdiction where they reside for resolution. A listing of the EU Data Protection Authorities (DPAs) is located at: http://ec.europa.eu/justice/data-protection/article-29/structure/data-protection-authorities/index_en.htm.

Individuals in Switzerland should contact the Swiss Federal Data Protection and Information Commissioner (the Commissioner) for resolution. Information regarding the Commissioner is located at: https://www.edoeb.admin.ch/?lang=en.

Individuals in the UK should contact the UK’s Information Commissioner’s Office (the ICO). Information about the ICO is located at www.ico.org.uk.

In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, the Company commits to cooperate and comply, respectively, with the advice of the panel established by the EU data protection authorities (DPAs), the UK Information Commissioner’s Office (ICO) and the Gibraltar Regulatory Authority (GRA), and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of personal information received in reliance on the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF. In the event that the DPAs, the ICO and/or the Commissioner determines that the Company did not comply with this Policy or DPF principles, the Company will take appropriate steps to address any adverse effects and to promote future compliance, comply with any advice given by the DPAs, the ICO and/or the Commissioner with regard to data transferred from the EU, UK and/or Switzerland where the DPAs, the ICO and/or the Commissioner has determined that the Company needs to take specific remedial or compensatory measures for the benefit of individuals affected by any non-compliance with this Policy or the DPF principles, and provide the DPAs, the ICO and/or the Commissioner with written confirmation that such action has be taken.

Under certain conditions specified by the DPF Privacy Principles, you may also be able to invoke binding arbitration to resolve your complaints regarding DPF compliance not resolved by any of the other DPF mechanisms. Please reference Annex I of the DPF for additional information: https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf?tabset-35584=2.

Enforcement

The Federal Trade Commission has jurisdiction over the Company’s compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF).

Liability

In the context of an onward transfer of personal information, the Company has responsibility for the processing of personal information it receives under the DPF and subsequently transfers to a third party agent. The Company will remain liable under the DPF principles if its third party agent processes such personal information in a manner inconsistent with the DPF principles, unless the Company proves that it is not responsible for the event giving rise to the damage.

Training

All employees who handle personal information transferred from the EEA, UK or Switzerland to the U.S. will receive training regarding the data privacy principles and procedures under DPF Principles and this Policy.

Data Security and Storage Limitation

The Company takes the security of personal information seriously. The Company has internal policies and technical measures in place to protect personal information against loss, accidental destruction, misuse or disclosure. Such internal policies and technical measures include:

The use of pseudonymization and encryption of personal information where appropriate;
Procedures and controls to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services;
Procedures and controls to restore the availability and access to personal information in a timely manner in the event of a physical or technical incident;
Procedures for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing; and
Procedures to ensure that data is not accessed, except by employees in the proper performance of their duties.

For site security purposes and to ensure that the services remain available to all users, this computer system employs software programs to monitor network traffic to identify unauthorized attempts to upload or change information, or otherwise cause damage to the information on our websites. Unauthorized attempts to upload information or change information on this service are strictly prohibited and may be punishable under the Computer Fraud and Abuse Act of 1986.

The Company retains personal information only for the period of time necessary to meet the purposes for which it was collected, to fulfil the legitimate business interests of the Company, to comply with any data retention laws or legal requirements, and to assert the Company’s rights or defend against claims. The criteria used to determine our retention periods include: (1) the length of time we have an ongoing relationship with you and provide products or services to you, (2) whether there is a legal obligation to which we are subject, and (3) whether retention is advisable in light of our legal rights (such as in regard to applicable statutes of limitations, litigation, or regulatory investigations). We may destroy, de-identify, or anonymize the information when it is no longer needed in identifiable form.

When the Company engages third parties to process personal information on its behalf, such third parties are required by contract to process the personal information based on the Company’s written instructions, are under a duty of confidentiality, and are required to implement appropriate technical and organizational measures to ensure the security of the personal information.

When the Company shares personal information of EEA, UK or Swiss residents with affiliated companies, vendors, and business customers located outside of the EEA, UK or Switzerland, such as the U.S., the Company uses appropriate safeguards such as standard contractual clauses to protect the personal information.

Children’s Privacy

Our websites and services are not intended for or designed to attract children under the age of 18, and we will not knowingly solicit or collect personal information from children we actually know are under 18.

Changes to Our Privacy Policy

It is our policy to post any changes we make to our privacy policy on this page. If we make material changes to how we handle personal information, we will provide notice of the changes on the website home page.

Questions and Concerns

Any questions or concerns regarding how the Company processes personal information should be directed to our Data Privacy Office by e-mail at info@metrixservices.us

Dispute resolution: If for some reason you believe this site has not adhered to these principles, please notify our Data Protection Officer at info@metrixservices.us. If our web pages are not fully in compliance with our stated policies, they will be corrected. For your convenience, you may contact our European Local Representative as required under GDPR Article 27 at: https://verasafe.com/public-resources/contact-data-protection-representative or at the following address: VeraSafe Netherlands BV, Keizersgracht 391 A, 1016 EJ Amsterdam, The Netherlands.

Our Local Representative in the United Kingdom can be reached at: https://verasafe.com/public-resources/contact-data-protection-representative or at the following address: VeraSafe United Kingdom Ltd., 37 Albert Embankment, London SE1 7TL, United Kingdom.

EEA, UK and Swiss residents also have the right to lodge a complaint with the local or national data protection authority in the jurisdiction where they reside. A listing of the EU Data Protection Authorities (“DPAs”) is located at: http://ec.europa.eu/justice/data-protection/article-29/structure/data-protection-authorities/index_en.htm.

Individuals in the UK should contact the UK’s Information Commissioner’s Office (the ICO). Information about the ICO is located at www.ico.org.uk.

Addendum: Privacy Rights of Residents of Australia

The Privacy Act 1988 (Cth) (Privacy Act), the Australian Privacy Principles (APPs), and binding codes issued under the Privacy Act, govern the way we manage your personal information. In Australia, “personal information” is any information or opinion about a person, who is identified or reasonably identifiable, whether or not that information or opinion is true.

Types of information collected

The personal information that we collect and hold about you depends on your interaction with us.

The kinds of information we typically collect is included under the ‘What information we collect’ section of this document and may include other information relevant to providing you with the goods and services you are, or someone else you know is, seeking.

Sensitive information is any information or an opinion about an individual’s racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual orientation or practices or criminal record that is also personal information. Sensitive information also includes health information about an individual, genetic information about an individual that is not otherwise health information, biometric information that is to be used for the purpose of automated biometric verification or biometric identification or biometric templates.

We will only collect such sensitive information when you have voluntarily submitted this information to us (which we will take to constitute your consent to its collection) or we otherwise have your consent for us to do so. We will only collect this sensitive personal information if it is reasonably necessary for us to pursue one or more of our functions or activities, or where the information is required or authorised by law or necessary for the establishment, exercise or defence of a legal claim.

We may disclose your sensitive information to third parties for the same reason for which that information was collected by us, or as otherwise permitted by law.

Method of collection

We generally collect personal information directly from you through the use of any of our standard forms, through our website, social media accounts, in person, via email or over the phone.

There may, however, be some instances where personal information about you will be collected indirectly because it is unreasonable or impractical to collect personal information directly from you. We will usually notify you about these instances in advance, or where that is not possible, as soon as reasonably practicable after the information has been collected.

If we receive unsolicited information about you that we do not ask for or which is not directly related to our functions or activities, we may be required to destroy or de-identify that information, provided it is lawful and reasonable to do so.

When we collect personal information from third parties, we rely on that third party to tell you that they have disclosed it to us.

Failure to provide information

If the personal information you provide to us is incomplete or inaccurate, we may be unable to provide you, or someone else you know, with the services you, or they, are seeking.

Legal requirements

We collect personal information to assist us to fulfil our legal and regulatory obligations, including under the Corporations Act 2001 (Cth), the Competition and Consumer Act 2010 (Cth) and the A New Tax System (Goods and Services Tax) Act 1999 (Cth).

Overseas disclosure

We may disclose your personal information to third parties outside Australia, including our related bodies corporate, vendors, business partners or other third parties solely for our business purposes, including to the USA.

Direct Marketing

We (or third parties on our behalf) may send you direct marketing communications and information about our products and services. This may take the form of emails, SMS, mail or other forms of communication, in accordance with the Spam Act and the Privacy Act. You may opt-out of receiving marketing materials from us by contacting us using the details set out below or by using the opt-out facilities provided (for example, an unsubscribe link).

Security of information

We may hold your personal information in either electronic or hard copy form. We take the security of your personal information very seriously and will take such steps as are reasonable in the circumstances (including through physical, technical and administrative means) to protect your personal information from loss, interference, misuse, unauthorised access, modification or disclosure as required by law in Australia. These steps may include access controls, encryption and secure premises. However, no data transmission over the internet can be guaranteed to be totally secure and we cannot guarantee that such transmission will be secure.

Children’s Privacy

Access to information

You may access the personal information we hold about you, upon making a written request. We will respond to your request within a reasonable period. We may charge you a reasonable fee for processing your request (but not for making the request for access).

We may decline a request for access to personal information in circumstances prescribed by the Privacy Act, and if we do, we will give you a written notice that sets out the reasons for the refusal (unless it would be unreasonable to provide those reasons), including details of the mechanisms available to you to make a complaint.

If, upon receiving access to your personal information or at any other time, you believe the personal information we hold about you is inaccurate, incomplete or out of date, please notify us immediately. We will take reasonable steps to correct the information so that it is accurate, complete and up to date.

If we refuse to correct your personal information, we will give you a written notice that sets out our reasons for our refusal (unless it would be unreasonable to provide those reasons), including details of the mechanisms available to you to make a complaint.

Complaints and Feedback

If you wish to make a complaint about a breach of the Privacy Act, the APPs or a privacy code that applies to us, please contact us using the details below and we will take reasonable steps to investigate the complaint and respond to you.

If after this process you are not satisfied with our response, you can submit a complaint to the Office of the Information Commissioner. To lodge a complaint, visit the ‘Complaints’ section of the Information Commissioner’s website, located at http://www.oaic.gov.au/privacy/privacy-complaints, to obtain the relevant complaint forms, or contact the Information Commissioner’s office.

If you have any queries or concerns about our privacy policy or the way we handle your personal information, please contact us at:

Street address: 46 Stonegate Ln Streamwood IL 60107

Email address: metrixservices.us

Telephone: 1-855-960-8778

Website: metrixservices.us

For more information about privacy issues in Australia and protecting your privacy, visit the Australian Federal Privacy Commissioner's web site http://www.privacy.gov.au/.

Addendum: Privacy Rights of California Residents

This part of this policy is intended to comply with data privacy laws and regulations, including the California Consumer Privacy Act as amended by the California Privacy Rights Act and its implementing regulations (collectively, the “CCPA”), that are applicable to residents of the State of California.

Collection

In the preceding 12 months, depending on your interactions with us, we may have collected the following categories of personal information:

Identifiers, such as name, alias, postal address, unique personal identifier (e.g., device identifier, unique pseudonym, or user alias/ID), online identifiers, IP addresses, email address, and other similar identifiers.
Categories of personal information described in California Civil Code § 1798.80, such as name, signature, telephone number, or financial information such as bank account number, credit card number or debit card number, or other financial information.
Internet or other electronic network activity information, such as information about your device(s) when accessing our websites and services and your usage details relating to our websites and services, information you provide when filling in forms on our websites and services, or information you provide when requesting further information, products, or services from us.
Professional and employment-related information, such as information relating to your position, (e.g., job title, job description, or department), employment status, employment history, or business email address.
Commercial Information, such as records of products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
Geolocation data, such as time and physical location related to use of an internet website, application, device, or physical access to an office location.
Sensory or surveillance information, such as call monitoring.
Inferences and profiles based on other personal information, such as information about your behavior, preferences, characteristics, psychological trends, or predispositions.
Other information you choose to provide.

We do not collect or process sensitive personal information (as that term is defined by the CCPA) for the purpose of inferring characteristics about individuals.

Sources of Personal Information

The Company collects or receives, and during the 12 month period prior to the effective date of this Policy, may have collected or received personal information:

Directly from you when you provide it to us;
From third parties, such as our service providers and business partners; and
Automatically and indirectly from you, such as through logging and analytics tools, cookies, pixel tags, and other similar technologies.

“Sales,” “Sharing,” and Disclosures of Personal Information for a Business Purpose

Our business model does not include selling your personal information, such as your name, email address, phone number, postal address, or online activity, to third parties in exchange for money. However, we do share online activity, such as cookies and the advertising identifier associated with your computer or mobile device, with our advertising partners to show ads that are targeted to your interests. Under California law, sharing personal information with partners in exchange for some benefit, such as providing more relevant ads based on your information across websites, can be considered a “sale” or “sharing” in some circumstances. As such, we may be considered to “sell” or “share” or otherwise disclose your personal information for targeted or cross-context behavioral advertising. The information that we collect and may “sell” or “share” for cross-context behavioral advertising, and may have disclosed for those purposes in the preceding 12 months, include automatically collected information through our website, and the recipients of that information are social media platforms and other targeted advertising companies. California residents may opt out of the “sale” or “sharing” of personal information as described in the “Consumer Rights,” section discussed below. Please note that the right to opt out only applies to “sales” or “sharing” of personal information and does not restrict our ability to disclose information to third parties for valid business purposes.
We do not use, disclose, or otherwise process sensitive personal information for purposes other than those allowed by the CCPA as set out in Cal. Code Regs. tit. 11 § 7027(m).
We generally collect and disclose for a business purpose, and in the preceding 12 months we may have collected and disclosed for a business purpose, the categories of personal information listed above in “Collection,” for business or commercial purposes as described in ‘Why We Process Personal Information” to the categories of entities identified in “Recipients of Personal Information.”

California residents may opt out of the “sale” or “sharing” of personal information as described in “Consumer Rights,” below.

Consumer Rights

California residents have the following privacy rights regarding your personal information:

The right to know and right to access: The right to request, twice in a 12-month period, that we disclose the personal information we have collected about you, including the categories of personal information; the categories of sources from which the personal information is collected; the business or commercial purpose for collecting, selling, or sharing personal information; the categories of third parties to whom the business discloses personal information; and the specific pieces of personal information we have collected about you;
The right to delete: The right to request that we delete certain personal information that we have collected from you, subject to certain exceptions;
The right to correct: The right to request that we correct inaccurate personal information that we maintain about you;
The right of portability: You have the right of portability, or right to have us transfer your personal information to other persons or entities upon your request;
The right to opt out of sale or sharing: You have the right to opt out of the sale or disclosure of your personal information for cross-context behavioral advertising;
Non-Discrimination: The right not to be discriminated or retaliated against for exercising your privacy rights; and
Rights related to Automated Decision-making: Automated decision-making is not a process currently used by the Company with respect to individuals who are not our prospective or current employees. If you are a prospective, current, or former Company employee, please consult our HR Privacy Policy for more information about the rights you might have regarding your personal information.

You can exercise your privacy rights by submitting a request to us by emailing us at: info@metrixservicesus; calling us at: 1-855-915-2285; or asking our Data Privacy Office for a written request form. To help protect the security of your personal information, we will take steps to verify your identity before granting access to your personal information or complying with your request. We may require you to provide us with identifying information for you such as personal email address, personal telephone number, employee identification number, and/or other information that we can match with the personal information we have collected about you to verify your identity. If you ask us to provide you with specific pieces of personal information, we may require you to sign a declaration under penalty of perjury that you are the individual whose personal information is the subject of the request and provide appropriate proof of identity.

For requests to know or delete information about a child under the age of 13, we accept requests for information regarding minors under the age of 13 if we can determine that such requests were submitted by a parent or guardian.

You may use an authorized agent to exercise your privacy rights. We will require your authorized agent to provide us proof of your authorization, which may take the form of either: (1) a power of attorney authorizing the authorized agent to act on your behalf, or (2) your written authorization permitting the authorized agent to exercise your privacy rights on your behalf. Further, we may require you or your authorized agent to provide us with identifying information to verify your identity. We may also require you to either verify your own identity directly with us or directly confirm with us that you provided the authorized agent permission to submit the request.

Within 10 days of receiving your request to delete, correct, or know, we will confirm receipt of your request and provide information about how we will process your request. Generally, we will respond to your request within 45 days. If we need more time to respond, we will provide you with notice and an explanation of the reason we need more time to respond. We may deny your request if we cannot verify your identity or are legally permitted to deny your request. If we deny your request, we will explain the basis for the denial, provide or delete any personal information that is not subject to the denial, and refrain from using the personal information retained for any purpose other than permitted by the denial. We will maintain a record of your request and our response for 24 months. To the extent permitted by law, we may charge a reasonable fee to comply with your request if the request is manifestly unfounded, excessive, or repetitive.

As discussed above, we do not sell your personal information for monetary consideration. However, to the extent we “sell” or “share” your personal information (as those terms are defined under CCPA), California residents have the right to opt out of that “sale” or “sharing” on a going-forward basis at any time. To exercise this right, visit our consent management platform by clicking the cookie icon in the bottom right and disable the “Targeted Advertising” category if it is not already disabled.

You may also be able to restrict the collection of personal information through your device’s operating system or by disabling cookies, but doing so may prevent you from using the functionality of the websites. If your browser supports it, you can turn on the Global Privacy Control (GPC) to opt out of the “sale” or “sharing” of your personal information. We honor the GPC and other universal opt out signals where we are required to do so by applicable law, and we process these signals in a frictionless manner. These are signals you can send from your browser to a website to convey your choice to exercise certain opt-out rights granted by individual states. To download and use a browser supporting the GPC browser signal, click here: https://globalprivacycontrol.org/orgs. If you choose to use the GPC signal, you will need to turn it on for each supported browser or browser extension you use. However, please note that if you have the GPC signal enabled, you will not receive advertisements tailored to your interests.

Some internet browsers have a “Do Not Track” feature that lets you tell websites that you do not want to have your online activities tracked. Given that there is not a uniform way that browsers communicate the “Do Not Track” signal, our website does not currently interpret, respond to or alter its practices when it receives “Do Not Track” signals.

Even if you opt out of the sharing or processing of your California Personal Information for cross-context behavioral advertising, you may still see our ads online at other sites and apps, and we may still base aspects of ads on your interactions with us and the websites.

Data Retention

We will only retain your personal information for as long as necessary to carry out the processing activities described in this Policy, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements. Generally, we retain personal information for the duration of our relationship with you plus any legally required record or data retention period and/or any period of time necessary to exercise our legal rights, or to protect our, our employees’, and our business partners’ and clients’ rights, property, or safety and the rights, property and safety of others. Thereafter, we will securely destroy your personal information in accordance with the Company’s record retention policies.

In some circumstances, we may anonymize your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you.

Personal Information of Minors

As noted above, the Company does not sell or share personal information for individuals under the age of 16.

Security Incidents

We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

Questions

Questions, including requests for an alternate format or for an accommodation to access this privacy policy, should be directed to our Data Privacy Office by e-mail at info@metrixservices.us

This privacy policy was last updated on July 19, 2024.